aac075db21023f613b2cb11b35910bed237b10bd44c5b6710f6ede05fcce6a88

Sharing

Copy URL Twitter E-mail

General

Target

aac075db21023f613b2cb11b35910bed237b10bd44c5b6710f6ede05fcce6a88
Size

154KB
MD5

81b09f0e4d356ce7b5c1d3fefab03e4c
SHA1

8372a4630d05c5551e14e7d9d0fb231991e35c1d
SHA256

aac075db21023f613b2cb11b35910bed237b10bd44c5b6710f6ede05fcce6a88
SHA512

d0e9cb1894bab413343b1c28fb483a477be5a000aa0dfce81b96053a15a7e809d5a2475b95cfd8d5e7b5f64253801ab3604860e76256b64d620d20f7069e0d63
SSDEEP

3072:tZdlufAejGL3g20EnB2tJf+QDrf3SBpydYO1n7eItPVZI:HGQg/EB+JfTqPOFB

Score

N/A

Malware Config

Signatures

Files

aac075db21023f613b2cb11b35910bed237b10bd44c5b6710f6ede05fcce6a88
.exe windows x86

ded9a086248d371095c685fe2fd0fa44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollPos
GetDesktopWindow

advapi32

OpenServiceW
CryptDestroyKey
CryptDeriveKey
RegDeleteKeyA
ControlService
RegEnumKeyW
NotifyBootConfigStatus
RegQueryInfoKeyA
RegEnumKeyA
SetServiceStatus
EqualSid
LookupAccountSidW
RegEnumKeyExA
OpenEventLogA
CryptReleaseContext
OpenEventLogW
RegCreateKeyExW
RegDeleteValueA
LookupAccountNameW
RegCloseKey
RegOpenKeyA
RegCreateKeyW
CryptDecrypt
GetLengthSid
RegOpenKeyExW
InitializeAcl
OpenSCManagerW
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExA
CryptDestroyHash
CryptHashData
RegisterServiceCtrlHandlerW
CryptCreateHash
RegEnumValueA
RegSetValueExW
RegCreateKeyA
RegQueryValueExW

kernel32

GlobalFindAtomW
GetTimeZoneInformation
GetTempFileNameA
LoadLibraryExA
GetBinaryTypeW
GetCommandLineA
GetComputerNameW
CreateNamedPipeW
SetFileApisToOEM
GetComputerNameA
TerminateThread
IsBadWritePtr
GetFileType
lstrcmpW
HeapAlloc
GetOverlappedResult
TransactNamedPipe
LocalReAlloc
FindFirstFileW
WaitForSingleObjectEx
LoadLibraryA
IsValidLanguageGroup
SetLocalTime
GetVersionExW
SizeofResource
GlobalAddAtomW
GetProcAddress
FileTimeToLocalFileTime
GetExitCodeThread
SetThreadExecutionState
WaitCommEvent
GetModuleFileNameA
GetSystemTimeAsFileTime
PulseEvent
GlobalAlloc
CreateThread
FileTimeToDosDateTime
CallNamedPipeW
FoldStringW
CreateNamedPipeA
UnhandledExceptionFilter
DeleteCriticalSection
LocalLock
QueryPerformanceCounter
GetSystemInfo
GlobalReAlloc
FindCloseChangeNotification
IsDBCSLeadByte
GetThreadTimes
CreateFileMappingW
SetSystemTimeAdjustment
GetCommTimeouts
GetFileAttributesW
GetCompressedFileSizeW
lstrcmpA
CompareStringW
SetupComm
GetTempPathW
FindFirstFileA
lstrcpynW
SetFilePointer
SystemTimeToFileTime
GetVersionExA
SetEvent
OpenEventA
OpenSemaphoreW
FindResourceW
HeapReAlloc
ClearCommError
LocalFree
EnumResourceNamesA
VirtualQuery
SetCurrentDirectoryW
GlobalFlags
GetAtomNameW
DuplicateHandle
GetTimeFormatW
VerSetConditionMask
GetWindowsDirectoryW
GetComputerNameExA
lstrcatW
GetSystemDirectoryW
GetDateFormatA
LocalAlloc
SearchPathA
CreateRemoteThread
SetFileAttributesW
GetFileInformationByHandle
SleepEx
LoadLibraryW
GetNumberFormatA
GetModuleHandleA
FlushFileBuffers
WaitForMultipleObjectsEx
FreeLibrary
SetEndOfFile
ReadFile
CancelIo
UnmapViewOfFile
DisconnectNamedPipe
ReleaseMutex
GetTickCount
LoadLibraryExW
TlsGetValue
GetShortPathNameA
SetLastError
SetFileAttributesA
SetNamedPipeHandleState
FormatMessageA
GetHandleInformation
CreateEventW
WaitForMultipleObjects
CopyFileW
CreateSemaphoreA
GetAtomNameA
SetHandleInformation
CreatePipe
VirtualAlloc
IsDBCSLeadByteEx
QueryDosDeviceW
RegisterWaitForSingleObject
SetCommState
GetPriorityClass
MoveFileW
FindNextFileW
OpenFileMappingW
GetCommandLineW
CreateDirectoryA
lstrcpyW
SetCommMask
SetThreadPriority
WriteFile
EnumSystemLocalesA
GlobalLock
LoadResource
GetFileAttributesExA
GetTempPathA
SetThreadAffinityMask
GetFileSize
GetCommConfig
SetHandleCount
TlsSetValue
FindNextChangeNotification
InitializeCriticalSection
GetNumberFormatW
OpenFileMappingA
GetStringTypeExW
CreateFileA
ResumeThread
GetDateFormatW
GetCurrentThreadId
Sleep
OpenEventW
SetMailslotInfo
VirtualProtect
GetComputerNameExW
GetLocaleInfoW
SetCommBreak
FindResourceExA
SetSystemTime
CompareStringA
GetCurrentDirectoryW
AddAtomA
GetStartupInfoA
lstrcpyA
GlobalUnlock
TryEnterCriticalSection
lstrcmpiA
FormatMessageW
lstrlenA
CreateDirectoryW
GetACP
GetThreadLocale
GetSystemTimeAdjustment
lstrcmpiW

Exports

Exports

?buildPreference@@YGEUsimulatecorW@@@Z

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cont
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cond
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cone
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cons
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ded9a086248d371095c685fe2fd0fa44

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.cont Size: 5KB - Virtual size: 4KB

.cond Size: 1024B - Virtual size: 1008B

.cone Size: 512B - Virtual size: 128B

.edata Size: 512B - Virtual size: 117B

.data Size: 28KB - Virtual size: 27KB

.cons Size: 25KB - Virtual size: 24KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 46KB - Virtual size: 46KB

.cont
Size: 5KB - Virtual size: 4KB

.cond
Size: 1024B - Virtual size: 1008B

.cone
Size: 512B - Virtual size: 128B

.edata
Size: 512B - Virtual size: 117B

.data
Size: 28KB - Virtual size: 27KB

.cons
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 2KB - Virtual size: 1KB