d1d6d7f5ae05f4684c5500b8cc3a8063a62a2e44667ab7fadf659364c875bf07

Sharing

Copy URL Twitter E-mail

General

Target

d1d6d7f5ae05f4684c5500b8cc3a8063a62a2e44667ab7fadf659364c875bf07
Size

281KB
MD5

0d5d6c6dae7d3123925aac17c731d8f0
SHA1

7211365711c6fb9d1d9e80c4c11ad5372a4b9c65
SHA256

d1d6d7f5ae05f4684c5500b8cc3a8063a62a2e44667ab7fadf659364c875bf07
SHA512

019bdfe2c134b1823e68c42a5c8d3b7d3a1101b678e68b3c19ccb8b310da511ca692b1381292e22ce316e31b65d72350e23ec4109db24b5ead5dd30a88851aa2
SSDEEP

6144:EDOPvkeTkeieZXbMnb0F648hXVu7ryf1s4eb+4fMm/B4A:ENlHelwb0F648NVz/4fMmOA

Score

N/A

Malware Config

Signatures

Files

d1d6d7f5ae05f4684c5500b8cc3a8063a62a2e44667ab7fadf659364c875bf07
.exe windows x86

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2

rpcrt4

UuidCreate

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
InitializeSecurityDescriptor

ws2_32

WSCInstallProvider
WSACleanup
WSCGetProviderPath
WSCWriteProviderOrder
WSAStartup
WSCDeinstallProvider
WSCEnumProtocols

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapReAlloc
ReadFile
EnumSystemLocalesA
GetSystemDirectoryA
HeapDestroy
CloseHandle
HeapFree
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
GetOEMCP
SetEndOfFile
GetConsoleOutputCP
VirtualAlloc
WriteFile
SetUnhandledExceptionFilter
GetCommandLineA
SetStdHandle
TlsGetValue
CreateFileA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetStdHandle
SetLastError
GetModuleHandleW
VirtualFree
SetHandleCount
GetConsoleCP
IsValidCodePage
WriteConsoleW
GetFileType
SetFilePointer
FreeEnvironmentStringsW
GetTimeFormatA
EnterCriticalSection
WriteConsoleA
HeapAlloc
TlsSetValue
GetUserDefaultLCID
LeaveCriticalSection
RtlUnwind
LCMapStringA
RaiseException
GetTempPathA
GetSystemTime
ExpandEnvironmentStringsA
GetACP
TlsFree
FreeEnvironmentStringsA
HeapSize
GetConsoleMode
SystemTimeToFileTime
FreeLibrary
IsDebuggerPresent
LCMapStringW
IsValidLocale
GetProcessHeap
TlsAlloc
FileTimeToSystemTime
GetCurrentThreadId
DeleteCriticalSection
VirtualAllocEx

esent

JetCreateIndex
JetGetLS
JetSetColumnDefaultValue
JetDelete
JetInit2
JetDupCursor
JetCreateDatabase2
JetGetDatabaseFileInfo
JetOSSnapshotFreeze
JetCloseFileInstance
JetGetTableColumnInfo
JetBackupInstance
JetTerm
JetGetInstanceInfo
JetCloseDatabase
JetPrepareToCommitTransaction
JetUpgradeDatabase
JetOSSnapshotThaw
JetGetSecondaryIndexBookmark
JetRestore

compstui

GetCPSUIUserData
CommonPropertySheetUIW
SetCPSUIUserData

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

Imports

ole32

rpcrt4

advapi32

ws2_32

kernel32

esent

compstui

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 249KB - Virtual size: 936KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 249KB - Virtual size: 936KB

.rsrc
Size: 5KB - Virtual size: 5KB