659892c8a16db22e3ab74d52fc1d3a42910413b5355daf132d3cdad40c819132

Sharing

Copy URL Twitter E-mail

General

Target

659892c8a16db22e3ab74d52fc1d3a42910413b5355daf132d3cdad40c819132
Size

286KB
MD5

293f77ed5e6a9cb1e51ac5fdf861fac0
SHA1

14010d1175977e6986fec11b6ed7500f0a279df3
SHA256

659892c8a16db22e3ab74d52fc1d3a42910413b5355daf132d3cdad40c819132
SHA512

676e6800d9b27d405eaecf3e7b50950ae664e904cec7d60195671447d9cde76f22d0b412e661d9f67ea0cf7f71affe7affbe35ab4aa830674a329a89ca1f8026
SSDEEP

6144:zp7+L3yGB9GXDC/g//9QpgFQhtrTAwjDuQdOeEqUE+GKcEZVRIHK5qRgh:t7+L+DC/g//KpIQht7vuQdfExdwHK5qW

Score

N/A

Malware Config

Signatures

Files

659892c8a16db22e3ab74d52fc1d3a42910413b5355daf132d3cdad40c819132
.exe windows x86

3a5f3dc1a30046800e05fab4949fc458

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetPathFromIDListA
DoEnvironmentSubstW
ord179

kernel32

GetDevicePowerState
GetAtomNameA
GlobalUnlock
EnumResourceNamesA
DebugBreak
GetModuleHandleW
GetStringTypeExA
FormatMessageA
GetThreadPriority
ClearCommBreak
GetModuleHandleA
DisableThreadLibraryCalls
GetProcessAffinityMask
GlobalAlloc
BackupSeek
GetMailslotInfo
GetLargestConsoleWindowSize
GetModuleFileNameW
GetConsoleScreenBufferInfo
GetProfileStringA
BuildCommDCBAndTimeoutsA
GlobalAddAtomW
GetPrivateProfileStringA
GlobalFindAtomW
GetHandleInformation
GetSystemDefaultLangID
GetStartupInfoA
GetNumberFormatA
CreateDirectoryExA
GetThreadPriorityBoost
GetVersionExA
GetSystemPowerStatus
GetThreadSelectorEntry
CreateSemaphoreW
GetCommConfig
CreateDirectoryExW
GetNamedPipeHandleStateA
FatalExit
GetPrivateProfileSectionA
GetAtomNameW
DeleteFileA

advapi32

CreateProcessAsUserW
QueryServiceConfigW
SetAclInformation
RegSetValueA
GetEffectiveRightsFromAclW
AdjustTokenPrivileges
LookupSecurityDescriptorPartsW
GetMultipleTrusteeW
SetThreadToken
AreAnyAccessesGranted
BackupEventLogW
SetNamedSecurityInfoW
GetSidIdentifierAuthority
AllocateAndInitializeSid
CreateServiceA
RegQueryValueExW
NotifyChangeEventLog
EncryptFileW
GetSidSubAuthority
RegOpenKeyW
LsaEnumerateTrustedDomains
GetNamedSecurityInfoA
PrivilegeCheck
GetTrusteeNameA
LookupSecurityDescriptorPartsA
BuildTrusteeWithNameA
IsValidSecurityDescriptor
DecryptFileW
SetSecurityDescriptorOwner
PrivilegedServiceAuditAlarmA
CreatePrivateObjectSecurity
AreAllAccessesGranted
BackupEventLogA
RegRestoreKeyW
GetKernelObjectSecurity
RegDeleteValueA
RegisterEventSourceW
SetTokenInformation
MakeAbsoluteSD
RegEnumKeyA
BuildImpersonateExplicitAccessWithNameW
RegQueryValueA
ImpersonateSelf
LsaFreeMemory
GetSidLengthRequired
RegDeleteKeyW
RegDeleteValueW
RegFlushKey
GetUserNameW
AddAuditAccessAce
EqualSid
OpenBackupEventLogA

msvcrt

_controlfp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

user32

UpdateWindow
GetPropW
OemToCharA
ShowWindow

urlmon

HlinkGoForward
CoInternetCreateZoneManager
FindMediaTypeClass

resutils

ResUtilGetBinaryValue
ResUtilSetSzValue
ResUtilSetExpandSzValue
ResUtilGetResourceNameDependency
ResUtilGetDwordValue
ResUtilSetPrivatePropertyList
ResUtilStopResourceService

imm32

ImmAssociateContext
ImmGetIMEFileNameA
ImmSetCompositionFontW
ImmConfigureIMEW
ImmIsUIMessageA
ImmGetIMEFileNameW
ImmRegisterWordA
ImmSetOpenStatus
ImmGetGuideLineA
ImmGetCandidateWindow
ImmEnumRegisterWordA
ImmGetVirtualKey

gdi32

GetBitmapDimensionEx

oleacc

WindowFromAccessibleObject

ole32

OleCreateLinkToFile

oleaut32

VarBstrFromUI4
RevokeActiveObject
VarR8FromUI4
SafeArrayDestroyDescriptor

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a5f3dc1a30046800e05fab4949fc458

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

msvcrt

user32

urlmon

resutils

imm32

gdi32

oleacc

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 1.1MB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 1.1MB

.rsrc
Size: 4KB - Virtual size: 1KB