dc09a923f9d30f0367464c975fc93fe5d280fd635f79b9f0f8b0884d585f308f

Sharing

Copy URL Twitter E-mail

General

Target

dc09a923f9d30f0367464c975fc93fe5d280fd635f79b9f0f8b0884d585f308f
Size

576KB
MD5

83a9de5c0e99346c84699fd3569e5ec0
SHA1

a44fddd6bb560d29b16186e29aec9e66900e7e3a
SHA256

dc09a923f9d30f0367464c975fc93fe5d280fd635f79b9f0f8b0884d585f308f
SHA512

6be022040d7b5bc096e1f02cc9880ad8a2ef6f4602e72b4d3d28ff6465d286657081588259e4b8985d04ae42b45f57a09e6ad77f43467f5ab4f8ffead98f5615
SSDEEP

12288:om+MtB9Azzq9Oie/SvQXxXv/LWyjPazUKbewdYHjHovBYK8/gVY1:om+Mbe/BxX1a5YIvBE0Y

Score

N/A

Malware Config

Signatures

Files

dc09a923f9d30f0367464c975fc93fe5d280fd635f79b9f0f8b0884d585f308f
.exe windows x86

fe1f59ac8f0172df808eb2d82c316461

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrConformantArrayMarshall
I_RpcGetBuffer
NdrConformantArrayBufferSize
NdrConformantArrayUnmarshall
NdrConvert
NdrServerInitializeNew
RpcServerUnregisterIf
RpcRaiseException
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen
RpcImpersonateClient
RpcRevertToSelf

advapi32

GetSidSubAuthority
SetSecurityDescriptorOwner
StartServiceA
RegOpenKeyExW
RegEnumKeyExW
SetThreadToken
GetFileSecurityW
GetSecurityDescriptorOwner
SetFileSecurityW
GetUserNameW
RegEnumValueW
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
AllocateAndInitializeSid
FreeSid
LookupAccountSidW
RegSetKeySecurity
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
OpenThreadToken
GetUserNameA
RegQueryValueExW
GetTokenInformation
AllocateLocallyUniqueId
RegSetValueExW
RevertToSelf
ImpersonateLoggedOnUser
LogonUserW
CreateProcessAsUserW
SetTokenInformation
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegCreateKeyExW
RegDeleteValueW
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
OpenProcessToken
IsValidSid
AdjustTokenPrivileges
LookupPrivilegeValueA
CopySid
GetLengthSid
LookupPrivilegeNameW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
QueryServiceConfigW
QueryServiceStatus
OpenServiceW
RegDeleteKeyA
RegDeleteKeyW

kernel32

LCMapStringW
GetStringTypeA
GetStringTypeW
CreateEventA
CloseHandle
SetEvent
GetVersion
Sleep
TerminateProcess
GetCurrentProcess
WaitForMultipleObjects
TerminateThread
WaitForSingleObject
GetLastError
lstrcmpiW
ReadProcessMemory
OpenProcess
lstrcmpiA
GetCurrentThread
FreeLibrary
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceExA
SetLastError
GetExitCodeProcess
GetComputerNameW
CreateProcessA
GetTimeZoneInformation
LocalFree
FormatMessageW
FormatMessageA
FindClose
FindNextFileA
FindFirstFileA
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
SetUnhandledExceptionFilter
CreateProcessW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ResetEvent
LocalAlloc
GetTickCount
CreateFileW
HeapFree
HeapAlloc
GetProcessHeap
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempPathW
GetTempFileNameW
GetLogicalDriveStringsW
GetDriveTypeW
GetSystemDirectoryW
GetWindowsDirectoryW
QueryPerformanceCounter
CreateDirectoryW
RemoveDirectoryW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
CopyFileW
MoveFileW
MoveFileExW
GetFullPathNameW
OutputDebugStringW
ExpandEnvironmentStringsW
LoadLibraryW
LoadLibraryExW
GetStartupInfoW
SetComputerNameW
GetModuleFileNameW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
WriteConsoleW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetSystemInfo
WriteConsoleA
GetConsoleOutputCP
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileA
GetTempPathA
GetTempFileNameA
GetLogicalDriveStringsA
GetDriveTypeA
GetSystemDirectoryA
GetWindowsDirectoryA
GetShortPathNameA
CreateDirectoryA
RemoveDirectoryA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CopyFileA
MoveFileA
GetFullPathNameA
OutputDebugStringA
ExpandEnvironmentStringsA
LoadLibraryExA
GetStartupInfoA
GetModuleFileNameA
GetComputerNameA
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetNumberFormatA
GetEnvironmentVariableA
SetEnvironmentVariableA
GetLogicalDrives
SetFileApisToANSI
SetErrorMode
GetCurrentThreadId
FindCloseChangeNotification
FindNextChangeNotification
ReadFile
WriteFile
FlushFileBuffers
SetFilePointer
SetEndOfFile
LockFileEx
UnlockFileEx
SetProcessWorkingSetSize
GetProcessWorkingSetSize
DeviceIoControl
SetFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
CompareStringW
FindFirstChangeNotificationW
GetVolumeInformationW
GetDiskFreeSpaceW
GetCompressedFileSizeW
GetFileInformationByHandle
CompareStringA
FindFirstChangeNotificationA
GetDiskFreeSpaceA
GetVolumeInformationA
WritePrivateProfileStringA
EnumResourceLanguagesW
LockResource
LoadResource
FindResourceExW
ExitThread
GetSystemDefaultLangID
EnumResourceNamesW
GetSystemTimeAsFileTime
BackupRead
BackupWrite
GetFileTime
LCMapStringA
VirtualProtect
SetStdHandle
IsBadCodePtr
GetCPInfo
GetOEMCP
GetACP
IsBadWritePtr
VirtualAlloc
VirtualQuery
InterlockedExchange
HeapSize
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
IsBadReadPtr
CreateThread
ExitProcess
RaiseException
RtlUnwind
GetVersionExA
GetCommandLineA
GetCurrentProcessId
CreateSemaphoreA
ReleaseSemaphore
GetShortPathNameW
SetComputerNameA

user32

VkKeyScanW
VkKeyScanExW
WinHelpW
SendNotifyMessageA
CreateDialogIndirectParamA
SystemParametersInfoW
CharUpperBuffA
CharUpperBuffW
VkKeyScanExA
VkKeyScanA
WinHelpA
GetClipboardFormatNameA
SystemParametersInfoA
SetWindowTextA
ModifyMenuA
AppendMenuA
RegisterClassExA
RegisterClipboardFormatA
PeekMessageA
CharUpperA
SetWindowTextW
ModifyMenuW
AppendMenuW
GetClipboardFormatNameW
RegisterClipboardFormatW
DispatchMessageW
PeekMessageW
CreateDialogIndirectParamW
PostMessageW
SendNotifyMessageW
SendMessageW
SetWindowLongW
GetWindowLongW
DefWindowProcW
RegisterClassExW
PostMessageA
wsprintfW
KillTimer
PostQuitMessage
RegisterClassA
CreateWindowExA
SetWindowLongA
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
SendMessageA
GetWindowLongA
DefWindowProcA

gdi32

EnumFontFamiliesExA
CreateFontIndirectA
GetTextMetricsA
EnumFontFamiliesExW
CreateFontIndirectW
GetTextMetricsW

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfoA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW
ShellExecuteW
ShellExecuteExA

comdlg32

GetSaveFileNameW
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW

mpr

WNetCancelConnection2W
WNetEnumResourceW
WNetOpenEnumW
WNetGetUniversalNameW
WNetAddConnection3W
WNetGetUniversalNameA
WNetAddConnection3A
WNetCloseEnum

ole32

CoInitialize
OleInitialize
CoCreateInstance
OleUninitialize
CoUninitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vmp0
Size: 164KB - Virtual size: 428KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe1f59ac8f0172df808eb2d82c316461

Headers

File Characteristics

Imports

rpcrt4

advapi32

kernel32

user32

gdi32

shell32

comdlg32

mpr

ole32

version

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 24KB

.vmp0 Size: 164KB - Virtual size: 428KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 24KB

.vmp0
Size: 164KB - Virtual size: 428KB