f3894cd8592b44d03e151bb44ebdb249e6d574184917b126974a7a88ce1579c5

Sharing

Copy URL Twitter E-mail

General

Target

f3894cd8592b44d03e151bb44ebdb249e6d574184917b126974a7a88ce1579c5
Size

272KB
MD5

304ccbf4216791549242dc71ce35aff0
SHA1

9cbf07fabc465592fefde5df39a500a49cc74dc1
SHA256

f3894cd8592b44d03e151bb44ebdb249e6d574184917b126974a7a88ce1579c5
SHA512

899acb85cc80cea3a91698d51b18829e5768d0040e3d51c37b730794748b53d1215a86ce643698dbef3c2387f932f0ea199e443572c2329a1ab1aeba5aaedda1
SSDEEP

6144:rhKLmrXnGqLDcVABMPWj4Ida8qbas7XVhvYjXrH7GIDyMdfO:rhKyrXnGqhj4IvqpVzIWqG

Score

N/A

Malware Config

Signatures

Files

f3894cd8592b44d03e151bb44ebdb249e6d574184917b126974a7a88ce1579c5
.exe windows x86

1e5b5b7cc5c62492b249889963cc6fd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
SetLastError
lstrlenW
CreateFileW
GlobalFree
LocalFree
GetSystemDirectoryA
FormatMessageW
WriteConsoleW
OpenProcess
GenerateConsoleCtrlEvent
lstrcpyW
GetConsoleScreenBufferInfo
GetConsoleMode
WideCharToMultiByte
WaitForMultipleObjects
LoadLibraryW
GlobalFindAtomA
FormatMessageA
CreateFileA
QueryPerformanceCounter
SetConsoleWindowInfo
GetProcAddress
WriteFile
CreateEventW
IsDBCSLeadByte
GetModuleHandleA
GetStartupInfoA
lstrcpyA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
lstrcatA
GetComputerNameW
CloseHandle
CreateNamedPipeW
GlobalAlloc
WaitForSingleObject
GetCurrentThread
SetEnvironmentVariableW
AllocConsole
ReadFile
GetSystemDefaultLCID
SetErrorMode
GetTickCount
WriteConsoleInputA
SetUnhandledExceptionFilter
GetCurrentProcessId
SetConsoleScreenBufferSize
SetEnvironmentVariableA
LocalAlloc
GetSystemTimeAsFileTime
GetLocaleInfoW
SetHandleInformation
GetOverlappedResult
GetStdHandle
ReadConsoleOutputA
GetCurrentProcess
DuplicateHandle
ReadConsoleOutputW
VirtualFree
HeapAlloc
MultiByteToWideChar
GetCPInfo
GetModuleFileNameA
SetConsoleCtrlHandler
FreeLibrary
GetSystemDirectoryW
GetACP
LoadLibraryExW
GetLastError
HeapFree
GetConsoleCP
FreeConsole
GetExitCodeProcess
WriteConsoleInputW
CancelIo
GetProcessHeap
GetLocalTime

advapi32

FreeSid
GetAce
GetSidIdentifierAuthority
GetSecurityDescriptorLength
RegSetValueExW
DuplicateTokenEx
InitializeAcl
RegCreateKeyA
LsaClose
RegOpenKeyExW
LsaFreeMemory
LogonUserW
RegCreateKeyExW
GetSidSubAuthorityCount
DeregisterEventSource
MakeSelfRelativeSD
AdjustTokenPrivileges
LookupPrivilegeValueW
LsaQueryInformationPolicy
IsValidSid
ReportEventW
RegQueryValueExA
GetLengthSid
ImpersonateLoggedOnUser
RevertToSelf
CryptReleaseContext
GetSidSubAuthority
AddAccessAllowedAce
RegCloseKey
LsaOpenPolicy
CreateProcessAsUserW
RegQueryValueExW
CryptGenRandom
RegisterEventSourceW
LookupAccountNameW
SetSecurityDescriptorDacl
GetTokenInformation
OpenProcessToken
RegOpenKeyW
CryptAcquireContextW
OpenThreadToken
RegLoadKeyA
InitializeSecurityDescriptor
RegOpenKeyExA
RegSetKeySecurity
EqualSid
AllocateAndInitializeSid
LookupAccountSidW

msvcrt

malloc
sprintf
??3@YAXPAX@Z
wcscat
strrchr
_controlfp
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_initterm
wcsncat
memchr
_stricmp
__initenv
_cexit
_adjust_fdiv
_wcsnicmp
wcsrchr
__p__fmode
towlower
strtoul
wcsncpy
wcscmp
wcscpy
_snprintf
toupper
free
_c_exit
strchr
__getmainargs
_XcptFilter
_except_handler3
wcslen
_snwprintf
strncpy
memmove
isdigit
_exit
_itoa
wcschr
_strcmpi
_wcsicmp
calloc
??2@YAPAXI@Z
__setusermatherr

mpr

WNetCloseEnum
WNetAddConnection2W
WNetOpenEnumW
WNetEnumResourceW
WNetCancelConnection2W

shell32

SHGetFolderPathW

aclui

CreateSecurityPage
IID_ISecurityInformation
EditSecurity

netapi32

NetUserGetInfo
NetApiBufferFree
NetGetAnyDCName

ws2_32

WSASocketW

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e5b5b7cc5c62492b249889963cc6fd4

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

mpr

shell32

aclui

netapi32

ws2_32

Sections

.text Size: 123KB - Virtual size: 123KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 58KB - Virtual size: 57KB

.rsrc Size: 78KB - Virtual size: 78KB

.text
Size: 123KB - Virtual size: 123KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 78KB - Virtual size: 78KB