5510ce83f9960c3fc7c0c632f29c2ba8f1896d7f38fe28cee8fee8ac32e75bf7

Sharing

Copy URL Twitter E-mail

General

Target

5510ce83f9960c3fc7c0c632f29c2ba8f1896d7f38fe28cee8fee8ac32e75bf7
Size

71KB
MD5

83e34bf86c0ed14b97806e6b7801ec90
SHA1

accb47b2a9a21c250484372de938740f4cac763d
SHA256

5510ce83f9960c3fc7c0c632f29c2ba8f1896d7f38fe28cee8fee8ac32e75bf7
SHA512

75066f2ce60f3e0a4e6ebb71345de51bb299f8ec1096c74c619a3d9b1a86089c76905ae1710903bba98762fca0a446575a9ae037123698a92521beb87057e5ed
SSDEEP

1536:DTrh+OkHWQnemrsGXZXSy9CUnU8cVAejtz:nr8B2QnZrxXNSycNVAejR

Score

N/A

Malware Config

Signatures

Files

5510ce83f9960c3fc7c0c632f29c2ba8f1896d7f38fe28cee8fee8ac32e75bf7
.exe windows x86

3806686ee9262878007c6d18e84bb142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mapi32

ord137
ord140
ord75
ord17
ord136

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
IsBadReadPtr
InitializeCriticalSection
Sleep
RaiseException
TlsAlloc
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
GetTickCount
LoadLibraryA
GetProcAddress

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoCreateInstance

scecli

SceGetDbTime
SceProcessSecurityPolicyGPOEx
SceCompareNameList
SceGetObjectChildren
SceDcPromoteSecurityEx
SceSetupBackupSecurity
SceSetDatabaseSetting
SceSvcQueryInfo
DeltaNotify
SceCompareSecurityDescriptors
SceLookupPrivRightName
SceCloseProfile

d3d8thk

OsThunkD3dContextCreate
OsThunkDdQueryDirectDrawObject
OsThunkDdSetColorKey
OsThunkDdUnattachSurface
OsThunkDdDestroyD3DBuffer
OsThunkDdDeleteSurfaceObject
OsThunkDdWaitForVerticalBlank

Sections

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hpn
Size: 5KB - Virtual size: 1000KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 11KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GAijxx
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3806686ee9262878007c6d18e84bb142

Headers

File Characteristics

Imports

mapi32

kernel32

advapi32

ole32

scecli

d3d8thk

Sections

.idata Size: 9KB - Virtual size: 9KB

.hpn Size: 5KB - Virtual size: 1000KB

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 1KB - Virtual size: 14KB

.edata Size: 11KB - Virtual size: 52KB

.GAijxx Size: 2KB - Virtual size: 219KB

.data Size: 7KB - Virtual size: 174KB

.edata Size: 11KB - Virtual size: 55KB

.rsrc Size: 3KB - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 9KB

.hpn
Size: 5KB - Virtual size: 1000KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 1KB - Virtual size: 14KB

.edata
Size: 11KB - Virtual size: 52KB

.GAijxx
Size: 2KB - Virtual size: 219KB

.data
Size: 7KB - Virtual size: 174KB

.edata
Size: 11KB - Virtual size: 55KB

.rsrc
Size: 3KB - Virtual size: 3KB