bbb89dfee91ea3b28779df0234a52b12f41023dbd91ba19641122a1ae18119e3

Sharing

Copy URL

Twitter E-mail

General

Target

bbb89dfee91ea3b28779df0234a52b12f41023dbd91ba19641122a1ae18119e3
Size

37KB
MD5

76ebf2af21a70441b4d19f1d37b34b48
SHA1

993dfb7c9f83905fd92f2f67764ec31f6308fda3
SHA256

bbb89dfee91ea3b28779df0234a52b12f41023dbd91ba19641122a1ae18119e3
SHA512

3b61a9f84f473148b61eb6124066ae730fdfc815066c5ea4867f19e2ab135f53900f7875a3d92bc223ac43683befb8fa5bb0cc08380c623f46a6b114f8b13fb7
SSDEEP

768:tuhafe2RRSyjgCupqZm2SqCU2Q6cix04Kek5WcruUX5nptY:sMWWRPlH1Sy36pwndpnA

Score

N/A

Malware Config

Signatures

Files

bbb89dfee91ea3b28779df0234a52b12f41023dbd91ba19641122a1ae18119e3
.exe windows x86

530d5fd6c7f89db1ba3ed0dc85cd5c26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoFreeUnusedLibraries
CoCreateInstance
IIDFromString
CoInitializeSecurity
CoDisconnectObject
CoRevokeClassObject
CoGetMalloc
WriteClassStm
CoTaskMemAlloc
CreateStreamOnHGlobal
CoGetContextToken
StgCreateDocfile
CoUninitialize
OleInitialize
PropVariantClear
CoInitializeEx
CoReleaseMarshalData
CLSIDFromString
CoGetClassObject
CreateOleAdviseHolder
MkParseDisplayName
CoRevertToSelf

rpcrt4

IUnknown_QueryInterface_Proxy
UuidToStringA
RpcServerRegisterAuthInfoW
RpcBindingVectorFree
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
RpcServerRegisterIfEx
RpcBindingSetAuthInfoExW
NdrServerCall2
CStdStubBuffer_CountRefs
NdrOleAllocate
RpcStringFreeW
RpcServerUseProtseqEpW
CStdStubBuffer_QueryInterface
RpcStringFreeA
NdrClientCall2
NdrDllGetClassObject
RpcStringBindingComposeW
RpcServerUnregisterIf

advapi32

ConvertStringSidToSidW
OpenThreadToken
AddAce
OpenServiceW
RegDeleteKeyA
EqualSid
SetSecurityDescriptorGroup
CopySid
RegEnumKeyW
RegEnumValueA
RevertToSelf
RegOpenKeyW
InitializeAcl
RegCreateKeyExW
RegisterTraceGuidsW
CryptDestroyKey
CryptGetHashParam
CryptCreateHash
CryptAcquireContextW
GetTraceEnableFlags
CryptHashData
RegCreateKeyW
RegDeleteValueA
IsValidSid
CheckTokenMembership
ConvertStringSecurityDescriptorToSecurityDescriptorW
QueryServiceStatus
ReportEventW
CryptReleaseContext
RegQueryValueExA
RegisterEventSourceW
SetSecurityDescriptorOwner
GetSecurityDescriptorDacl
GetSidSubAuthorityCount
RegOpenKeyExA
DeleteService
LookupAccountNameW
DuplicateTokenEx

kernel32

GetCurrentThreadId
WaitForMultipleObjects
lstrcmpiW
ExpandEnvironmentStringsW
lstrcpyW
lstrcpynA
GetStringTypeA
FindFirstFileA
IsValidCodePage
DeleteFileA
GetStdHandle
GetLocaleInfoA
QueryPerformanceCounter
FormatMessageA
GetCurrentProcessId
GetDriveTypeW
GetFullPathNameW
GetLocalTime
SetHandleCount
ExitProcess
GetDriveTypeA
lstrcmpA
GetSystemTimeAsFileTime
GetSystemInfo
IsDebuggerPresent
GetThreadLocale
OpenEventA
RtlUnwind
TlsSetValue
VirtualAlloc
CreateDirectoryW
IsDBCSLeadByte
LoadLibraryA
RemoveDirectoryW
IsBadReadPtr
GetTickCount
InterlockedCompareExchange
CreateEventA
CreateFileA
LeaveCriticalSection
FlushFileBuffers
FindResourceW
InterlockedExchange
SetStdHandle
OpenMutexW
GetFileAttributesW
GetFileSize
GetLocaleInfoW

msvcrt

strncmp
_strnicmp
_write
fclose
_CxxThrowException
wcstoul
fread
atol
wcscat
_isatty
_unlock
_ultow
towlower
??3@YAXPAX@Z
_wtoi
_c_exit
printf
malloc
__set_app_type
_controlfp
__p__fmode
isleadbyte
__setusermatherr
__p__commode
isdigit
wcscspn
fflush
wcstol
memset
_itoa
swscanf
_snprintf
isspace
_cexit

user32

WinHelpW
LoadCursorW
KillTimer
DestroyMenu
GetKeyState
GetWindowDC
DrawFocusRect
PeekMessageA
GetWindowTextA
CharPrevW
CreatePopupMenu
IsChild
CharLowerW
CheckDlgButton
GetActiveWindow
LoadCursorA
GetDlgItemTextA
DrawIcon

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

530d5fd6c7f89db1ba3ed0dc85cd5c26

Headers

File Characteristics

Imports

ole32

rpcrt4

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 15KB - Virtual size: 36KB

.reloc Size: 512B - Virtual size: 488B

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 15KB - Virtual size: 36KB

.reloc
Size: 512B - Virtual size: 488B

.rsrc
Size: 4KB - Virtual size: 8KB