772a6eb598526a15effe2a8ee89c12c088d74c2140cfd2410fa94c909412fe59

Sharing

Copy URL Twitter E-mail

General

Target

772a6eb598526a15effe2a8ee89c12c088d74c2140cfd2410fa94c909412fe59
Size

841KB
MD5

bd70dd63f93b961df3314b42aaf38280
SHA1

46609ef85f4d864a87f27d6fbad7171d7ea6315a
SHA256

772a6eb598526a15effe2a8ee89c12c088d74c2140cfd2410fa94c909412fe59
SHA512

ebefb878aabb59997f62262f1b2e67e7dd84602fa43e71d271bc0125bce0d34a6919905540521f4a3a2f864d15e17f0eaf78303394f30adbb144b3b30f6072bd
SSDEEP

12288:gfMWSYjSC3Lb+Cii8PAk8IGvyjiLVN6DGdXsOfn/CaAwE0TmyYD:gJhV7b+CiiOD8cj6oGdHKC69

Score

N/A

Malware Config

Signatures

Files

772a6eb598526a15effe2a8ee89c12c088d74c2140cfd2410fa94c909412fe59
.exe windows x86

161156bbeace312df3825834a069bb29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetCurrentDirectoryA
GetEnvironmentStrings
SetInformationJobObject
GetPrivateProfileSectionNamesA
FreeEnvironmentStringsW
GetPriorityClass
VerifyVersionInfoW
OpenJobObjectW
SetConsoleTextAttribute
DosDateTimeToFileTime
GetConsoleAliasExesLengthA
CreateTapePartition
GetConsoleWindow
GetACP
FlushFileBuffers
CompareStringA
GetProcessPriorityBoost
WideCharToMultiByte
FoldStringW
AddAtomA
GetConsoleAliasesW
FlushViewOfFile
GetConsoleMode
ReadProcessMemory
GetCurrentThread
GetNamedPipeInfo
LCMapStringA
ChangeTimerQueueTimer
VerSetConditionMask
GetSystemDefaultLCID
VirtualAlloc
SetMailslotInfo
CreateSemaphoreW
GetCurrencyFormatW
GetVolumeInformationA
SetThreadLocale
GetProfileStringW
CreateWaitableTimerW
GetSystemWindowsDirectoryW
SetPriorityClass
GetStdHandle
DuplicateHandle
CreateMutexA
GetDateFormatW
CreateHardLinkA
ExpandEnvironmentStringsW
CancelIo
GetCurrentProcess
MapUserPhysicalPages
GetModuleFileNameW
ResetWriteWatch
OpenEventW
GetNamedPipeHandleStateA
GetDiskFreeSpaceExA
GetProfileIntW
CreateJobObjectW
GetEnvironmentVariableA
OpenEventA
GetFileAttributesW
Module32First
GetStringTypeW
MultiByteToWideChar
GetTimeFormatA
GetProcessWorkingSetSize
DeleteTimerQueueTimer
GetModuleHandleA
GetVolumeInformationW
DeleteTimerQueue
SetProcessWorkingSetSize
FindFirstFileA
GetFullPathNameA
OpenWaitableTimerW
FindFirstVolumeMountPointA
GetModuleHandleW
SetThreadPriorityBoost
FormatMessageW
CreateToolhelp32Snapshot
GetProcAddress
CreateEventW
SetConsoleOutputCP
GetPrivateProfileSectionW
CreateSemaphoreA
DnsHostnameToComputerNameA
SetThreadPriority
SetErrorMode
GetProfileStringA
Module32NextW
CancelWaitableTimer
OpenJobObjectA
GetPrivateProfileIntW
GetFileSizeEx
GetProfileIntA
SetConsoleCtrlHandler
GetEnvironmentVariableW
GetCommandLineA
HeapSetInformation
SetUnhandledExceptionFilter
ExitProcess
DecodePointer
WriteFile
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapFree
Sleep
GetCPInfo
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
HeapAlloc
HeapReAlloc
LCMapStringW
IsProcessorFeaturePresent

user32

RedrawWindow

advapi32

RegOpenKeyA
RegEnumKeyA
CheckTokenMembership
GetSecurityDescriptorDacl
RegCreateKeyW
AllocateAndInitializeSid
QueryServiceStatus
RegQueryValueExW
IsValidSid
RegQueryValueW
LookupAccountNameW
OpenProcessToken
CryptDestroyHash
RegEnumKeyW
LsaClose
DuplicateTokenEx
RegOpenKeyExW
RegSetValueW
MakeSelfRelativeSD
GetSecurityDescriptorGroup
StartServiceA
CryptAcquireContextW
GetSecurityDescriptorSacl
GetSidSubAuthority
RegQueryInfoKeyW
StartServiceW
RegCreateKeyExA
RegCloseKey
RegFlushKey
SetThreadToken
OpenThreadToken

Sections

.text
Size: 808KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

161156bbeace312df3825834a069bb29

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 808KB - Virtual size: 808KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 13KB - Virtual size: 351KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 808KB - Virtual size: 808KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 13KB - Virtual size: 351KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB