0976e62fbb1a470bf3228eac365d6fc7d57d8afc168ae4bb31e512aa5b4bc883

Sharing

Copy URL Twitter E-mail

General

Target

0976e62fbb1a470bf3228eac365d6fc7d57d8afc168ae4bb31e512aa5b4bc883
Size

239KB
MD5

05a145784ea7c20570337218bd8d5540
SHA1

625c13443cb726b07cfb7a83cbca8c2f49e4be8b
SHA256

0976e62fbb1a470bf3228eac365d6fc7d57d8afc168ae4bb31e512aa5b4bc883
SHA512

6b896bddb9073c89e76beb6666967fc4145c937bc0ec3c25c78809f4dafd6b27e05a43edd910bbab01dc04a9fdd38912c62cfdc731be712175c8eb55ea4edcae
SSDEEP

6144:F5279l9NxFtrqHDNDeaD/3g9Slx/fHDAATPAB9hNdr:FEPx+XB0hr

Score

N/A

Malware Config

Signatures

Files

0976e62fbb1a470bf3228eac365d6fc7d57d8afc168ae4bb31e512aa5b4bc883
.exe windows x86

758ab9a83db4b5ef9c3694b454eb2621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegGetValueW
AdjustTokenPrivileges
PrivilegeCheck
LookupPrivilegeValueW
OpenProcessToken
OpenThreadToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegFlushKey
RegEnumValueW
RegOpenKeyExW

kernel32

GetLastError
GetProcAddress
LoadLibraryW
EnumUILanguagesW
HeapAlloc
GetProcessHeap
GetSystemTimeAsFileTime
GetFileTime
MoveFileExW
LoadLibraryExW
GetVersionExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemDirectoryW
IsValidLocale
CreateDirectoryW
GetFileAttributesW
RemoveDirectoryW
CreateMutexW
WaitForSingleObject
GetSystemWindowsDirectoryW
WriteFile
FlushFileBuffers
FreeLibrary
FlushViewOfFile
LocalFree
GetCurrentThread
GetDiskFreeSpaceExW
DeviceIoControl
GlobalMemoryStatusEx
ExpandEnvironmentStringsW
GetFileAttributesExW
SetFileAttributesW
CreateFileW
GetFileSizeEx
ReadFile
HeapFree
OpenFileMappingW
MapViewOfFile
SetLastError
UnmapViewOfFile
ReleaseMutex
CloseHandle
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
SystemTimeToFileTime
Sleep
InterlockedExchange
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
FreeResource
GetSystemPreferredUILanguages
GetSystemTime
GetSystemDefaultUILanguage
LCIDToLocaleName
GetProductInfo
CreateFileMappingW

msvcrt

bsearch
towlower
printf
_wcsupr
_wgetenv
wcsncmp
wcsrchr
_controlfp
_except_handler4_common
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
malloc
_callnewh
free
towupper
_wfopen_s
fgetws
fclose
??0exception@@QAE@XZ
_wcsicmp
_wcsnicmp
_wcsupr_s
__CxxFrameHandler3
wcsstr
swscanf
_CxxThrowException
wcstol
wcstoul
wcschr
memset
memcpy
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
memmove_s
memcpy_s
_vsnwprintf

ntdll

RtlReAllocateHeap
EtwEventUnregister
RtlGetSystemPreferredUILanguages
EtwEventEnabled
EtwEventWrite
RtlExpandEnvironmentStrings
RtlAllocateHeap
RtlFreeHeap
RtlInitUnicodeString
RtlHashUnicodeString
NtUnmapViewOfSection
RtlNtStatusToDosError
NtMapViewOfSection
RtlUnicodeStringToInteger
EtwEventRegister

netapi32

NetGetJoinInformation
NetApiBufferFree

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGELK
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ptrpdkd
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

758ab9a83db4b5ef9c3694b454eb2621

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

ntdll

netapi32

Sections

.text Size: 182KB - Virtual size: 182KB

PAGELK Size: 5KB - Virtual size: 5KB

.data Size: 15KB - Virtual size: 17KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 33KB - Virtual size: 33KB

ptrpdkd Size: - Virtual size: 4KB

.text
Size: 182KB - Virtual size: 182KB

PAGELK
Size: 5KB - Virtual size: 5KB

.data
Size: 15KB - Virtual size: 17KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 33KB - Virtual size: 33KB

ptrpdkd
Size: - Virtual size: 4KB