d0e840625dad886ca6710440f76097195f37fb9fb899840a04b39e6fa13fe21c

Sharing

Copy URL

Twitter E-mail

General

Target

d0e840625dad886ca6710440f76097195f37fb9fb899840a04b39e6fa13fe21c
Size

299KB
MD5

40f308341c82cd475c65c3ca6bfb80b8
SHA1

b865fec705e5aa7eccd752c6addbc1cae27079be
SHA256

d0e840625dad886ca6710440f76097195f37fb9fb899840a04b39e6fa13fe21c
SHA512

f3b934cfc8b33dd364c4f136f3e2a2a42f778432304539776b6ba4eafb2b6df7fd99dd89bfca7af1a291ae0b7f00b2ccac76637b8f5d2e54d0585340fc372c10
SSDEEP

3072:jRrU8E/CXytrGZu22kl6r5Oivv24z1mbFzbl2qTmOjCr6sVOR9pW6n7vZFRXpsp9:jRr5Eao412kc5F3h1mbFAz9V6pLvri

Score

N/A

Malware Config

Signatures

Files

d0e840625dad886ca6710440f76097195f37fb9fb899840a04b39e6fa13fe21c
.exe windows x86

cd82abb8b14f956dc12e37c869721e63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
DuplicateHandle
FileTimeToLocalFileTime
FindFirstFileW
PrepareTape
WritePrivateProfileSectionW
GetProfileIntA
SetErrorMode
ExitProcess
ScrollConsoleScreenBufferA
ReleaseSemaphore
FindResourceExW
GetComputerNameW
GetAtomNameA
UnhandledExceptionFilter
RemoveDirectoryA
SetConsoleWindowInfo
GetDriveTypeA
OpenFile
GetTapeStatus
SetCurrentDirectoryA
FreeEnvironmentStringsA
GetCommandLineA
lstrlenA
VirtualAlloc
EnumSystemCodePagesW

user32

TabbedTextOutW
GetTabbedTextExtentW
ChildWindowFromPointEx
MapWindowPoints
GetAsyncKeyState
GetDlgItemTextW
EnumDisplaySettingsA
ArrangeIconicWindows
RegisterClipboardFormatW
EnumDesktopsW

gdi32

CreateEllipticRgnIndirect

comdlg32

CommDlgExtendedError

advapi32

SetSecurityDescriptorSacl
AllocateLocallyUniqueId
CryptCreateHash
CryptExportKey
DuplicateToken
AddAce
StartServiceCtrlDispatcherW
InitializeAcl
RegEnumValueA
QueryServiceStatus
RegLoadKeyA
RegQueryValueExA
RegEnumKeyW
SetFileSecurityA
GetSidSubAuthority
SetNamedSecurityInfoW
LogonUserW
GetSecurityDescriptorGroup
RevertToSelf
LookupPrivilegeValueA
RegConnectRegistryA
LookupPrivilegeValueW
BuildTrusteeWithNameW
LookupAccountNameW
GetLengthSid
RegEnumValueW
ObjectDeleteAuditAlarmW
GetPrivateObjectSecurity
RegQueryInfoKeyA
GetSidSubAuthorityCount
RegisterServiceCtrlHandlerW
CreateProcessAsUserW
NotifyChangeEventLog
CryptHashData
UnlockServiceDatabase
OpenEventLogW
InitiateSystemShutdownA
AdjustTokenPrivileges

shell32

SHGetSettings
ExtractIconA

ole32

CoMarshalInterface
StgCreateStorageEx
OleCreateLink
OleQueryLinkFromData
CoLockObjectExternal
CoReleaseMarshalData

oleaut32

SafeArrayGetElement
LoadTypeLibEx
SafeArrayRedim
SafeArrayCreate
SafeArrayGetLBound
QueryPathOfRegTypeLi
VariantCopy

comctl32

ImageList_Create

shlwapi

PathQuoteSpacesA

Sections

eskqao
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

omqwyy
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

uksgmu
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ekseuq
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd82abb8b14f956dc12e37c869721e63

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

eskqao Size: 2KB - Virtual size: 1KB

omqwyy Size: 3KB - Virtual size: 2KB

uksgmu Size: 290KB - Virtual size: 290KB

ekseuq Size: 3KB - Virtual size: 2KB

eskqao
Size: 2KB - Virtual size: 1KB

omqwyy
Size: 3KB - Virtual size: 2KB

uksgmu
Size: 290KB - Virtual size: 290KB

ekseuq
Size: 3KB - Virtual size: 2KB