dbf2481106285f177493ddb717e115a8a6067042962b47a4d20b04f627e74435

Sharing

Copy URL Twitter E-mail

General

Target

dbf2481106285f177493ddb717e115a8a6067042962b47a4d20b04f627e74435
Size

1.1MB
MD5

b2551e1e867391ed99717986c25f643a
SHA1

985cc2fee967fc84b910a56928e5dae082103fb8
SHA256

dbf2481106285f177493ddb717e115a8a6067042962b47a4d20b04f627e74435
SHA512

4d2fcc5fe731694a51e843909135e5d747a71447db9394a3a23c64fd8b5743391dd1482ee26be3f52ffd8012e41657e38e189b1dbd68ee5e2178bbdca98a379d
SSDEEP

12288:PStqlOIKlSq0zbK4x1U6narLojhNWVMptYJg96AOUTUwhxHaGW:PSaNySq4NqknAMoO9EwvHaGW

Score

N/A

Malware Config

Signatures

Files

dbf2481106285f177493ddb717e115a8a6067042962b47a4d20b04f627e74435
.exe windows x86

dabdc9a055059a8a2cf07f89ab8c1644

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetCurrentConsoleFont
CopyFileW
RtlUnwind
GetCurrencyFormatW
FindAtomA
GetNumberOfConsoleInputEvents
DeleteAtom
IsValidCodePage
SetLocaleInfoW
GlobalUnlock
GetConsoleAliasW
GetDateFormatW
SetHandleInformation
EnumCalendarInfoExW
QueryDosDeviceW
GetBinaryTypeA
GetExitCodeProcess
SetFileAttributesA
GetConsoleCP
GetCurrentDirectoryA
GetEnvironmentStringsW
GetVolumePathNameA
GetThreadPriority
GetThreadLocale
CreateDirectoryW
SetConsoleActiveScreenBuffer
FileTimeToSystemTime
TlsAlloc
SetConsoleDisplayMode
LoadLibraryExA
FindVolumeMountPointClose
GetDriveTypeW
GetConsoleAliasExesW
FindNextFileW
GetCurrentDirectoryW
OpenEventW
GetStdHandle
GetTimeFormatA
GetCompressedFileSizeW
ReplaceFileA
LockFile
GetNumberFormatA
GetPrivateProfileStringA
CancelIo
GetEnvironmentVariableW
EnumCalendarInfoA
lstrcpynA
GetFullPathNameW
GetWindowsDirectoryA
GetStartupInfoW
SetPriorityClass
CompareStringA
GetProfileStringA
LCMapStringA
CreateSemaphoreW
GetPriorityClass
DebugBreak
GetQueuedCompletionStatus
GetEnvironmentVariableA
GetFileAttributesExW
GetComputerNameA
GetPrivateProfileIntA
SetThreadAffinityMask
CreateWaitableTimerW
GetOEMCP
CreateEventA
ResetEvent
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetUserDefaultLCID
OpenThread
SetEndOfFile
GetDiskFreeSpaceW
GetDriveTypeA
SetTapeParameters
ExitThread
LocalFileTimeToFileTime
CreateDirectoryExA
MoveFileWithProgressW
FreeEnvironmentStringsW
Module32NextW
SetThreadContext
SetVolumeMountPointA
CompareStringW
VirtualAlloc
MapViewOfFile
GetPrivateProfileSectionNamesW
GetFileInformationByHandle
Module32First
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetProcessWorkingSetSize
SetThreadIdealProcessor
OpenWaitableTimerA
FormatMessageW
PeekNamedPipe
CreateHardLinkA
GetHandleInformation
GetConsoleScreenBufferInfo
OpenWaitableTimerW
SetThreadPriorityBoost
SetEvent
SetSystemTimeAdjustment
GetModuleHandleW
FreeUserPhysicalPages
GetSystemDefaultLangID
CreateMailslotW
SetThreadLocale
LCMapStringW
ReleaseMutex
ReplaceFileW
VerSetConditionMask
GetFileTime
FindFirstFileW
lstrcmpA
CreateTimerQueueTimer
BindIoCompletionCallback
CreateToolhelp32Snapshot
GetCompressedFileSizeA
WritePrivateProfileStringW
GetConsoleAliasExesA
DeviceIoControl
VerifyVersionInfoW
GetDiskFreeSpaceA
CreateFileMappingW
GetShortPathNameW
FindVolumeClose
FindResourceExW
OpenProcess
PrepareTape
AssignProcessToJobObject
SetUnhandledExceptionFilter
GetDevicePowerState
GetSystemWindowsDirectoryA
GetDiskFreeSpaceExW
FindResourceW
SetConsoleCtrlHandler
GetTimeFormatW
GetExitCodeThread
ReadProcessMemory
CreateDirectoryExW
OpenJobObjectA
HeapSize
GetModuleHandleA
ConvertThreadToFiber
DuplicateHandle

rpcrt4

NdrMesTypeEncode2
RpcEpRegisterA
NdrAsyncClientCall
RpcServerListen
NdrSimpleStructUnmarshall
RpcIfInqId
RpcErrorAddRecord
RpcStringFreeA
RpcAsyncCompleteCall
NdrAllocate
RpcMgmtSetComTimeout
UuidHash
RpcAsyncCancelCall
RpcBindingInqAuthClientA
RpcServerRegisterIf2
RpcStringBindingParseA
RpcAsyncAbortCall
RpcEpRegisterNoReplaceW
NdrInterfacePointerBufferSize
RpcServerRegisterAuthInfoW
I_RpcBindingInqTransportType
NdrConformantStringMarshall
RpcServerUseProtseqEpExW

user32

GetAltTabInfoA

comctl32

ImageList_DrawIndirect
ord17
ImageList_Create
CreatePropertySheetPageW
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Write
ImageList_EndDrag

advapi32

RegSetValueA
GetSidSubAuthorityCount
InitializeSecurityDescriptor
RegCreateKeyExA
AreAnyAccessesGranted
RegQueryValueExA
AddAccessDeniedAce
RegCreateKeyExW
RegSetValueExW
InitializeAcl
RegSetKeySecurity
GetKernelObjectSecurity
RegQueryMultipleValuesA
RegSetValueExA
RegSetValueW
SetKernelObjectSecurity
GetCurrentHwProfileW
SetTokenInformation
AddAuditAccessAce
AddAccessAllowedAce
RegNotifyChangeKeyValue
GetCurrentHwProfileA
GetTokenInformation
GetSidLengthRequired
GetSidSubAuthority
AreAllAccessesGranted
GetSidIdentifierAuthority

Sections

.text
Size: 834KB - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eij
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a098y
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dabdc9a055059a8a2cf07f89ab8c1644

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

comctl32

advapi32

Sections

.text Size: 834KB - Virtual size: 833KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 258KB

.eij Size: 124KB - Virtual size: 124KB

.a098y Size: 108KB - Virtual size: 107KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 834KB - Virtual size: 833KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 258KB

.eij
Size: 124KB - Virtual size: 124KB

.a098y
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 45KB - Virtual size: 45KB