29d6ddd7b3271731dc2a00e1124c344ec80424ea20e14947beda26c718e5c94a

Sharing

Copy URL

Twitter E-mail

General

Target

29d6ddd7b3271731dc2a00e1124c344ec80424ea20e14947beda26c718e5c94a
Size

40KB
MD5

82771a3130d88bebb5b9d60660dfb250
SHA1

ebe87db7111b928f6764b9783326af08ec5336dd
SHA256

29d6ddd7b3271731dc2a00e1124c344ec80424ea20e14947beda26c718e5c94a
SHA512

ee9986f66c040799cabf23c903414fcbd0ba88ace612a8228b5d5886945870f6c6b6000c561e22df9ad382d70aa21d514a713e74ba4750d71163dd45cc72c128
SSDEEP

768:BieoL7miQjhWkITFZi947pQZC43P2gsNsfa/W3S2jeGC:Jc7WjhWkIT3dQguP2ROa/W3SoC

Score

N/A

Malware Config

Signatures

Files

29d6ddd7b3271731dc2a00e1124c344ec80424ea20e14947beda26c718e5c94a
.exe windows x86

62540d90eecba8480406e5caa62f2080

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lopen
LoadLibraryA
lstrcmpiA
GetFileAttributesA
WritePrivateProfileStringA
GetConsoleAliasesLengthW
SwitchToFiber
GetThreadSelectorEntry
WriteTapemark
GetEnvironmentVariableA
ReadConsoleInputExA
HeapCreate
GetProcessIoCounters
RequestWakeupLatency
GetStartupInfoA
OpenMutexA
BaseFlushAppcompatCache
AttachConsole
GetConsoleCP
GetProcessPriorityBoost
GetCPInfoExW
GetDateFormatA
LoadResource
DosPathToSessionPathW

msacm32

acmFormatChooseW
acmFormatDetailsW
acmStreamClose
acmDriverAddA
acmStreamPrepareHeader
acmMessage32
acmMetrics
acmFormatTagDetailsA
acmStreamOpen
acmDriverRemove
acmFilterDetailsW
acmFormatTagDetailsW
acmFormatEnumA
XRegThunkEntry
acmFilterTagEnumW
acmDriverID
acmGetVersion
acmDriverPriority
acmFilterTagDetailsW
acmStreamSize
acmFormatTagEnumW
acmFilterChooseW
acmFormatTagEnumA
acmStreamMessage
acmFormatDetailsA
acmFormatEnumW
acmDriverMessage
acmDriverDetailsA
acmFilterTagDetailsA

msvcrt

_aligned_realloc
atan2
??1bad_typeid@@UAE@XZ
exit
__p__commode
__set_app_type
_CIcosh
__crtCompareStringW
_HUGE
_safe_fdiv
_beep
__getmainargs
_ungetch

ntdll

RtlEnumerateGenericTableAvl
LdrVerifyImageMatchesChecksum
NtReplyPort
RtlFindActivationContextSectionGuid
ZwSetSecurityObject
RtlInterlockedPushListSList
RtlCaptureContext
RtlImageRvaToVa
swprintf
DbgPrintReturnControlC
isdigit
ZwRestoreKey
ZwDeleteBootEntry
RtlConvertSharedToExclusive
NtWriteFileGather
RtlIpv6AddressToStringW
RtlIsGenericTableEmptyAvl
ZwCreateNamedPipeFile
RtlLockBootStatusData
KiUserExceptionDispatcher
iswxdigit
NtSetSystemPowerState
wcscspn
ZwCreateToken
ZwMakePermanentObject
memcpy
ZwFlushVirtualMemory
ZwCreateWaitablePort
RtlLargeIntegerToChar

wintrust

CryptCATGetCatAttrInfo
CryptCATEnumerateMember
CryptCATAdminCalcHashFromFileHandle
WintrustGetDefaultForUsage
WTHelperGetFileHash
WTHelperCertIsSelfSigned
WTHelperGetAgencyInfo
WTHelperCertFindIssuerCertificate
WVTAsn1SpcSigInfoDecode
OfficeCleanupPolicy
WintrustLoadFunctionPointers
CryptCATPersistStore
CryptCATCDFEnumCatAttributes
WintrustSetRegPolicyFlags
WVTAsn1SpcPeImageDataDecode
WinVerifyTrustEx
WVTAsn1SpcSpOpusInfoDecode
WVTAsn1SpcSpOpusInfoEncode
WVTAsn1CatMemberInfoDecode
CryptSIPVerifyIndirectData
mscat32DllRegisterServer
WVTAsn1SpcSigInfoEncode

advapi32

AbortSystemShutdownA
ElfRegisterEventSourceW
LsaLookupPrivilegeDisplayName
FindFirstFreeAce
RegOpenUserClassesRoot
LsaEnumeratePrivilegesOfAccount
FreeInheritedFromArray
RegSetKeySecurity
LsaSetInformationPolicy
StartTraceW
EnumServicesStatusExW
RegOpenCurrentUser
RegCreateKeyA
QueryServiceConfig2A
QueryAllTracesA

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62540d90eecba8480406e5caa62f2080

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msacm32

msvcrt

ntdll

wintrust

advapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB