f5d1c93379372a2d8b9529a08fcc2b50188b4808822552d5ccfdbba617e4e962

Sharing

Copy URL

Twitter E-mail

General

Target

f5d1c93379372a2d8b9529a08fcc2b50188b4808822552d5ccfdbba617e4e962
Size

402KB
MD5

05c03d5fb94d7dbdbfb4b63fe3717871
SHA1

6b0262729c5db5d43136a9f563d7562d5abd4dce
SHA256

f5d1c93379372a2d8b9529a08fcc2b50188b4808822552d5ccfdbba617e4e962
SHA512

a44daa53adf62903df5b35d8e0c05c981f9997e730825cfeb1ebfa02552176f510d1157105e8efee6e1c2034fbbc70ac76553a3b2319cd674baedb291dd33031
SSDEEP

6144:TCPmgvo/NP+Wnr4qN9Hw81mY3khrUySQeuRnmKFaNas6kCA29+ex6A/25n:TCBvQNPRnrNC8Z2UySFu5TLx6A/an

Score

N/A

Malware Config

Signatures

Files

f5d1c93379372a2d8b9529a08fcc2b50188b4808822552d5ccfdbba617e4e962
.exe windows x86

805b31615d80e55f3609722ebaf2e3d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
QueryServiceStatus
LookupAccountSidA
PrivilegeCheck
GetSecurityDescriptorLength
IsValidSecurityDescriptor
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorSacl
MakeAbsoluteSD
SetSecurityDescriptorDacl
MakeSelfRelativeSD
GetLengthSid
InitializeAcl
AddAccessAllowedAce
AddAccessDeniedAce
GetAce
GetUserNameA
AllocateAndInitializeSid
GetSidLengthRequired
CopySid
FreeSid
LookupAccountNameA
LookupAccountSidW
IsValidSid
EqualSid
RegConnectRegistryA
RegSetKeySecurity
RegCreateKeyA
DuplicateToken
RegOpenKeyA
RegQueryValueExA
RegEnumValueA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
CreateServiceA
ChangeServiceConfigA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
DeleteService
RegEnumKeyExA
OpenThreadToken
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetThreadToken
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyA

kernel32

HeapCreate
DuplicateHandle
MapViewOfFile
CreateFileMappingA
GetExitCodeProcess
CreateProcessW
GetStartupInfoA
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
HeapSize
VirtualAlloc
ExitProcess
RtlUnwind
HeapReAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsFree
TlsSetValue
TlsGetValue
IsBadWritePtr
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetEndOfFile
lstrcpyA
HeapDestroy
GetCurrentThreadId
InterlockedIncrement
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
CloseHandle
RaiseException
WaitForSingleObject
GetLastError
CreateEventA
SetEvent
OpenEventA
TerminateThread
CreateThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
GetComputerNameA
WideCharToMultiByte
lstrlenW
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GetProcessHeap
lstrcmpiA
UnmapViewOfFile
lstrcatA
LocalFree
FormatMessageA
GetFileAttributesA
GetCurrentThread
lstrcpynA
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentProcessId
SetErrorMode
GetPrivateProfileStringA
OpenProcess
TerminateProcess
GetProcessTimes
CreateDirectoryA
GetProfileStringA
WritePrivateProfileStringA
WriteProfileStringA
GetPrivateProfileSectionNamesA
ResumeThread
HeapFree
LocalAlloc
GetVersion
GetTickCount
CreateProcessA
LockResource
SetEnvironmentVariableA
GetSystemDirectoryA
ReleaseMutex
CreateMutexA
GetModuleHandleW
FindClose
FindFirstFileA
LocalSize
ReadFile
SetFilePointer
CreateFileA
SetLastError
ReadProcessMemory
FindResourceExA
CompareStringA
CompareStringW
TlsAlloc

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoDisconnectObject
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstanceEx
CoRegisterClassObject
CoSetProxyBlanket
CoQueryProxyBlanket
CLSIDFromString
StringFromCLSID
StringFromIID
IIDFromString
CoGetClassObject
CoGetCallContext
CoRevokeClassObject
CoRevertToSelf
CoCreateGuid
CoImpersonateClient
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SafeArrayCreate

rpcrt4

RpcStringFreeA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall
RpcBindingSetAuthInfoA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA

shlwapi

PathFindExtensionA

user32

UnregisterClassA
wsprintfW
CharUpperA
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
SetForegroundWindow
EndDialog
EnableWindow
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
IsDlgButtonChecked
PostThreadMessageA
KillTimer
GetMessageA
SetTimer
PeekMessageA
SetWindowLongA
CharNextA
MessageBoxA
LoadStringA
DialogBoxParamA
DispatchMessageA
RegisterWindowMessageA
wsprintfA
GetWindowLongA
SendMessageA
CheckDlgButton
GetDlgItemInt
GetDlgItemTextA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

805b31615d80e55f3609722ebaf2e3d9

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

rpcrt4

shell32

shlwapi

user32

version

Sections

.text Size: 276KB - Virtual size: 275KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 276KB - Virtual size: 275KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 104KB - Virtual size: 104KB