06a29e72f7cb0b2462032fa206edbeee41fcc1b2ab4ba5e0fc6e7a14fca92a34

Sharing

Copy URL Twitter E-mail

General

Target

06a29e72f7cb0b2462032fa206edbeee41fcc1b2ab4ba5e0fc6e7a14fca92a34
Size

1.0MB
MD5

122d70df4d08cd962154601b86f04e40
SHA1

bf90ae7949c459efbcef4497f552a0d21adfa62e
SHA256

06a29e72f7cb0b2462032fa206edbeee41fcc1b2ab4ba5e0fc6e7a14fca92a34
SHA512

54ed6a4ca245869d599ab3a3790659525139255af512b295a91aa1beabf83cf9d0cf53e43f9c18e5937018f3d23e3e09dee660ea62da7e088dbb54c1aec12244
SSDEEP

24576:YAfhZtpPYBmJ2FWveSW9P94WUALTF0NZ1/NqNI:pp1gFWvQ9POfNb/N3

Score

N/A

Malware Config

Signatures

Files

06a29e72f7cb0b2462032fa206edbeee41fcc1b2ab4ba5e0fc6e7a14fca92a34
.exe windows x86

2faf2d7adfe9ea0661b014d1d8dde23f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

CreateEventW
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
CreateProcessW
GetCommandLineW
ExpandEnvironmentStringsW
GetTempPathW
QueryPerformanceCounter
LoadLibraryW
SetErrorMode
MultiByteToWideChar
CreateFileW
DeleteFileW
ReadFile
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
MoveFileExW
LocalFree
LocalFileTimeToFileTime
Sleep
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetVersionExW
GetFileAttributesW
FindResourceW
LoadResource
LockResource
SetLastError
InterlockedExchange
InterlockedIncrement
OutputDebugStringW
GetTickCount
CopyFileW
GetFileSize
WriteFile
FindFirstFileW
FindClose
LoadLibraryExW
SizeofResource
lstrcmpiW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetEnvironmentVariableW
SetEnvironmentVariableW
FindNextFileW
OpenProcess
GetNativeSystemInfo
GetExitCodeThread
TerminateThread
CreateThread
GlobalFree
DuplicateHandle
FileTimeToSystemTime
DeviceIoControl
CreateFileA
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
GetSystemInfo
GetModuleFileNameA
IsDebuggerPresent
SetFilePointerEx
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
SystemTimeToFileTime
GetLocalTime
CloseHandle
WaitForMultipleObjects
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
SetUnhandledExceptionFilter
SetEnvironmentVariableA
RaiseException
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
GlobalMemoryStatusEx
GetProcAddress
FreeLibrary
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetCPInfo
CreateDirectoryW
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
ExitProcess
RtlUnwind
ExitThread
IsProcessorFeaturePresent
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
OutputDebugStringA
GetFileAttributesExW
GetDiskFreeSpaceA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
InterlockedDecrement
DecodePointer
SetStdHandle
WriteConsoleW
ReadConsoleW
GetSystemDirectoryW
FlushFileBuffers
HeapValidate
HeapCreate
GetFileAttributesA
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
UnlockFileEx
WaitForSingleObjectEx
LockFile
UnlockFile
GetStringTypeW
EncodePointer
GetFullPathNameW
GetFullPathNameA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
SetEndOfFile

user32

SendMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
GetMessageW
KillTimer
LoadStringW
PostThreadMessageW
FindWindowA
SendMessageTimeoutW
CreateWindowExW
SetWindowLongW
DestroyWindow
GetWindowLongW
PostMessageW
DefWindowProcW
CharNextW
IsWindow

advapi32

ChangeServiceConfigW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
OpenProcessToken
RegDeleteValueW
DuplicateTokenEx
CreateProcessAsUserW
GetTokenInformation
RegQueryValueExA
RegOpenKeyExA
QueryServiceConfigW
QueryServiceStatus
StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW
RegCloseKey

ole32

StringFromCLSID
CLSIDFromString
CoCreateInstance
CoReleaseServerProcess
CoAddRefServerProcess
CoUninitialize
CoInitialize

shell32

SHCreateDirectoryExW
ord171
ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
SHGetSpecialFolderPathW

shlwapi

SHGetValueW
PathAppendW
PathFileExistsW
SHSetValueW
SHDeleteKeyW
PathFindFileNameW
PathRemoveFileSpecW

ws2_32

closesocket

crypt32

CertNameToStrW
CertGetNameStringW
CryptBinaryToStringW
CryptProtectData
CryptUnprotectData

imagehlp

ImageGetCertificateHeader

netapi32

Netbios

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 818KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.crdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2faf2d7adfe9ea0661b014d1d8dde23f

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

advapi32

ole32

shell32

shlwapi

ws2_32

crypt32

imagehlp

netapi32

wtsapi32

userenv

Sections

.text Size: 818KB - Virtual size: 817KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 18KB - Virtual size: 43KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 29KB - Virtual size: 29KB

.crdata Size: 80KB - Virtual size: 80KB

.text
Size: 818KB - Virtual size: 817KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 18KB - Virtual size: 43KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 29KB - Virtual size: 29KB

.crdata
Size: 80KB - Virtual size: 80KB