1700c6a806e2510c2377e91cd5789ac22345333338c9d5beb48292224990eb26

Sharing

Copy URL

Twitter E-mail

General

Target

1700c6a806e2510c2377e91cd5789ac22345333338c9d5beb48292224990eb26
Size

888KB
MD5

389c101ea64c55a707742d74df34f25f
SHA1

f443eaceb719e082fd7f9696cfe4b8e984c10d3d
SHA256

1700c6a806e2510c2377e91cd5789ac22345333338c9d5beb48292224990eb26
SHA512

c161646a1abf82b0864eadf745da2558644e90e21fc6051a5c3be8f804ef819d9bb1595e754683fc478c9c69806a6131f0f2560876ec00b6c5c59bb4d2fa14ab
SSDEEP

12288:ooo1KQDKIzfOHljzugV+Gt3r8oxNk2DtgPgyNSlsuoBsx+xgq55A3SEWVaT9ol:o1KQDK5x9hW0tgPg9alGxWbU37tal

Score

N/A

Malware Config

Signatures

Files

1700c6a806e2510c2377e91cd5789ac22345333338c9d5beb48292224990eb26
.exe windows x86

b6ac3b3f9d9c4ea3366ece66c743586f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
TerminateThread
GetEnvironmentVariableW
GetFileTime
CreateMutexW
OpenFileMappingW
GetShortPathNameA
FindAtomA
HeapReAlloc
HeapAlloc
lstrcpyA
MultiByteToWideChar
LCMapStringW
HeapSize
RtlUnwind
Sleep
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
GetSystemDirectoryA
GetConsoleAliasW
GetCommandLineA
GetPrivateProfileSectionNamesA
AddAtomA
SetStdHandle
FreeEnvironmentStringsA
MoveFileW
GetUserDefaultUILanguage
ExpandEnvironmentStringsW
GetNumberFormatA
FindAtomW
AreFileApisANSI
Toolhelp32ReadProcessMemory
ReplaceFileW
FindFirstVolumeA
GetCurrentDirectoryA
GetSystemDefaultLangID
GetThreadLocale
OpenWaitableTimerA
GetConsoleMode
VirtualAlloc
PrepareTape
GetDiskFreeSpaceExW
CreateDirectoryExA
GetStringTypeW
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
IsProcessorFeaturePresent

rpcrt4

NdrStubCall
NdrAllocate
UuidCreate
RpcBindingInqAuthInfoA
RpcErrorLoadErrorInfo
MesEncodeIncrementalHandleCreate
RpcServerUnregisterIf
RpcSsGetContextBinding
RpcBindingSetAuthInfoW
NdrClientCall2

user32

GetAltTabInfoA

advapi32

IsValidSid
OpenServiceA
RegOpenKeyA
RegDeleteKeyA
DuplicateTokenEx
AdjustTokenPrivileges
StartServiceW
GetSidLengthRequired
RegNotifyChangeKeyValue
CryptAcquireContextA
RegCreateKeyExA
GetAclInformation
AddAuditAccessAce
RegSetValueW
RegQueryInfoKeyA
LsaFreeMemory
RegCreateKeyExW
GetSidIdentifierAuthority
RegSetKeySecurity
RegQueryMultipleValuesA
SetKernelObjectSecurity
GetSidSubAuthority
GetCurrentHwProfileA
GetTokenInformation
AddAccessAllowedAce
GetSidSubAuthorityCount

shell32

SHBindToParent
SHFileOperationW
SHGetSpecialFolderPathW
SHBrowseForFolderW
CommandLineToArgvW
SHGetFileInfoW
SHGetDesktopFolder
ShellExecuteExW
SHGetMalloc

Sections

.text
Size: 743KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6ac3b3f9d9c4ea3366ece66c743586f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

advapi32

shell32

Sections

.text Size: 743KB - Virtual size: 742KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 90KB - Virtual size: 350KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 743KB - Virtual size: 742KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 90KB - Virtual size: 350KB

.rsrc
Size: 43KB - Virtual size: 42KB