84ee724a629d5bcafbb8b446446235b1149cd0c49f83b2cd6e4dcf9dcdfa1c5e

General

Target

84ee724a629d5bcafbb8b446446235b1149cd0c49f83b2cd6e4dcf9dcdfa1c5e
Size

284KB
MD5

a33aea76bfe09d71b9dff53bfea2b200
SHA1

0028c3e19542953ef821c637ee16dbb94db79392
SHA256

84ee724a629d5bcafbb8b446446235b1149cd0c49f83b2cd6e4dcf9dcdfa1c5e
SHA512

5786dceea0105497e0084a5d8865bb3b0d38eb84bed8c53d7f61f697864132407c3068b3d1776d79bed07ffaf0ab5e03c3df43b0e553c5b02d2389effe8fe20c
SSDEEP

6144:lppTkyO9uZnjeIhMu5F/74fI6CNPkHx2khm+QNPR3Z+IZCh+ZwwxHCsKQ8m:lppTkZ9uZi8M6/74AzNPkHx2kDQNBZXT

Score

N/A

Malware Config

Signatures

Files

84ee724a629d5bcafbb8b446446235b1149cd0c49f83b2cd6e4dcf9dcdfa1c5e
.exe windows x86

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorOwner
RegOpenKeyExW
RegQueryValueExW
GetTraceEnableLevel
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
TraceMessage
SetSecurityDescriptorOwner

kernel32

GetFileType
LoadLibraryA
GetStartupInfoA
GetLocaleInfoW
GetLocalTime
LocalAlloc
GetFileAttributesW
GetDateFormatW
SetFilePointer
GetCommandLineW
SetLastError
LocalFree
GetTimeFormatW
DeleteFileA
CreateFileW
FormatMessageW
GetEnvironmentStringsA
CloseHandle
GetSystemDefaultLCID
GetStdHandle
WriteConsoleW
VerifyVersionInfoW
GetModuleHandleA
ReadFile
FreeLibrary
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
MultiByteToWideChar

msvcrt

wcslen
_initterm
_purecall
wcsncmp
wcscmp
_adjust_fdiv
_onexit
wcscpy
malloc
__dllonexit
free
swprintf

gpedit

BrowseForGPO
DeleteAllGPOLinks
DeleteGPOLink

netapi32

NetApiBufferFree
DsGetDcNameW

ws2_32

htons
htonl

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

gpedit

netapi32

ws2_32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 71KB - Virtual size: 70KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 8KB - Virtual size: 8KB