4615ea9a44d77ff7cb054886f03ac28cf8391028c49c645ea2be68e930b8c8bd

Sharing

Copy URL Twitter E-mail

General

Target

4615ea9a44d77ff7cb054886f03ac28cf8391028c49c645ea2be68e930b8c8bd
Size

204KB
MD5

83241d6ba07d5d4e2909d3ae044f4120
SHA1

1c203577d08c22e0f2280e53cd1b9d45decd1d6c
SHA256

4615ea9a44d77ff7cb054886f03ac28cf8391028c49c645ea2be68e930b8c8bd
SHA512

c5b0a7e7530b6332df6b676141353472588039dcdf2a3a32011bd9abe1d22150f5f86ad13bc160046512e54d7578216e326292367e6a235d5ad442222d9bdcf2
SSDEEP

3072:Lno0w+NRCypAV0uSGsnZkXL0H103DIh+B0lOxP3d6uBexJMDDGsCvdet1TC/:Lo0wWpnZkXL0eTIh+B0lS3BeqGsaE1G/

Score

N/A

Malware Config

Signatures

Files

4615ea9a44d77ff7cb054886f03ac28cf8391028c49c645ea2be68e930b8c8bd
.exe windows x86

08f68a4379abbfdda9660d304f02119c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mssws

LsaOpenPolicy
LsaClose
LsaNtStatusToWinError
LsaFreeMemory
LsaRetrievePrivateData
LsaStorePrivateData
CryptAcquireContextW
OpenMutexW
OpenFileMappingW
FindNextFileW
GetLengthSid
IsValidSid
GetCommandLineW
SetSecurityDescriptorGroup
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
CharUpperBuffW
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
OpenThreadToken
GetEnvironmentVariableW
SetEnvironmentVariableW
GetTokenInformation
CreateEventW
OpenProcessToken
CopySid
FindFirstFileW
RevertToSelf
GetComputerNameW
DispatchMessageW
PeekMessageW
OpenEventW
ImpersonateLoggedOnUser
CoInitializeSecurity
GetModuleHandleW
LoadLibraryW
LogonUserW
CharUpperW
DuplicateToken
CreateFileW
InterlockedCompareExchange
lstrlenW
DeleteFileW

msvcrt

_wtol
_wcsnicmp
wcschr
wcscmp
_exit
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
_XcptFilter
_acmdln
?terminate@@YAXXZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
exit
_wcsicmp
free
_ultow
??2@YAPAXI@Z
_itow
_purecall
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_CxxThrowException
_wtoi
_EH_prolog
__CxxFrameHandler
??3@YAXPAX@Z
realloc
malloc
isalnum
iswspace
wcscpy
wcslen
wcsncpy

advapi32

RegCloseKey
CryptHashData
CryptCreateHash
CryptGenRandom
CryptDeriveKey
CryptDestroyHash
CryptDecrypt
CryptEncrypt
CryptReleaseContext
CryptDestroyKey
InitializeSecurityDescriptor
GetSecurityDescriptorLength

kernel32

FindClose
Sleep
GetSystemInfo
VirtualFree
VirtualAlloc
ReleaseMutex
WaitForMultipleObjects
SetErrorMode
SetLastError
GetCurrentProcessId
GetLastError
GetVersionExA
GetCurrentProcess
HeapReAlloc
UnmapViewOfFile
MapViewOfFile
GetStartupInfoA
GetModuleHandleA
EnterCriticalSection
GetTickCount
FreeLibrary
LoadLibraryA
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
InterlockedDecrement
GetProcAddress
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
GetCurrentThreadId
ExitProcess
LeaveCriticalSection
GetCurrentThread
InterlockedIncrement
GlobalFree
OpenProcess
MultiByteToWideChar
IsValidCodePage
GetSystemDefaultLCID
WriteFile
ExitThread
SetThreadPriority

user32

RegisterClassExA
DestroyWindow
DefWindowProcA
PostQuitMessage
CreateWindowExA

iprop

StgCreatePropSetStg
PropVariantClear
PropVariantCopy

ole32

CoTaskMemRealloc
CoCreateInstance
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CoTaskMemFree
StgOpenStorage

oleaut32

GetErrorInfo
SysStringLen
SysFreeString

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08f68a4379abbfdda9660d304f02119c

Headers

DLL Characteristics

File Characteristics

Imports

mssws

msvcrt

advapi32

kernel32

user32

iprop

ole32

oleaut32

Sections

.text Size: 116KB - Virtual size: 114KB

.data Size: 4KB - Virtual size: 24KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 116KB - Virtual size: 114KB

.data
Size: 4KB - Virtual size: 24KB

.rsrc
Size: 80KB - Virtual size: 80KB