c7d330c7df927fe6fa7313bc09b6f81acad2fe5e5687ab2637a7859920c68a76

Sharing

Copy URL Twitter E-mail

General

Target

c7d330c7df927fe6fa7313bc09b6f81acad2fe5e5687ab2637a7859920c68a76
Size

156KB
MD5

a2bf787ccda7eb892ca9e82ff8defb70
SHA1

d8bbfe3cdcb38d2b5bb910af19c6e1a8e3192c04
SHA256

c7d330c7df927fe6fa7313bc09b6f81acad2fe5e5687ab2637a7859920c68a76
SHA512

890289366a31697cb9abe395b10ef0325e28e26c48e349e547e09ff0b4355223b4ac223c522c5683c9a03f06032c410e887a55d28bb4f8cd42feaeb6dd2b8bf7
SSDEEP

3072:Dno0w+NRCypAV0HSGsnZkXL0H103DIh+B0UVOuDCXr2aQi4Z:Do0wrpnZkXL0eTIh+B0UVSXc

Score

N/A

Malware Config

Signatures

Files

c7d330c7df927fe6fa7313bc09b6f81acad2fe5e5687ab2637a7859920c68a76
.exe windows x86

08f68a4379abbfdda9660d304f02119c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mssws

LsaOpenPolicy
LsaClose
LsaNtStatusToWinError
LsaFreeMemory
LsaRetrievePrivateData
LsaStorePrivateData
CryptAcquireContextW
OpenMutexW
OpenFileMappingW
FindNextFileW
GetLengthSid
IsValidSid
GetCommandLineW
SetSecurityDescriptorGroup
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
CharUpperBuffW
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
OpenThreadToken
GetEnvironmentVariableW
SetEnvironmentVariableW
GetTokenInformation
CreateEventW
OpenProcessToken
CopySid
FindFirstFileW
RevertToSelf
GetComputerNameW
DispatchMessageW
PeekMessageW
OpenEventW
ImpersonateLoggedOnUser
CoInitializeSecurity
GetModuleHandleW
LoadLibraryW
LogonUserW
CharUpperW
DuplicateToken
CreateFileW
InterlockedCompareExchange
lstrlenW
DeleteFileW

msvcrt

_wtol
_wcsnicmp
wcschr
wcscmp
_exit
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
_XcptFilter
_acmdln
?terminate@@YAXXZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_wcsicmp
free
_ultow
??2@YAPAXI@Z
_itow
_purecall
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CxxThrowException
_wtoi
_EH_prolog
__CxxFrameHandler
??3@YAXPAX@Z
realloc
malloc
isalnum
iswspace
wcscpy
wcslen
wcsncpy

advapi32

RegCloseKey
CryptHashData
CryptCreateHash
CryptGenRandom
CryptDeriveKey
CryptDestroyHash
CryptDecrypt
CryptEncrypt
CryptReleaseContext
CryptDestroyKey
InitializeSecurityDescriptor
GetSecurityDescriptorLength

kernel32

FindClose
Sleep
GetSystemInfo
VirtualFree
VirtualAlloc
ReleaseMutex
WaitForMultipleObjects
SetErrorMode
SetLastError
GetCurrentProcessId
GetLastError
GetVersionExA
GetCurrentProcess
HeapReAlloc
UnmapViewOfFile
MapViewOfFile
GetStartupInfoA
GetModuleHandleA
EnterCriticalSection
GetTickCount
FreeLibrary
LoadLibraryA
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
InterlockedDecrement
GetProcAddress
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
GetCurrentThreadId
ExitProcess
LeaveCriticalSection
GetCurrentThread
InterlockedIncrement
GlobalFree
OpenProcess
MultiByteToWideChar
IsValidCodePage
GetSystemDefaultLCID
WriteFile
ExitThread
SetThreadPriority

user32

RegisterClassExA
DestroyWindow
DefWindowProcA
PostQuitMessage
CreateWindowExA

iprop

StgCreatePropSetStg
PropVariantClear
PropVariantCopy

ole32

CoTaskMemRealloc
CoCreateInstance
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CoTaskMemFree
StgOpenStorage

oleaut32

GetErrorInfo
SysStringLen
SysFreeString

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08f68a4379abbfdda9660d304f02119c

Headers

DLL Characteristics

File Characteristics

Imports

mssws

msvcrt

advapi32

kernel32

user32

iprop

ole32

oleaut32

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 4KB - Virtual size: 24KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 4KB - Virtual size: 24KB

.rsrc
Size: 32KB - Virtual size: 32KB