68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a

Sharing

Copy URL

Twitter E-mail

General

Target

68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
Size

928KB
MD5

a7f3a1d52cc2de6019139933a5c73f5a
SHA1

e282ad147afa6af460615e2fc666614232bbcd59
SHA256

68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
SHA512

950017d766594fe469e61609acf8e3ff5f8a112122a75cace7133f739f49903a1c6488f7ff287d3bfa34af28210a50767f1c9838868a733bddaad52b83c10374
SSDEEP

12288:ozGVd4SVkPXaPtEqDYzVfeL81riSpeVGWPKhSEXbYGh9DQbPGfgn:yCCbOttkzVC4XpeVGWPKpEGv0bOIn

Score

N/A

Malware Config

Signatures

Files

68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
.exe windows x86

7a532bcdd651d9d4ca8517a17137a1ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
CreateFileW
GetStringTypeExW
GetUserDefaultLCID
SetThreadExecutionState
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
SetThreadAffinityMask
GetDateFormatW
SetProcessAffinityMask
GetProcessWorkingSetSize
CreateNamedPipeW
GetSystemDefaultLCID
PostQueuedCompletionStatus
OpenThread
FindResourceExA
GetNumberOfConsoleInputEvents
GetStringTypeA
CreateTimerQueue
GetStringTypeW
CreateDirectoryExA
CreateJobObjectA
GetProfileStringA
GetTapeStatus
GetProcessVersion
DeleteTimerQueueEx
DnsHostnameToComputerNameW
ProcessIdToSessionId
GetConsoleWindow
GetSystemDirectoryA
EnumCalendarInfoExW
SetCurrentDirectoryW
GetVolumePathNameA
GetConsoleAliasW
GetCurrencyFormatA
PrepareTape
CreateSemaphoreA
GetProfileSectionW
ResetEvent
GetProfileIntW
SetConsoleCtrlHandler
FoldStringW
MoveFileWithProgressW
GetFileType
FindFirstFileA
CopyFileA
GetPrivateProfileIntW
FindResourceW
SetSystemTimeAdjustment
ReadFile
GetCPInfoExA
FlushConsoleInputBuffer
GetBinaryTypeA
Module32FirstW
CopyFileExA
CopyFileExW
ContinueDebugEvent
CreateFileMappingW
DuplicateHandle
GetProcAddress
GetVersion
GetConsoleAliasExesLengthA
GetSystemDirectoryW
GetEnvironmentStrings
IsValidCodePage
OpenMutexA
GetStdHandle
GetProcessTimes
EnumCalendarInfoW
DeleteTimerQueue
GetFileSizeEx
DeleteVolumeMountPointA
GetCurrentThread
GetFileSize
GetSystemWindowsDirectoryW
SetConsoleOutputCP
GetConsoleMode
DeviceIoControl
DeleteAtom
GetPrivateProfileStringW
GetSystemDefaultLangID
CreateNamedPipeA
GetVolumePathNameW
SetFileAttributesA
DefineDosDeviceA
MoveFileWithProgressA
IsDBCSLeadByteEx
ReleaseSemaphore
ExpandEnvironmentStringsA
VerifyVersionInfoW
OpenFileMappingW
GetCPInfoExW
CreateTapePartition
FindFirstVolumeA
OpenEventA
GetVolumeInformationA
SetConsoleActiveScreenBuffer
MapUserPhysicalPagesScatter
GetTempPathW
GetPrivateProfileStructW
SetComputerNameExW
SetTapePosition
FreeUserPhysicalPages
BindIoCompletionCallback
GetConsoleCP
PeekNamedPipe
GetLongPathNameW
GetLocaleInfoA
SetConsoleCP
GetDevicePowerState
EnumCalendarInfoA
CreateEventA
GetProfileSectionA
OpenMutexW
CreateDirectoryExW
EnumCalendarInfoExA
LCMapStringW
ChangeTimerQueueTimer
VirtualAlloc
SetConsoleMode
DnsHostnameToComputerNameA
ExpandEnvironmentStringsW
FoldStringA
GetTimeFormatA
SwitchToThread
GetModuleFileNameA
CreateMutexA
GetDiskFreeSpaceExW
ReleaseMutex
GetPriorityClass
GetPrivateProfileStructA
Module32NextW
SetFileTime
SetLocaleInfoW
GetDiskFreeSpaceExA
CreateMutexW
GetCurrencyFormatW
GetFileAttributesExA
SetConsoleTextAttribute
SearchPathA
FormatMessageA
GetThreadContext
OpenSemaphoreA
FindResourceExW
LoadResource
GetDiskFreeSpaceA
GetLogicalDriveStringsA
AssignProcessToJobObject
GetModuleHandleA
CreateFileMappingA
SetLocaleInfoA
GetConsoleAliasExesW
SetNamedPipeHandleState
GetAtomNameA
GetWindowsDirectoryA
GetLogicalDrives
CreateWaitableTimerA
SetPriorityClass
GetCompressedFileSizeA
CreateHardLinkW
FreeEnvironmentStringsW
GetProfileIntA
SetEnvironmentVariableA
GetCPInfo
GetConsoleAliasesA
OpenWaitableTimerW
SetInformationJobObject
FlushInstructionCache
SetUnhandledExceptionFilter
Module32Next
AddAtomA
GetFileTime
GetPrivateProfileSectionA
GetShortPathNameW
GetFileAttributesExW
GetOEMCP
CompareStringW
SetEvent
GetModuleFileNameW
CreateDirectoryW
ReadDirectoryChangesW
SetThreadLocale
SetHandleInformation
GetDiskFreeSpaceW
QueryInformationJobObject
GetSystemWindowsDirectoryA
GetProcessPriorityBoost
GetNamedPipeHandleStateA
FindNextChangeNotification
GetProcessAffinityMask
FindVolumeClose
SetSystemPowerState
FindFirstFileExA
FindFirstVolumeMountPointA
DefineDosDeviceW
GetWindowsDirectoryW
MapUserPhysicalPages
Module32First
ConvertThreadToFiber
GetDateFormatA
SetMailslotInfo
GetShortPathNameA
SetCalendarInfoA
GetTimeFormatW
GetConsoleCursorInfo
CreateEventW
ReplaceFileA
SetThreadIdealProcessor
GetPrivateProfileSectionNamesW
GetConsoleAliasExesLengthW
LCMapStringA
CreateMailslotW
SetThreadPriorityBoost
GetEnvironmentVariableA
GetConsoleScreenBufferInfo
GetACP
SetThreadPriority
SetFileAttributesW
SetComputerNameExA
GetBinaryTypeW
CancelWaitableTimer
GetPrivateProfileIntA
Toolhelp32ReadProcessMemory
GetNumberFormatA
OpenSemaphoreW
FlushFileBuffers
FreeConsole
MapViewOfFileEx
SetVolumeMountPointA
FreeEnvironmentStringsA
CreateToolhelp32Snapshot
CreateWaitableTimerW
GetMailslotInfo
GetConsoleAliasesW
CopyFileW
AddAtomW
GetCalendarInfoA
GetUserDefaultLangID
OpenWaitableTimerA
SetStdHandle
GetCurrentConsoleFont
GetPrivateProfileSectionNamesA
FormatMessageW
GetHandleInformation
SetThreadContext
GetDriveTypeW
ReplaceFileW
GetConsoleAliasExesA
CompareStringA
GetLongPathNameA
SetProcessWorkingSetSize
ResetWriteWatch
CreateJobObjectW
GetAtomNameW
SetErrorMode
SetCurrentDirectoryA
DeleteTimerQueueTimer
WideCharToMultiByte
FlushViewOfFile
GetCurrentDirectoryA
ConvertDefaultLocale
HeapReAlloc
HeapAlloc
GetFileInformationByHandle
DosDateTimeToFileTime
GetLocaleInfoW
FindFirstVolumeW
GetThreadTimes
SetProcessPriorityBoost
ReadProcessMemory
GetModuleHandleW
AreFileApisANSI
EraseTape
GetPrivateProfileSectionW
CreateSemaphoreW
GetNumberFormatW
GetFullPathNameW
GetSystemDefaultUILanguage
GetProcessIoCounters
FindVolumeMountPointClose
FindAtomA
OpenFileMappingA
SetTapeParameters
OpenProcess
GetEnvironmentVariableW
GetPrivateProfileStringA
SetWaitableTimer
MultiByteToWideChar
GetUserDefaultUILanguage
MapViewOfFile
IsSystemResumeAutomatic
GetConsoleAliasA
GetVolumeNameForVolumeMountPointA
CancelIo
FindResourceA
OpenJobObjectW
VerSetConditionMask
FindAtomW
SetConsoleDisplayMode
GetCalendarInfoW
GetCompressedFileSizeW
CreateIoCompletionPort
SetCalendarInfoW
GetVolumeInformationW
CreateDirectoryA
GetFileAttributesW
OpenJobObjectA
SetEndOfFile
GetLogicalDriveStringsW
GetTempPathA
GetConsoleOutputCP
GetFileAttributesA
GetNamedPipeHandleStateW
GetNamedPipeInfo
DisconnectNamedPipe
GetThreadPriority
CreateHardLinkA
OpenEventW
CreateMailslotA
GetCurrentProcess
GetProfileStringW
GetCommandLineA
HeapSetInformation
ExitProcess
DecodePointer
WriteFile
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapFree
Sleep
RtlUnwind
HeapSize
IsProcessorFeaturePresent

user32

IsCharAlphaA

advapi32

RegisterEventSourceW
RegNotifyChangeKeyValue
OpenServiceA
GetSidLengthRequired
RegDeleteValueA
GetSecurityDescriptorDacl
LsaQueryInformationPolicy
AllocateAndInitializeSid
RegQueryInfoKeyW
InitializeSecurityDescriptor
OpenSCManagerA
QueryServiceConfigW
SetSecurityDescriptorOwner
RegCreateKeyExW
CheckTokenMembership
RegSetValueExA
RegEnumKeyExA
CloseServiceHandle
OpenServiceW
RegQueryInfoKeyA
CryptAcquireContextW
CryptAcquireContextA
GetLengthSid
RegDeleteKeyW
SetSecurityDescriptorGroup
EqualSid
CryptReleaseContext
LsaClose
InitializeAcl
RegDeleteValueW
RegEnumValueA
RegDeleteKeyA
AddAce
CryptHashData
DeregisterEventSource
LsaOpenPolicy
ReportEventW
RegCloseKey
RegSetKeySecurity
OpenSCManagerW
SetServiceStatus
StartServiceW
CryptDestroyKey
RegEnumValueW
RegCreateKeyExA
IsValidSid
RegEnumKeyExW
CryptGenRandom
ChangeServiceConfigW
AddAccessAllowedAce
RegEnumKeyA
GetSecurityDescriptorLength
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
GetAclInformation
ControlService

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a532bcdd651d9d4ca8517a17137a1ad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 197KB - Virtual size: 197KB

.rdata Size: 616KB - Virtual size: 616KB

.data Size: 94KB - Virtual size: 429KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 197KB - Virtual size: 197KB

.rdata
Size: 616KB - Virtual size: 616KB

.data
Size: 94KB - Virtual size: 429KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 14KB - Virtual size: 14KB