ee059ba28caf3bd997f586108e5d22d01a216fcc234c2f98747ae12c552e645d

Sharing

Copy URL Twitter E-mail

General

Target

ee059ba28caf3bd997f586108e5d22d01a216fcc234c2f98747ae12c552e645d
Size

153KB
MD5

91216d35c369e7a7048b1d3f55a379ec
SHA1

5d1db452402c0247904eef0ba12e5d93f4b6375f
SHA256

ee059ba28caf3bd997f586108e5d22d01a216fcc234c2f98747ae12c552e645d
SHA512

66f4b23072a97d2bd35877fd51940a456bfae7ecc6f1fed07e23f729a18760fb2136a1d2840c407b24aaea899c6ceadf93676b1055f48c99acb6c9d9b5858288
SSDEEP

3072:CIHmZayyY9fYxpnAV/lb3jDtI1TqcnSeLr12L3B5QIHHLmwe:CIHmZaQ+LAVV/4j129rje

Score

N/A

Malware Config

Signatures

Files

ee059ba28caf3bd997f586108e5d22d01a216fcc234c2f98747ae12c552e645d
.exe windows x86

297bd4fc70b95d0751f0a76ce9c4f86c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
VirtualProtect
LCMapStringW
WideCharToMultiByte
GetSystemInfo
FlushFileBuffers
GetProcessHeap
HeapAlloc
HeapFree
lstrlenA
WaitForSingleObject
SetConsoleCtrlHandler
GetCommandLineW
GetVersionExW
CopyFileW
DeleteFileW
lstrcmpW
FormatMessageW
GetLocalTime
GetCurrentProcessId
ProcessIdToSessionId
CreateFileW
SetFilePointer
WriteFile
GetLastError
SetLastError
lstrlenW
CloseHandle
LocalAlloc
LocalFree
FreeLibrary
LoadLibraryW
GetProcAddress
SetStdHandle
GetCurrentProcess
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoW
GetVersionExA
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetModuleFileNameA
InterlockedExchange
VirtualQuery
TerminateProcess
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA

user32

wsprintfW
CloseDesktop
GetSystemMetrics
GetUserObjectSecurity
SetUserObjectSecurity
GetProcessWindowStation
OpenWindowStationW
SetProcessWindowStation
OpenDesktopW
CloseWindowStation

advapi32

InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
InitializeAcl
GetAce
AddAce
SetSecurityDescriptorDacl
LogonUserW
SetTokenInformation
LsaNtStatusToWinError
GetLengthSid
CopySid
DuplicateTokenEx
ImpersonateLoggedOnUser
CreateProcessAsUserW
RevertToSelf
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteKeyW
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
LookupAccountNameW
RegQueryValueExW
GetTokenInformation
CreateWellKnownSid
LookupAccountSidW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
AddAccessAllowedAce

shell32

CommandLineToArgvW

netapi32

NetUserAdd
NetUserDel
NetLocalGroupAddMembers
NetApiBufferFree
NetUserGetInfo

shlwapi

PathFileExistsW

userenv

CreateEnvironmentBlock
DeleteProfileW
DestroyEnvironmentBlock

secur32

LsaLogonUser
LsaRegisterLogonProcess
LsaFreeReturnBuffer

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

297bd4fc70b95d0751f0a76ce9c4f86c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

netapi32

shlwapi

userenv

secur32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 68KB - Virtual size: 76KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 68KB - Virtual size: 76KB