f77ea9f9c2374b687b106d11a9bd5d901f9dff7ed277bd7fd8dfd534393fcd92

Sharing

Copy URL Twitter E-mail

General

Target

f77ea9f9c2374b687b106d11a9bd5d901f9dff7ed277bd7fd8dfd534393fcd92
Size

294KB
MD5

83da806b26d3861eedf90734b178f170
SHA1

240b1b2694655a2facf98d256e5f4d9a1f5a328d
SHA256

f77ea9f9c2374b687b106d11a9bd5d901f9dff7ed277bd7fd8dfd534393fcd92
SHA512

e68870707a161d768c3af6141d844a03fdd27835e2b5add6ca8ada1b7cb741e680555ecadd5bbb7907ab29af7897688cc45c2ab9b113f0933ed31ff063155f9d
SSDEEP

6144:Mb4fAS2iM2j0S/jWAZpnGUOJrB6V97XwRkwkUT5By7nts9scKfOK:HAS23JqnGUY1U7U9BGsuWK

Score

N/A

Malware Config

Signatures

Files

f77ea9f9c2374b687b106d11a9bd5d901f9dff7ed277bd7fd8dfd534393fcd92
.exe windows x86

959268be9a9454e362912ab3f50f1d7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndDoc
Polyline
StartDocW

lz32

LZRead
GetExpandedNameA
LZInit

version

VerLanguageNameW

shell32

SHAddToRecentDocs
SHGetFileInfoA

user32

ShowWindow
ValidateRect
DlgDirListComboBoxW
CloseWindow
MsgWaitForMultipleObjects
UpdateWindow

imm32

ImmGetConversionListA
ImmGetCandidateListCountA
ImmGetDescriptionW
ImmUnregisterWordW
ImmEscapeA
ImmIsIME
ImmSetCompositionFontW
ImmGetIMEFileNameW
ImmGetStatusWindowPos

kernel32

GetPrivateProfileStringW
HeapAlloc
GetExitCodeProcess
Beep
GetNumberFormatA
GetHandleInformation
GetPrivateProfileSectionW
GetConsoleTitleW
GetLocaleInfoA
FatalExit
GetEnvironmentVariableW
DosDateTimeToFileTime
GetPrivateProfileSectionA
GetTempFileNameW
GetConsoleScreenBufferInfo
GetModuleHandleW
FindResourceA
FlushFileBuffers
CopyFileW
GetThreadPriorityBoost
CreateDirectoryExW
GetFileSize
DisableThreadLibraryCalls
CreateDirectoryExA
GetTapeStatus
GetProcessVersion
EraseTape
GetQueuedCompletionStatus
AddAtomA
GetSystemInfo
BeginUpdateResourceA
BuildCommDCBAndTimeoutsA
GetThreadTimes
EnumSystemCodePagesA
GetLocalTime
CallNamedPipeA
GetModuleHandleA
GetStartupInfoA

advapi32

LsaSetInformationPolicy
RegUnLoadKeyW
RegSaveKeyW
LsaRetrievePrivateData
LsaEnumerateAccountsWithUserRight
GetNamedSecurityInfoA
BuildTrusteeWithNameW
LsaNtStatusToWinError
DecryptFileA
GetLengthSid
AreAllAccessesGranted
OpenEventLogA
IsTokenRestricted
RegisterEventSourceW
LookupAccountNameA
OpenSCManagerA
CreateProcessAsUserW
ObjectDeleteAuditAlarmW
BuildSecurityDescriptorA
SetSecurityInfo
PrivilegedServiceAuditAlarmA
GetServiceDisplayNameW
CreateProcessAsUserA
GetSidIdentifierAuthority
MakeSelfRelativeSD
ObjectCloseAuditAlarmA
RegOpenKeyW
QueryServiceLockStatusA
AddAccessDeniedAce
LookupPrivilegeDisplayNameA
GetAuditedPermissionsFromAclW
GetTrusteeFormA
GetMultipleTrusteeA
OpenSCManagerW
CreateRestrictedToken
EqualSid
LsaQueryDomainInformationPolicy
ObjectPrivilegeAuditAlarmW
DuplicateTokenEx
GetSecurityDescriptorLength
RegDeleteKeyA
AccessCheckAndAuditAlarmW
IsValidSecurityDescriptor
RegDeleteKeyW
RegDeleteValueW
BackupEventLogW
SetServiceStatus
LookupSecurityDescriptorPartsW
RegisterEventSourceA
GetSecurityDescriptorOwner
AdjustTokenGroups
GetUserNameW
LsaEnumerateTrustedDomainsEx
ReadEventLogA

resutils

ResUtilDupParameterBlock
ResUtilGetProperty

msvcrt

_controlfp
_except_handler3
__dllonexit
__p__fmode
_adjust_fdiv
__setusermatherr
_onexit
__set_app_type
__p__commode
_initterm
__getmainargs
_acmdln
_exit
_XcptFilter
exit

ole32

HMENU_UserMarshal
WriteFmtUserTypeStg
HMENU_UserUnmarshal
CoMarshalHresult
OleCreateFromFileEx

urlmon

HlinkNavigateMoniker
WriteHitLogging
FindMediaType
CoInternetGetProtocolFlags
HlinkSimpleNavigateToMoniker

oleaut32

SafeArrayGetIID
VarBstrFromUI4

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

959268be9a9454e362912ab3f50f1d7b

Headers

File Characteristics

Imports

gdi32

lz32

version

shell32

user32

imm32

kernel32

advapi32

resutils

msvcrt

ole32

urlmon

oleaut32

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 308KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 308KB

.rsrc
Size: 4KB - Virtual size: 1KB