ac15441035291a725706979a1ee71f9971b7c807c91e8ff1efb68a7005e71b41

General

Target

ac15441035291a725706979a1ee71f9971b7c807c91e8ff1efb68a7005e71b41
Size

284KB
MD5

903a4285a050d29d026e15b7f1257110
SHA1

37d77f6d7c5b6b2ee888a8966c0cd65c138ec281
SHA256

ac15441035291a725706979a1ee71f9971b7c807c91e8ff1efb68a7005e71b41
SHA512

480f8bea74b320b11118eca4006dd3d6581451fcbde51a8317001cb8b1108058836994309319fe0229ff9e61f5b03d9021fb2e6089ee2db92eec2a85944dd6ea
SSDEEP

6144:lppTkyO9uZnjeIhMu5F/74fI6CNPkHx2khm+QNPR3Z+IZCh+ZwwxHCsKQ8w:lppTkZ9uZi8M6/74AzNPkHx2kDQNBZXh

Score

N/A

Malware Config

Signatures

Files

ac15441035291a725706979a1ee71f9971b7c807c91e8ff1efb68a7005e71b41
.exe windows x86

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorOwner
RegOpenKeyExW
RegQueryValueExW
GetTraceEnableLevel
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
TraceMessage
SetSecurityDescriptorOwner

kernel32

GetFileType
LoadLibraryA
GetStartupInfoA
GetLocaleInfoW
GetLocalTime
LocalAlloc
GetFileAttributesW
GetDateFormatW
SetFilePointer
GetCommandLineW
SetLastError
LocalFree
GetTimeFormatW
DeleteFileA
CreateFileW
FormatMessageW
GetEnvironmentStringsA
CloseHandle
GetSystemDefaultLCID
GetStdHandle
WriteConsoleW
VerifyVersionInfoW
GetModuleHandleA
ReadFile
FreeLibrary
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
MultiByteToWideChar

msvcrt

wcslen
_initterm
_purecall
wcsncmp
wcscmp
_adjust_fdiv
_onexit
wcscpy
malloc
__dllonexit
free
swprintf

gpedit

BrowseForGPO
DeleteAllGPOLinks
DeleteGPOLink

netapi32

NetApiBufferFree
DsGetDcNameW

ws2_32

htons
htonl

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

gpedit

netapi32

ws2_32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 71KB - Virtual size: 70KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 8KB - Virtual size: 8KB