d3adba4ac29958c7819bc3e370d480b535635498163f050ba20031fbf20df101

Sharing

Copy URL Twitter E-mail

General

Target

d3adba4ac29958c7819bc3e370d480b535635498163f050ba20031fbf20df101
Size

371KB
MD5

73c1d2fb7a12dc430597f8f33fdc75cb
SHA1

217347e39984689b06f9d05c546a90a963162f0b
SHA256

d3adba4ac29958c7819bc3e370d480b535635498163f050ba20031fbf20df101
SHA512

045ba963b327fd7bf36dc5949c5659fbc706529a4f370d59f8f38d7a8599736e1cc31f428be972d1b023c14714e4006432510f5195d9980e4e186c81836d0d78
SSDEEP

6144:NVgi+YOo30NxGRxV58qJVPYnzaAxY35gd+Yn/9T9rbPCOLdjnM+9haAZY8n2AY4:NVT+toEyRDJtYnxd+Yn/9T9rbPCkZV2M

Score

N/A

Malware Config

Signatures

Files

d3adba4ac29958c7819bc3e370d480b535635498163f050ba20031fbf20df101
.exe windows x86

9f3504f2a7e8a779ad2b202f6456ab9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

TraceEvent
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegCloseKey
QueryServiceStatus
CloseServiceHandle
StartServiceW
OpenSCManagerW
OpenServiceW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
AllocateAndInitializeSid
FreeSid
GetLengthSid
CopySid
CheckTokenMembership
RegCreateKeyExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegDeleteValueW
RegSetValueExW
RegQueryValueExW

kernel32

InterlockedIncrement
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLocalTime
FormatMessageW
CreateProcessW
GetFullPathNameW
ExpandEnvironmentStringsW
GetFileAttributesW
FindNextFileW
FindFirstFileW
CreateDirectoryW
SetFilePointerEx
GetFileSizeEx
ReadFile
WriteFile
CreateFileW
GetModuleFileNameW
GetSystemDirectoryW
WaitForSingleObject
CreateEventW
FindClose
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
RtlUnwind
OutputDebugStringA
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalFree
LocalAlloc
GetModuleHandleW
GetProcessHeap
HeapFree
HeapAlloc
VirtualProtect
LoadLibraryExW
GetVersionExW
SetWaitableTimer
CreateWaitableTimerW
GetTempPathW
GetSystemWindowsDirectoryW
GetCurrentDirectoryW
CopyFileW
DeleteFileW
RemoveDirectoryW
MoveFileExW
GetTimeFormatW
GetDateFormatW
IsDebuggerPresent
OutputDebugStringW
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCommandLineW
InterlockedDecrement
SetFileAttributesW
LoadLibraryW
GetProcAddress
FreeLibrary

msvcrt

_fileno
_read
__pioinfo
__badioinfo
realloc
wcstombs
wctomb
localeconv
isxdigit
isleadbyte
mbtowc
isdigit
calloc
_onexit
_lock
__dllonexit
_unlock
_controlfp
iswctype
memmove
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
ungetc
free
__mb_cur_max
_vsnwprintf
_errno
__CxxFrameHandler
wcscmp
wcsrchr
wcschr
_wcsicmp
_filelength
_wfopen
wprintf
printf
fread
fwrite
fseek
fclose
iswspace
feof
fgetws
towlower
__RTDynamicCast
memset
malloc
memcpy
_purecall
??0exception@@QAE@XZ
wcsstr
wcslen
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z

rpcrt4

UuidCreate

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

PACK
Size: 160KB - Virtual size: 424KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f3504f2a7e8a779ad2b202f6456ab9d

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

rpcrt4

version

Sections

.text Size: 191KB - Virtual size: 190KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 14KB

PACK Size: 160KB - Virtual size: 424KB

.text
Size: 191KB - Virtual size: 190KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 14KB

PACK
Size: 160KB - Virtual size: 424KB