4f8a02348baf2c914f2266c3ea631ab5c49044449b2683de26eaac16b577d88c

Sharing

Copy URL Twitter E-mail

General

Target

4f8a02348baf2c914f2266c3ea631ab5c49044449b2683de26eaac16b577d88c
Size

68KB
MD5

8261c5e83eca7e26cbe6b0cfae7839f3
SHA1

e0eb1e2c191793d12f445e5de50856eb76aa7440
SHA256

4f8a02348baf2c914f2266c3ea631ab5c49044449b2683de26eaac16b577d88c
SHA512

bb395505ad6e773585d9af80bb822e797b7c69864e05825a50cd56e024a495e6931e2221926b7e2bb54592935180da095a6643008b74bd6541f5bb56d86dcb82
SSDEEP

1536:LRfF9xpwyAhUSb734QOUTj0ALhYZ0igkSbr2quEag:VF9NAvIQOMIA1U0igkcr2pbg

Score

N/A

Malware Config

Signatures

Files

4f8a02348baf2c914f2266c3ea631ab5c49044449b2683de26eaac16b577d88c
.exe windows x86

d5d7d9e5f5397a8458d688f91af5b068

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileSectionW
CancelWaitableTimer
BuildCommDCBAndTimeoutsW
IsBadHugeWritePtr
lstrcpy
GetDiskFreeSpaceW
GetProfileStringW
FatalAppExitW
SetThreadPriority
AddAtomA
FoldStringW
SetFilePointer
GlobalReAlloc
lstrlen
GetMailslotInfo
FileTimeToLocalFileTime
SetConsoleCtrlHandler
InitAtomTable
CreateProcessA
lstrcatA
SetLocaleInfoW
VirtualAlloc
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
GlobalUnlock
GetLongPathNameA
GetModuleHandleA
VirtualProtect

user32

GetWindowContextHelpId
DdeNameService
MessageBeep
PeekMessageW
GetMessageExtraInfo
GetWindowModuleFileNameA
OpenWindowStationW
DdeQueryStringW
OpenIcon
SetWindowRgn
SetPropW
GetMessagePos

ole32

SetDocumentBitStg
OleConvertIStorageToOLESTREAM
StringFromCLSID
CreateBindCtx
CreateStreamOnHGlobal
CoGetCurrentLogicalThreadId
CoUninitialize
OleConvertOLESTREAMToIStorage
StgOpenStorageEx
CreateDataAdviseHolder
MonikerRelativePathTo
OleCreateFromFileEx
CoFreeLibrary
GetHGlobalFromILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
CoLockObjectExternal
CoGetObject

shlwapi

PathIsUNCW
StrCpyW
StrCSpnIA
StrCatBuffW
SHAutoComplete
PathUnmakeSystemFolderA
UrlApplySchemeW
PathAddExtensionW
SHOpenRegStreamW
SHRegQueryInfoUSKeyW
PathIsDirectoryW
StrChrA
UrlIsW
UrlIsNoHistoryA
PathSetDlgItemPathW
StrFormatKBSizeA
StrNCatA

advapi32

CryptGenRandom
LookupPrivilegeValueA
SetEntriesInAccessListA
LogonUserW
GetSecurityDescriptorLength
CloseEventLog
ConvertAccessToSecurityDescriptorA
CryptEnumProviderTypesW
BackupEventLogW
ObjectCloseAuditAlarmW
ObjectPrivilegeAuditAlarmW
LockServiceDatabase
RegLoadKeyW
SetTokenInformation
ReportEventA
GetSidLengthRequired
MakeAbsoluteSD
LookupSecurityDescriptorPartsA
OpenSCManagerA
CryptImportKey
BuildTrusteeWithSidA
RegisterServiceCtrlHandlerA
RegQueryMultipleValuesW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5d7d9e5f5397a8458d688f91af5b068

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

shlwapi

advapi32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 20KB