afce24135e0d9c8624467d0719980c4826edcc23402c71e73f80a5b1fb141163

Sharing

Copy URL Twitter E-mail

General

Target

afce24135e0d9c8624467d0719980c4826edcc23402c71e73f80a5b1fb141163
Size

1.1MB
MD5

939a7a3e767ed782cf1b994ea21dba8c
SHA1

f30806c4a221fe6b32d5641f415fc612c2204f57
SHA256

afce24135e0d9c8624467d0719980c4826edcc23402c71e73f80a5b1fb141163
SHA512

69eba26eba67866d7ff01604acd2fc48b9cceb2833e646934aceff965ed214c3f39a498423964537cc6652b3c59ccd7bf73b383491371cd029ae64a3adcef7ae
SSDEEP

24576:WmbAi6GQxMT66LdfXZjZm9DGX/UJF8CkMFlJzEpG1WV7E6b0o:WmbAi6GQalZJFm75kMDzl8tE6Qo

Score

N/A

Malware Config

Signatures

Files

afce24135e0d9c8624467d0719980c4826edcc23402c71e73f80a5b1fb141163
.exe windows x86

d834a6dc1ca5604b738d59382d7b6f27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

imm32

ImmEscapeW
ImmGetImeMenuItemsW
ImmUnlockIMCC
ImmSetCompositionStringW
ImmGetContext
ImmGetDefaultIMEWnd
ImmLockIMCC
ImmCreateContext
ImmSetCompositionFontW
ImmIsIME

netapi32

NetValidateName
NetShareEnum
NetDfsSetClientInfo
NetGetAnyDCName
NetLocalGroupGetMembers
NetUseAdd
NetLocalGroupDelMembers
NetLocalGroupGetInfo
NetRenameMachineInDomain
NetRegisterDomainNameChangeNotification
NetUserGetLocalGroups
NetShareGetInfo
NetFileEnum

setupapi

SetupDiOpenClassRegKey
SetupDiGetSelectedDevice
SetupDefaultQueueCallbackW
CM_Locate_DevNode_ExW
SetupDiBuildClassInfoListExW
pSetupRealloc
CM_Enumerate_Classes
SetupInstallFromInfSectionW
SetupGetLineTextW
SetupDiGetINFClassW
CM_Connect_MachineW
CM_Locate_DevNodeW
CMP_WaitNoPendingInstallEvents
SetupGetStringFieldW
SetupDiDestroyDeviceInfoList
SetupQueueCopyIndirectW

kernel32

LocalFree
FindNextFileA
GetProcessAffinityMask
VirtualAlloc
GetSystemTimeAdjustment
VirtualProtectEx
Sleep
SetCriticalSectionSpinCount
GetPrivateProfileIntA
GetConsoleOutputCP
DefineDosDeviceW
FileTimeToDosDateTime
PrivCopyFileExW
OutputDebugStringA
_lwrite
FatalExit
IsValidCodePage
SetErrorMode
SetEvent

advapi32

RegSetValueExW
GetCurrentHwProfileW
GetTokenInformation
QueryServiceStatusEx
RegNotifyChangeKeyValue
RegUnLoadKeyW
GetSidSubAuthority
SetKernelObjectSecurity
RegQueryValueA
LsaICLookupNames
AddAccessAllowedAce
GetSidSubAuthorityCount
MapGenericMask
RegisterEventSourceW
CryptVerifySignatureA
RegisterServiceCtrlHandlerA
GetKernelObjectSecurity
BuildExplicitAccessWithNameW
RegQueryValueExA

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 116KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 164KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d834a6dc1ca5604b738d59382d7b6f27

Headers

DLL Characteristics

File Characteristics

Imports

imm32

netapi32

setupapi

kernel32

advapi32

Sections

.text Size: 124KB - Virtual size: 121KB

.rdata Size: 384KB - Virtual size: 517KB

.data Size: 248KB - Virtual size: 326KB

.pdata Size: 116KB - Virtual size: 246KB

.data1 Size: 164KB - Virtual size: 313KB

.rsrc Size: 104KB - Virtual size: 102KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 124KB - Virtual size: 121KB

.rdata
Size: 384KB - Virtual size: 517KB

.data
Size: 248KB - Virtual size: 326KB

.pdata
Size: 116KB - Virtual size: 246KB

.data1
Size: 164KB - Virtual size: 313KB

.rsrc
Size: 104KB - Virtual size: 102KB

.reloc
Size: 4KB - Virtual size: 1KB