f4929db90cdee232e88c4ce53c9c98cace85e2a5e00aaa14e729579fa1379439

Sharing

Copy URL Twitter E-mail

General

Target

f4929db90cdee232e88c4ce53c9c98cace85e2a5e00aaa14e729579fa1379439
Size

220KB
MD5

3960739ea0e25729bfc164e70e373680
SHA1

f8b045a803f6598b175853fd1af27fc3601e693c
SHA256

f4929db90cdee232e88c4ce53c9c98cace85e2a5e00aaa14e729579fa1379439
SHA512

b7436b7d6b8eb50ba49519e2ddb796753c6d303a32fc3035f6ac5b4232b48683a05b6ce0864730e36b9c4bcf411eb654b5641ee6b366d7ed4fda973343bd476e
SSDEEP

3072:qZY+0drMEd1pEDY1XJIq7g+X/Sk7Iq3Rqd4PhguLhbYjs93RHK77ncoRi:+Y9rcDUPtX/SAIq3x4s93RH2c

Score

N/A

Malware Config

Signatures

Files

f4929db90cdee232e88c4ce53c9c98cace85e2a5e00aaa14e729579fa1379439
.exe windows x86

59121b4caf255611d09cc977867a4863

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
ReadFile
GetCurrentProcess
GetTickCount
Sleep
GetComputerNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
TerminateThread
DeleteCriticalSection
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetFileAttributesW
LoadLibraryW
FreeLibrary
GetModuleFileNameW
ExpandEnvironmentStringsW
WritePrivateProfileStringW
GetPrivateProfileStringW
SetCurrentDirectoryW
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceExW
CreateThread
FindFirstFileW
FindClose
GetLocaleInfoW
SetLastError
GetLastError
DeleteFileW
CreateDirectoryW
CreateFileW
GetCurrentThread
GetDateFormatW
GetTimeFormatW
GetTapeParameters
ReleaseMutex
CreateMutexW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
ReleaseSemaphore
CreateSemaphoreW
LocalFree
VerifyVersionInfoW
VerSetConditionMask
FindNextFileW

user32

LoadIconA
GetSysColor
GetSystemMetrics
LoadCursorA

msvcrt

realloc
malloc
free
wcsncpy
wcscmp
_wcsicmp
swscanf
wcsstr
_wcslwr
_ftol
wcschr
calloc
wcscat
_wcsupr
memmove
_CxxThrowException
wprintf
wcsncat
_snwprintf
wcspbrk
wcsncmp
_except_handler3
_local_unwind2
_wcsnicmp
_purecall
wcscpy
wcsrchr
wcslen
__CxxFrameHandler
swprintf
_wtoi
isalpha
localtime
_tzset
mktime
_putenv
_errno
fseek
_fdopen
_open_osfhandle
_wcsrev
_wcsdup
fflush
fread
_filelength
_getpid
_mbscpy
_mbslen
_wfopen
wcstok
_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_vsnwprintf
isspace
fclose
ftell
time
clearerr
fwrite

advapi32

RegOpenKeyExA
QueryServiceStatus
OpenServiceW
StartServiceW
GetUserNameW
RegisterEventSourceW
ReportEventW
GetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
SetSecurityDescriptorDacl
RegDeleteValueW
AddAccessAllowedAce
RegQueryValueExA
ReadEncryptedFileRaw
WriteEncryptedFileRaw
EnumDependentServicesW
ControlService
OpenEncryptedFileRawW
CloseEncryptedFileRaw
EncryptFileW
DecryptFileW
RegRestoreKeyW
RegLoadKeyW
RegFlushKey
RegUnLoadKeyW
RegReplaceKeyW
RegConnectRegistryW
InitializeAcl
GetAce
EqualSid
DeleteAce
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
CloseServiceHandle
OpenSCManagerW
RegOpenKeyW
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
LookupAccountSidW
GetTokenInformation
OpenThreadToken
RegSaveKeyW
SetFileSecurityW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59121b4caf255611d09cc977867a4863

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

Sections

.text Size: 16KB - Virtual size: 16KB

.text2 Size: 10KB - Virtual size: 9KB

.rdata Size: 123KB - Virtual size: 123KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.text2
Size: 10KB - Virtual size: 9KB

.rdata
Size: 123KB - Virtual size: 123KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 1KB - Virtual size: 1KB