fb159e41072b3ab910930bad85c480ba2e5ec75c91538b27b8b675dc269de6c0

Sharing

Copy URL Twitter E-mail

General

Target

fb159e41072b3ab910930bad85c480ba2e5ec75c91538b27b8b675dc269de6c0
Size

854KB
MD5

84e28f014ad85ac7a22bbf07bab67f61
SHA1

43002da2d6b0003fe5a8a99a717ef8bb6b0a6446
SHA256

fb159e41072b3ab910930bad85c480ba2e5ec75c91538b27b8b675dc269de6c0
SHA512

6d005fb1aab5dc1c187b8f704411c7a2dbab0c7ee9bf52535b2171259008149e1143f82b1501192b53c7fe0d5666c829d8515c29981e21fccb05a6dec0b89575
SSDEEP

6144:nGQm2fwBnxgpC+0ukNpAa/R0mtSRGThzJ66666pf:nC2Wxgv0uspAa/7OiJ66666pf

Score

N/A

Malware Config

Signatures

Files

fb159e41072b3ab910930bad85c480ba2e5ec75c91538b27b8b675dc269de6c0
.exe windows x86

dd62fd41176c26ff408418199e193060

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
BuildTrusteeWithSidW
CloseServiceHandle
ControlService
CryptDecrypt
CryptGetKeyParam
CryptVerifySignatureA
FreeSid
GetLengthSid
InitializeAcl
LockServiceDatabase
NotifyChangeEventLog
OpenProcessToken
OpenSCManagerW
OpenServiceW
ReadEventLogW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegLoadKeyW
RegSetValueExW
RevertToSelf
SetFileSecurityW
SetSecurityDescriptorControl
SetSecurityDescriptorDacl
SystemFunction015
BackupEventLogA
LsaQuerySecret
RegRestoreKeyW

kernel32

CallNamedPipeW
CloseHandle
CompareFileTime
CreateFileW
CreateWaitableTimerW
DeviceIoControl
EnumLanguageGroupLocalesA
GetAtomNameA
GetCurrentProcess
GetCurrentThreadId
GetDiskFreeSpaceW
GetProcessHeap
GetShortPathNameA
GlobalHandle
Heap32First
HeapUnlock
HeapWalk
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
RaiseException
SetConsoleScreenBufferSize
SetUnhandledExceptionFilter
SetupComm
Sleep
TerminateProcess
UnhandledExceptionFilter
WriteProcessMemory
WriteProfileSectionW
lstrcpynA
GetEnvironmentVariableA
GetTimeFormatW
GlobalCompact
LoadLibraryExW
OpenFileMappingW
OutputDebugStringW
SetEnvironmentVariableA
SetFileApisToOEM
SetProcessAffinityMask
WideCharToMultiByte
VirtualAlloc
GetLastError
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
IsDebuggerPresent
GetStringTypeW
LCMapStringW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryW
GetLocaleInfoW
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
MultiByteToWideChar
HeapFree
HeapSize
RtlUnwind
HeapAlloc
HeapReAlloc

ole32

StringFromGUID2
CoSetCancelObject
WdtpInterfacePointer_UserSize
OleCreateLinkToFile
OleConvertOLESTREAMToIStorage
OleConvertIStorageToOLESTREAMEx
HGLOBAL_UserUnmarshal
CoUninitialize
CoTaskMemFree
CoRevokeMallocSpy
CoInitializeEx
CoInitialize
CoCreateInstance
CLIPFORMAT_UserMarshal

user32

GetAsyncKeyState
ShowWindow
SetDlgItemTextW
SendMessageW
PostThreadMessageW
KillTimer
GetWindowWord
GetDlgItem
GetCaretBlinkTime
DestroyWindow
DdeCreateDataHandle
TrackMouseEvent
RealChildWindowFromPoint
PostQuitMessage
OpenIcon
AnyPopup
BroadcastSystemMessage
CascadeChildWindows
DdeAccessData
DialogBoxIndirectParamA
DrawStateA
GetClassInfoA
GetClassLongW
GetDlgItemTextA
GetMessageExtraInfo
LoadStringW
OpenDesktopW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd62fd41176c26ff408418199e193060

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ole32

user32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 767KB - Virtual size: 767KB

.data Size: 3KB - Virtual size: 12KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 767KB - Virtual size: 767KB

.data
Size: 3KB - Virtual size: 12KB