a48b2c8a0bb48a461453b1807431c1551a048cc42857fdb6b8388b30ebd7277a

Sharing

Copy URL Twitter E-mail

General

Target

a48b2c8a0bb48a461453b1807431c1551a048cc42857fdb6b8388b30ebd7277a
Size

692KB
MD5

43375f843a1f4921f6b6e5475ea7cd66
SHA1

b2f0bea6ad4bf9c4ff87082f60a9da9e030f4e8c
SHA256

a48b2c8a0bb48a461453b1807431c1551a048cc42857fdb6b8388b30ebd7277a
SHA512

fddbd350ea4f3da8a2e474ba36df2c37f742317b11ed0903bf24d33848b695dc0bee6d56d637e794a42427eabf616afcf53824e446c3ac1d65336c8525edeeeb
SSDEEP

3072:lfSBL07JGTGT9hqpYg54UKUpYU6t1SPk6/B57IxsRmyElykD:lqyNGaBhqTzK2YUGS86/j7lRmyYD

Score

N/A

Malware Config

Signatures

Files

a48b2c8a0bb48a461453b1807431c1551a048cc42857fdb6b8388b30ebd7277a
.exe windows x86

67b265d7e8deac7875f7f7790dc298c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddUsersToEncryptedFile
ChangeServiceConfig2W
ChangeServiceConfigW
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateServiceW
DeregisterEventSource
GetSecurityDescriptorDacl
LsaEnumerateAccounts
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
QueryServiceLockStatusA
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegSetValueW
RegisterEventSourceW
ReportEventW
SetSecurityInfo
StartServiceW
SystemFunction010

gdi32

RemoveFontResourceExW

kernel32

VirtualAlloc
CloseHandle
CompareStringW
CreateFileA
CreateJobObjectA
CreateMutexA
CreateProcessW
ExpandEnvironmentStringsA
FillConsoleOutputAttribute
FlushFileBuffers
FreeLibrary
GetCPInfoExW
GetConsoleOutputCP
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetSystemDirectoryW
GetVolumeNameForVolumeMountPointA
HeapLock
LoadLibraryW
LocalAlloc
LocalFree
PurgeComm
ReleaseMutex
ResumeThread
SetConsoleMode
SetFilePointerEx
SetUnhandledExceptionFilter
Sleep
TerminateProcess
Toolhelp32ReadProcessMemory
UnhandledExceptionFilter
VerifyVersionInfoW
WaitForSingleObject
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynA
lstrcpynW
lstrlenW
ExitProcess
GetModuleHandleA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
GetFileInformationByHandle
PeekNamedPipe
GetFileType
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapAlloc
SetStdHandle
SetHandleCount
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
CompareStringA
MultiByteToWideChar
RaiseException
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
HeapSize
InterlockedExchange
VirtualQuery
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualProtect
GetSystemInfo
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
SetConsoleCtrlHandler
SetEnvironmentVariableA

ole32

StgGetIFillLockBytesOnFile
STGMEDIUM_UserUnmarshal
CoUninitialize
CoInitialize
CoCreateInstance

rpcrt4

NdrServerInitializeUnmarshall
NdrConformantVaryingArrayMemorySize
I_RpcSsDontSerializeContext
RpcCancelThread

user32

SetPropA
SetWindowLongW
ShowWindow
OffsetRect
SendDlgItemMessageW
CharUpperBuffA
CharPrevExA
CopyAcceleratorTableA
CreateWindowStationA
GetDlgItem
IsCharAlphaA
LoadStringW

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67b265d7e8deac7875f7f7790dc298c8

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

rpcrt4

user32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 488KB - Virtual size: 498KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 488KB - Virtual size: 498KB