07246faa3165bc98e97e5335dd82595821ac686a1ddc6b50adb6bcf85aa07284

Sharing

Copy URL Twitter E-mail

General

Target

07246faa3165bc98e97e5335dd82595821ac686a1ddc6b50adb6bcf85aa07284
Size

108KB
MD5

1a0e22dc7e67eae4eef3ccf65c392290
SHA1

1f3d6926b081b2681d719566b64b53a985c1f0d7
SHA256

07246faa3165bc98e97e5335dd82595821ac686a1ddc6b50adb6bcf85aa07284
SHA512

914f63f5c2d380b898b220f53cab75c034f36a52b2323fbd96cf6dda7049656b4790f822b7eadd97d1eb7139343544e2607be14eb84eb276576703f8cbc7767c
SSDEEP

1536:ABje6vhXNqcOg0u/W1UMZ3jShDHs0vHlOx1bL5v4AbwHd4GnKc5VFwKOJd/DDor4:Aphcg0u/se7vH2F4AbwHf1VFwKO/YmB

Score

N/A

Malware Config

Signatures

Files

07246faa3165bc98e97e5335dd82595821ac686a1ddc6b50adb6bcf85aa07284
.exe windows x86

65da69c322bee29bc5e70779a230cac7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

advapi32

AddAce
InitializeAcl
GetSecurityDescriptorControl
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
InitializeSecurityDescriptor
GetLengthSid
IsValidSid
CopySid
GetAclInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
IsValidSecurityDescriptor
RegQueryValueExW
RegCloseKey
RegOpenKeyExW

kernel32

OutputDebugStringW
SearchPathW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
UnmapViewOfFile
GetLocaleInfoW
CreateFileMappingW
MapViewOfFile
LoadLibraryExW
SetLastError
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
OpenEventW
WaitForMultipleObjects
ExitProcess
LocalFree
SetEvent
GetCurrentThreadId
GetModuleHandleW
CreateEventW
CreateThread
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
GetFileAttributesW
GetModuleHandleExW
GetSystemWindowsDirectoryW
GetVersionExW
GetFullPathNameW
LoadLibraryW
GetSystemDirectoryW
CreateFileW
GetProcAddress
FreeLibrary
FindResourceExW
LoadResource
FormatMessageW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
RaiseException
WaitForSingleObject
CloseHandle
SetThreadUILanguage
GetCommandLineW
Sleep
GetLastError

user32

DispatchMessageW
TranslateMessage
GetMessageW
PostThreadMessageW
LoadStringW
UnregisterClassA

msvcrt

_write
_lseeki64
_fileno
__pioinfo
__badioinfo
ferror
wctomb
_itoa
_snprintf
_iob
_isatty
isleadbyte
__mb_cur_max
mbtowc
_controlfp
memmove
memcpy
_onexit
_lock
__dllonexit
_unlock
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__set_app_type
wcsncmp
_wcsnicmp
bsearch
_vsnwprintf
_vscprintf
_vscwprintf
wcschr
wcsrchr
_CxxThrowException
_purecall
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_callnewh
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
_errno
__CxxFrameHandler
_beginthreadex
_wcsicmp
memset
calloc
malloc
free

ntdll

RtlFreeHeap
RtlUnwind
RtlAllocateHeap

ole32

CoInitializeEx
CoUninitialize
CoSuspendClassObjects
CoInitializeSecurity
ProgIDFromCLSID
CoCreateInstance
CoRegisterClassObject
CLSIDFromString
CoRevokeClassObject
CoRegisterPSClsid
CoTaskMemFree

oleaut32

LoadTypeLi
LoadRegTypeLi
SysStringLen
CreateErrorInfo
SetErrorInfo
SysAllocString
SysFreeString
SysAllocStringLen

shell32

CommandLineToArgvW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kajzizq
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

65da69c322bee29bc5e70779a230cac7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

ntdll

ole32

oleaut32

shell32

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 1024B - Virtual size: 98KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 34KB - Virtual size: 35KB

kajzizq Size: - Virtual size: 4KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 1024B - Virtual size: 98KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 34KB - Virtual size: 35KB

kajzizq
Size: - Virtual size: 4KB