7f7bee0d00806dafd3547df14e02aa2620159066c0e255de699ce4c916870a9c

Sharing

Copy URL

Twitter E-mail

General

Target

7f7bee0d00806dafd3547df14e02aa2620159066c0e255de699ce4c916870a9c
Size

92KB
MD5

fd230fcdb20b4d41afcbe5b5319fd7a5
SHA1

170248daa0c956daf78ba5cc5620efb8e62a31b5
SHA256

7f7bee0d00806dafd3547df14e02aa2620159066c0e255de699ce4c916870a9c
SHA512

f24086e6ee6dfaee8db38bb8561e9c49409a3110a313e005459847f24c020088f75d7d0be327e14a030a106edb27fce7ae76e9c3855626f2394b7ca8957cc019
SSDEEP

1536:bWXkhEmu+dMi2o7knxlD9yZAXXhNdCVlR3x4KhHW4tuVX7lQy8/py+EiMuK6+wgL:yXmEL2MisMAXXhNdCVl5x4Kh24tiaVE9

Score

N/A

Malware Config

Signatures

Files

7f7bee0d00806dafd3547df14e02aa2620159066c0e255de699ce4c916870a9c
.exe windows x86

681a7458e1b00d9e086f265acd7fd73f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrConformantStructBufferSize
NdrAsyncServerCall
CStdStubBuffer_CountRefs
NDRSContextMarshallEx
MesHandleFree
CreateStubFromTypeInfo
NDRcopy
NdrByteCountPointerUnmarshall
NdrAllocate
DceErrorInqTextW
MesDecodeIncrementalHandleCreate
NdrByteCountPointerFree
MesBufferHandleReset
MesInqProcEncodingId
NDRCContextMarshall
NdrByteCountPointerBufferSize
NDRCContextBinding

shell32

DragAcceptFiles
SHChangeNotifyRegister
DAD_DragLeave
DragFinish
DllGetClassObject
DllRegisterServer
RestartDialog
DAD_DragEnterEx
SHCoCreateInstance
Shell_GetImageLists
PathResolve
DriveType
PickIconDlg
PifMgr_OpenProperties
IsNetDrive
SHDefExtractIconW
SHChangeNotifyDeregister
Shell_GetCachedImageIndex
DllUnregisterServer
DllGetVersion
DllCanUnloadNow
DllInstall
Shell_MergeMenus
PathQualify
DAD_DragMove
SHILCreateFromPath
SHStartNetConnectionDialogW
SHGetSetSettings
IsLFNDrive
GetFileNameFromBrowse

olecli32

OleEqual
OleCopyFromLink
OleSetBounds
OleLoadFromStream
OleCopyToClipboard
OleQueryType
OleCreateFromClip
OleSaveToStream
OleQueryCreateFromClip
OleSetTargetDevice
OleDelete
OleClone
OleCreateLinkFromClip
OleQueryLinkFromClip
OleSetHostNames

oleaut32

SysAllocStringLen
SysStringByteLen
VariantCopy
LoadTypeLibEx
RegisterTypeLib
SafeArrayGetElement
SysFreeString
SafeArrayPutElement
SafeArrayGetUBound
VariantInit
SafeArrayUnaccessData
SafeArrayCreate
SysReAllocStringLen
CreateErrorInfo
GetActiveObject
SysAllocStringByteLen
VariantChangeTypeEx
SetErrorInfo
GetErrorInfo
VariantClear
SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayAccessData
LoadTypeLib
SafeArrayGetLBound
OleLoadPicture
SysStringLen

user32

GetDlgItem
GetDC
GetWindowRect
GetSystemMetrics
ShowWindow
EndDialog
EnableWindow
TranslateMessage
GetClientRect
ReleaseDC
MessageBoxA
LoadStringW

advapi32

OpenProcessToken
AllocateAndInitializeSid
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueExA
FreeSid
RegQueryValueExW
RegCreateKeyExA
RegEnumValueW
RegOpenKeyExW
OpenThreadToken
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExW
RegDeleteValueW
InitializeSecurityDescriptor
CloseServiceHandle
RegEnumKeyExW
RegEnumKeyExA
RegDeleteKeyW
GetTokenInformation
RegSetValueExW
RegQueryInfoKeyW

ole32

CoCreateInstanceEx
CoDisableCallCancellation
CLIPFORMAT_UserFree
OleGetClipboard
CLIPFORMAT_UserUnmarshal
CLIPFORMAT_UserMarshal
CoAllowSetForegroundWindow
CLSIDFromString
CLIPFORMAT_UserSize
CLSIDFromProgID
CoCreateGuid
CoCreateInstance
CoAddRefServerProcess
CoCopyProxy
OleInitialize
WriteFmtUserTypeStg
OleSetClipboard
CoCreateObjectInContext
CoCancelCall
CLSIDFromProgIDEx

gdi32

CreateRectRgn
UnrealizeObject
CreateDIBitmap
SelectObject
GetSystemPaletteEntries
CreatePen
SelectPalette
GetObjectA
RestoreDC
GetTextMetricsA
SetTextColor
ExtTextOutA
MoveToEx
DeleteObject
SaveDC
CreateFontIndirectA
RealizePalette
CreateSolidBrush
SelectClipRgn
DeleteDC
LineTo
GetDeviceCaps
GetStockObject
SetBkColor
BitBlt
CreatePalette

crypt32

CertAddCTLLinkToStore

ws2_32

WSAGetLastError
recv
connect
accept
socket
send
WSAStartup

version

VerQueryValueW
GetFileVersionInfoSizeW

rsaenh

CPEncrypt
CPSetHashParam
CPImportKey
CPSetKeyParam
CPGenKey
DllRegisterServer
CPGetProvParam
CPGetKeyParam
CPDestroyHash
CPDestroyKey
CPGetUserKey
CPExportKey
CPHashData
CPDuplicateKey
CPGenRandom
CPDeriveKey
CPSetProvParam
CPGetHashParam
DllUnregisterServer
CPReleaseContext
CPDuplicateHash
CPHashSessionKey
CPDecrypt
CPSignHash
CPCreateHash

oleacc

AccessibleObjectFromEvent
WindowFromAccessibleObject
DllGetClassObject
CreateStdAccessibleObject
LIBID_Accessibility
AccessibleObjectFromPoint
LresultFromObject
DllUnregisterServer
CreateStdAccessibleProxyA
GetStateTextW
GetOleaccVersionInfo
GetRoleTextW
IID_IAccessible
IID_IAccessibleHandler
GetRoleTextA
GetStateTextA
CreateStdAccessibleProxyW
DllCanUnloadNow
AccessibleObjectFromWindow
AccessibleChildren
ObjectFromLresult

kernel32

GetConsoleOutputCP
LCMapStringA
ReadFile
GetFullPathNameA
GetThreadPriority
FormatMessageA
SearchPathA
GetCommandLineA
GetCurrentDirectoryA
DefineDosDeviceA
EnterCriticalSection
GetConsoleMode
GlobalLock
TlsSetValue
GetFileType
CreateThread
SetUnhandledExceptionFilter
MoveFileA
CompareFileTime
DeleteFileA
GetComputerNameA
SetConsoleTitleA
FreeLibrary
OpenProcess
CreateDirectoryA
SetConsoleTextAttribute
SetStdHandle
MapViewOfFile
GetCompressedFileSizeA
GetTempPathA
PeekConsoleInputW
CreateFileMappingA
MoveFileExA
GetCurrentProcessId
GetFileAttributesA
InitializeCriticalSection
GetLogicalDrives
ResumeThread
FlushConsoleInputBuffer
GetStartupInfoA
LoadLibraryExA
GetConsoleScreenBufferInfo
RaiseException
FindFirstFileA
CreateMutexA
ReadConsoleInputA
GetConsoleTitleA
SetFileApisToANSI
GetTickCount
VirtualFree
GetSystemTime
IsBadWritePtr
SetErrorMode
GetModuleHandleW
GetProcessHeap
SetFileApisToOEM
CopyFileA
CloseHandle
GlobalUnlock
SystemTimeToFileTime
WriteConsoleW
HeapSize
GetStringTypeW
SetFileAttributesA
SetConsoleCursorPosition
Sleep
GetFileSize
SetThreadPriority
ExitProcess
WriteConsoleOutputA
ExpandEnvironmentStringsA
GetEnvironmentVariableA
TlsAlloc
FindFirstChangeNotificationA
GetProcAddress
SetEnvironmentVariableA
IsBadCodePtr
TerminateProcess
WaitForMultipleObjects
GetFileTime
GetShortPathNameA
GetACP
GetNumberFormatA
FreeEnvironmentStringsW
VirtualProtect
GetEnvironmentStringsW
SetConsoleMode
SetEndOfFile
FreeEnvironmentStringsA
SetHandleCount
SetLastError
GetVersionExA
IsValidCodePage
LocalFileTimeToFileTime
TlsFree
ReadConsoleW
SetConsoleCP
GetFileInformationByHandle
GetCurrentThreadId
VirtualQuery
InterlockedIncrement
ExitThread
WriteConsoleOutputW
VirtualAlloc
GetLastError
FileTimeToSystemTime
LeaveCriticalSection
PeekConsoleInputA
HeapCreate
SetFilePointer
LoadLibraryA
SetConsoleScreenBufferSize
WriteProcessMemory
SetConsoleCtrlHandler
FindClose
GetStringTypeA
RemoveDirectoryA
AllocConsole
IsBadReadPtr
ReadConsoleA
GlobalMemoryStatus
WideCharToMultiByte
FileTimeToDosDateTime
WriteConsoleInputW
GetLargestConsoleWindowSize
FlushFileBuffers
GetLocalTime
GetModuleFileNameA
SetCurrentDirectoryA
BackupWrite
UnmapViewOfFile
SetFileTime
DeviceIoControl
GetCPInfo
GetConsoleCursorInfo
RtlUnwind
CompareStringA
LCMapStringW
HeapAlloc
ReleaseMutex
HeapDestroy
SetConsoleActiveScreenBuffer
QueryPerformanceCounter
GlobalFree
FreeConsole
WriteConsoleInputA
FindCloseChangeNotification
CreateProcessA
WaitForSingleObject
SetConsoleWindowInfo
ReadConsoleOutputA
GetVolumeInformationA
UnhandledExceptionFilter
IsDebuggerPresent
lstrlenW
FileTimeToLocalFileTime
WriteConsoleA
FindNextFileA
GetLocaleInfoA
GetCurrentThread
QueryDosDeviceA
WriteFile
GetConsoleCP
ReadConsoleInputW
ReadConsoleOutputW
CreateFileW
SetConsoleOutputCP
InterlockedDecrement
DeleteCriticalSection
GetCurrentProcess
SetConsoleCursorInfo
GetModuleHandleA
lstrcmpiA
lstrlenA
CompareStringW
GetSystemTimeAsFileTime
GetOEMCP
GetEnvironmentStrings
GetStdHandle
CreateFileA
GetDriveTypeA
TlsGetValue
GlobalAlloc
GetTimeZoneInformation
MultiByteToWideChar
HeapReAlloc
GetDiskFreeSpaceA
HeapFree

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 41KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

681a7458e1b00d9e086f265acd7fd73f

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

shell32

olecli32

oleaut32

user32

advapi32

ole32

gdi32

crypt32

ws2_32

version

rsaenh

oleacc

kernel32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 41KB - Virtual size: 120KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 41KB - Virtual size: 120KB

.rsrc
Size: 34KB - Virtual size: 34KB