7ce5a791dff3a9d47a47c0ebbc516f710909d2b282ac6e6b29bd1e3c1ef0062d

Sharing

Copy URL Twitter E-mail

General

Target

7ce5a791dff3a9d47a47c0ebbc516f710909d2b282ac6e6b29bd1e3c1ef0062d
Size

86KB
MD5

71c096b6822cd51a59c2676635f0d941
SHA1

15754d71192cb01e236efb0e90fdd58f6365b3a0
SHA256

7ce5a791dff3a9d47a47c0ebbc516f710909d2b282ac6e6b29bd1e3c1ef0062d
SHA512

1d2dc6569a4b10775f0a97ab12dffe44eba688c2464b4032fed019288372a8b2e60ae7b094b97773acd187b61f2ba5f6e56071f4761b2b0bde8bd782d8b3ee3d
SSDEEP

1536:98KFi0cfAMN8smZlpMnxljqh9CSTBAI8+pgNis8WZk15ws0XqpDqb32JAnB2:9fi02AMKsupMfj7STBAF+GZcTwUpGb3o

Score

N/A

Malware Config

Signatures

Files

7ce5a791dff3a9d47a47c0ebbc516f710909d2b282ac6e6b29bd1e3c1ef0062d
.exe windows x86

8fffd5cc6cf437b0bc1136c32f0e2495

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
CreateMutexA
WriteProfileSectionW
RemoveDirectoryW
GetCommandLineA
HeapValidate
VirtualAlloc
GetSystemDefaultLangID
IsDBCSLeadByteEx
WriteFileEx
GetStartupInfoA
GetPrivateProfileIntW
GetPrivateProfileStructA
CreateThread
AddAtomW
RequestWakeupLatency
GetConsoleScreenBufferInfo
GetQueuedCompletionStatus
DisconnectNamedPipe
GetMailslotInfo
SetMessageWaitingIndicator
GetSystemDirectoryA
WaitForSingleObjectEx
ClearCommBreak
SetFileApisToOEM
FormatMessageA
GetProfileSectionA
CreateSemaphoreW
UpdateResourceA
GetSystemDefaultLCID
WriteConsoleOutputW
GlobalFindAtomW
lstrcmpA
FindResourceW
OpenMutexA
SetMailslotInfo
GetVersionExA
CreateEventA
GetShortPathNameW
GetPrivateProfileSectionW
GetFullPathNameA
GetSystemDirectoryW
ReadConsoleOutputA
GlobalWire
VirtualProtect
SystemTimeToTzSpecificLocalTime
GetFileAttributesExW
CreateConsoleScreenBuffer
WaitNamedPipeW
CommConfigDialogW
GetAtomNameW
Sleep
GetDiskFreeSpaceA
WaitForDebugEvent
LocalLock
GetFileAttributesW
IsBadHugeWritePtr
SetThreadAffinityMask
GetPriorityClass
SetTimeZoneInformation
CopyFileExW
GetThreadPriority
GetStartupInfoW
AllocConsole
FormatMessageW
SetComputerNameA
LoadResource
OpenProcess
FileTimeToDosDateTime
GetSystemTime
ReadProcessMemory
GetEnvironmentStrings
GetCurrentProcess
LocalSize
FileTimeToLocalFileTime
DuplicateHandle
BuildCommDCBW
GetCommProperties
GetCompressedFileSizeW
DeleteFileW
QueueUserAPC
GetTapeStatus
SetErrorMode
SetDefaultCommConfigA
TransactNamedPipe
ReadConsoleOutputAttribute
OpenSemaphoreA
lstrcmpi
GetConsoleCP
ReadFileEx
HeapWalk
WriteProfileStringW
EnumResourceTypesW
LCMapStringA
GetLocaleInfoW
WritePrivateProfileSectionA
WriteProfileStringA
OpenFile
GetProfileIntW
GetLogicalDriveStringsA
GetLastError
BuildCommDCBA
GetFileSize
EnumResourceTypesA
BuildCommDCBAndTimeoutsW
CancelWaitableTimer
LCMapStringW
GetSystemPowerStatus
SetProcessAffinityMask
GetFileType
GetStringTypeW
ReadConsoleInputW
GetHandleInformation
RtlFillMemory
CreateEventW
FreeEnvironmentStringsA
RemoveDirectoryA
WriteConsoleInputW
OpenMutexW
FoldStringA
GetCPInfoExW
BackupSeek
GetProcAddress
WriteProfileSectionA
ReadDirectoryChangesW
CreateDirectoryExW
GetPrivateProfileSectionNamesW
GetConsoleCursorInfo
GetStdHandle
UnmapViewOfFile
EraseTape
RequestDeviceWakeup
GlobalMemoryStatus
CompareFileTime
GetVersion

ole32

CreateBindCtx
PropVariantCopy
CoUnmarshalInterface
RegisterDragDrop
OleConvertIStorageToOLESTREAM
ReadClassStm
WriteStringStream
OleIsCurrentClipboard
OleSetMenuDescriptor
OleGetIconOfClass
WriteOleStg
OleRegEnumFormatEtc
StgGetIFillLockBytesOnILockBytes
OleDuplicateData
OleLoadFromStream
OleGetClipboard
OleDraw
ReadStringStream
CreateDataAdviseHolder
StgIsStorageILockBytes
CoReleaseMarshalData
StgCreateDocfileOnILockBytes
CoMarshalHresult
CoRevokeMallocSpy
CoGetCallerTID
OleCreateLinkEx
CoGetCurrentProcess
OleCreateStaticFromData
UtGetDvtd16Info
CoDisconnectObject
CoIsOle1Class
CoGetInstanceFromIStorage
StgCreateStorageEx
CoDosDateTimeToFileTime
CoImpersonateClient
ReleaseStgMedium
OleCreateEmbeddingHelper
CoGetInstanceFromFile
CoTaskMemRealloc
OleCreateFromFile
CoSetProxyBlanket
SetConvertStg
OleInitialize
CoGetCurrentLogicalThreadId
CLSIDFromProgID
UtConvertDvtd16toDvtd32
StringFromIID
CreateObjrefMoniker
CoSuspendClassObjects
OleCreateLinkToFileEx
CoCreateGuid
CoGetStandardMarshal
GetHookInterface
CreateGenericComposite
GetClassFile
MonikerRelativePathTo
OleCreateEx
ReadOleStg
OleCreateDefaultHandler
OleNoteObjectVisible
OleSave
PropVariantClear
CreateAntiMoniker
OleRun
OleGetAutoConvert
CoInitializeEx
CoTaskMemFree
OleCreateLinkFromDataEx
DllDebugObjectRPCHook
OleCreateFromDataEx
OleRegEnumVerbs
OleCreateLinkToFile
OpenOrCreateStream
CLSIDFromString
OleCreateLinkFromData
StgOpenAsyncDocfileOnIFillLockBytes
ReadFmtUserTypeStg
CreateStreamOnHGlobal
OleSetContainedObject
CoAddRefServerProcess
StringFromGUID2
ProgIDFromCLSID
CoRegisterPSClsid
IIDFromString
CoFileTimeNow
CoSwitchCallContext
OleRegGetMiscStatus
OleGetIconOfFile
OleDestroyMenuDescriptor
CoUnmarshalHresult
CoFreeUnusedLibraries
MonikerCommonPrefixWith
FreePropVariantArray
StgSetTimes

user32

GetClipboardFormatNameA
DefWindowProcA
SetWindowLongW
EnumThreadWindows
SwitchDesktop
SendMessageTimeoutW
TranslateAcceleratorA
DdeQueryStringW
CheckMenuItem
SetScrollPos
DrawFrameControl
CreateAcceleratorTableW
GetClassInfoExA
SetUserObjectInformationA
DefFrameProcW
GetMenuItemCount
RegisterClipboardFormatW
UnhookWindowsHookEx
WinHelpW
DrawIconEx
ChangeDisplaySettingsExA
SetMessageExtraInfo
GetMenuInfo
SendMessageCallbackA
DrawAnimatedRects
OemToCharA
CharUpperBuffA
MonitorFromPoint
DdeGetData
GetDlgItemTextW
OpenInputDesktop
FindWindowA
GetWindowThreadProcessId
MessageBoxIndirectA
LoadCursorA
GetScrollInfo
CreateWindowStationA
CreateDesktopW
GetScrollPos
GetClipboardViewer
GetSubMenu
OpenClipboard
SetClassLongA
SetMenuDefaultItem
GetMenuItemID
IsDialogMessageA
SetClassWord
CreateAcceleratorTableA
GetKeyNameTextA
SetMenu
RealChildWindowFromPoint
DdeUnaccessData
RegisterClipboardFormatA
PostMessageA
DefWindowProcW
SetFocus
ReleaseDC
EnumPropsA
SendIMEMessageExW
GetDlgItemTextA
GetWindowModuleFileNameW
SetClipboardData
SystemParametersInfoA
GetForegroundWindow
DdeQueryConvInfo
EnableWindow
ScrollWindowEx
WindowFromDC
EqualRect
GetSystemMetrics
LoadAcceleratorsW
MessageBoxW
RemovePropW
MessageBoxExA
LoadMenuIndirectA
InvalidateRgn
GetKeyState
CreateCursor
PostMessageW
CharLowerBuffW
GetMenuStringW
WinHelpA
HiliteMenuItem
SetSysColors
AttachThreadInput
GetCaretPos
GetKeyNameTextW
EnumClipboardFormats
GetKeyboardLayoutList
DlgDirListComboBoxW
RedrawWindow
SetDlgItemTextW
SendInput
InsertMenuW
EndMenu
GetClassLongA
TranslateAcceleratorW
InSendMessage
DdeSetQualityOfService
SetLastErrorEx
BringWindowToTop
SetUserObjectSecurity
DdeNameService
AnyPopup
EnumDesktopsW
FindWindowExA
CloseWindowStation
UpdateWindow
EnumWindowStationsW
UnpackDDElParam
DestroyAcceleratorTable
GetWindowModuleFileNameA
CallWindowProcA
ScrollDC
CharUpperW
GrayStringA
GetMessageW
VkKeyScanExW
SetWindowRgn
RealGetWindowClass
FillRect
LoadBitmapA
CloseClipboard
GetPropA
GetClipCursor
MapVirtualKeyA
CreateMenu
CreatePopupMenu
EnumPropsExW
PostQuitMessage
CreateDialogParamA
DialogBoxIndirectParamW
SetMessageQueue

shlwapi

SHGetValueA
StrNCatA
wvnsprintfW
PathStripToRootW
StrRChrA
PathSearchAndQualifyW
StrToIntA
StrRetToBufW
ColorHLSToRGB
PathIsRelativeW
PathIsUNCServerShareA
SHRegGetBoolUSValueA
StrDupA
PathAddBackslashW
PathFindSuffixArrayA
SHRegEnumUSKeyA
StrCmpNW
PathIsRootW
SHDeleteValueW
StrCpyW
PathUnquoteSpacesA
StrTrimA
StrPBrkA
StrNCatW
PathCanonicalizeA
UrlGetPartW
PathFindFileNameA
PathIsSystemFolderA
SHCreateStreamOnFileA
PathFindExtensionA
SHCopyKeyA
PathUnmakeSystemFolderW
wnsprintfA
SHDeleteValueA
ColorAdjustLuma
PathStripPathW
PathAppendA
PathUnmakeSystemFolderA
PathIsPrefixA
PathRemoveExtensionW
SHRegCreateUSKeyA
StrCatBuffA
UrlEscapeW
StrCSpnIA
UrlCreateFromPathW
PathIsUNCA
SHRegSetUSValueA
StrToIntExW
UrlCreateFromPathA
SHRegWriteUSValueW
PathIsNetworkPathA
PathIsContentTypeW
PathGetArgsA
SHCreateShellPalette
SHRegSetUSValueW
PathParseIconLocationA
UrlUnescapeA
PathGetArgsW
SHRegDeleteEmptyUSKeyW
PathRemoveArgsA
SHRegGetUSValueW
AssocQueryKeyA
PathIsLFNFileSpecW
PathUnquoteSpacesW
SHQueryInfoKeyW
PathBuildRootA
PathCreateFromUrlW
StrToIntW
StrStrW
SHRegEnumUSValueW
SHDeleteKeyA
SHRegEnumUSKeyW
PathAddExtensionW
SHQueryValueExA
UrlIsOpaqueA
UrlHashA
PathRelativePathToW
PathAppendW
StrChrW
SHRegGetBoolUSValueW
SHRegCloseUSKey
StrChrIA
StrRetToStrA
UrlApplySchemeW
UrlHashW
UrlGetLocationA
SHRegQueryUSValueA
AssocQueryStringByKeyW
SHEnumValueW
SHEnumKeyExW
StrFromTimeIntervalA
PathUndecorateA
StrCmpNIW
PathIsFileSpecA
PathIsUNCW
StrRetToBufA
UrlIsOpaqueW
SHSkipJunction
StrCatW
wnsprintfW
PathIsLFNFileSpecA
SHCopyKeyW
SHRegOpenUSKeyW
PathRemoveBackslashW
SHOpenRegStream2A
UrlCanonicalizeA
SHGetThreadRef
SHRegQueryInfoUSKeyA
StrChrIW
SHEnumValueA
UrlEscapeA
PathCanonicalizeW
UrlCombineA
PathIsUNCServerA
ChrCmpIW
PathGetCharTypeW
PathFindNextComponentW
SHAutoComplete
PathIsUNCServerShareW
PathMakePrettyA

advapi32

GetEffectiveRightsFromAclW
RegConnectRegistryA
SetNamedSecurityInfoExA
ConvertSecurityDescriptorToAccessA
RegQueryInfoKeyA
SetSecurityInfoExW
LogonUserA
CryptGetDefaultProviderW
RegEnumKeyExA
CryptEnumProvidersA
UnlockServiceDatabase
InitializeSid
BuildTrusteeWithNameA
CryptDestroyKey
BuildImpersonateExplicitAccessWithNameA
OpenBackupEventLogA
RegDeleteValueA
BuildTrusteeWithNameW
SetEntriesInAuditListW
MakeAbsoluteSD
CryptDeriveKey
GetCurrentHwProfileW
AddAccessAllowedAce
OpenServiceW
SetFileSecurityA
RegDeleteKeyA
SetSecurityDescriptorSacl
BuildTrusteeWithSidW
GetSidSubAuthority
CreateServiceW
RegReplaceKeyA
CryptEnumProviderTypesW
GetTrusteeNameW
GetAccessPermissionsForObjectW
EqualPrefixSid
CryptDecrypt
GetOldestEventLogRecord
CryptHashSessionKey
GetKernelObjectSecurity
NotifyBootConfigStatus
RegOpenKeyExW
OpenServiceA
GetUserNameW
NotifyChangeEventLog
RegCreateKeyExW
GetAuditedPermissionsFromAclA
DestroyPrivateObjectSecurity
BuildExplicitAccessWithNameW
QueryServiceConfigW
ReportEventW
OpenProcessToken
CryptSetProviderW
LookupPrivilegeValueA
SetAclInformation
SetPrivateObjectSecurity
DuplicateTokenEx
GetSecurityDescriptorSacl
RegRestoreKeyA
StartServiceCtrlDispatcherW
LookupAccountSidA
CryptSignHashA
PrivilegeCheck
CryptExportKey
SetEntriesInAccessListA
GetMultipleTrusteeOperationW
InitiateSystemShutdownA
RegGetKeySecurity
RegEnumValueA
ControlService
GetSecurityDescriptorControl
RegCreateKeyW
BuildSecurityDescriptorA
OpenSCManagerW
BackupEventLogA
GetSecurityInfoExW
IsValidSid
BuildSecurityDescriptorW
AdjustTokenGroups
GetSecurityDescriptorGroup
LookupPrivilegeValueW
GetSecurityDescriptorLength
LookupPrivilegeNameW
SetSecurityInfoExA
GetPrivateObjectSecurity
RegDeleteValueW
ObjectOpenAuditAlarmW
AllocateAndInitializeSid
CryptSetProviderExW
RegConnectRegistryW
StartServiceA
ConvertSecurityDescriptorToAccessNamedA
CreatePrivateObjectSecurity
CryptEnumProviderTypesA
InitializeAcl
SetSecurityDescriptorDacl
GetNamedSecurityInfoExW
RegOpenKeyA
AccessCheck
CreateProcessAsUserA
CryptReleaseContext
CryptSetProvParam
ObjectPrivilegeAuditAlarmA
CryptGenKey
FreeSid
RegisterEventSourceA
OpenEventLogW
CryptHashData
ConvertSecurityDescriptorToAccessW

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 323B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fffd5cc6cf437b0bc1136c32f0e2495

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

advapi32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 323B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 323B