7d9b3308843b7bc0cb23e907b0374caa94c7860d0472c4e25c2a7012bb16fb34

Sharing

Copy URL Twitter E-mail

General

Target

7d9b3308843b7bc0cb23e907b0374caa94c7860d0472c4e25c2a7012bb16fb34
Size

966KB
MD5

e0f6ff1df69cadef2e29afc89b3a0441
SHA1

d0628c564d43a446a5bdd6810cad034b9047b280
SHA256

7d9b3308843b7bc0cb23e907b0374caa94c7860d0472c4e25c2a7012bb16fb34
SHA512

f702d591def9458ad2155076a7245602372595322b3c439eb6b4059d02e5946f7fc15db81e199139d2882b29a7fba739e3a32acc65c74aa94bd93b0670b980db
SSDEEP

12288:Uv8VCLJXhljAyl1yzLKSEm75YBSyFASdjnAipzlhMl5Clznas+1JmR:U0kZHZUV7SiGRMnmB+1JmR

Score

N/A

Malware Config

Signatures

Files

7d9b3308843b7bc0cb23e907b0374caa94c7860d0472c4e25c2a7012bb16fb34
.exe windows x86

e94d9297d306566b9f974106a33806f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstVolumeW
GetCPInfoExW
GetFileSizeEx
OpenWaitableTimerW
EraseTape
CreateHardLinkA
CopyFileExA
MapViewOfFileEx
DeviceIoControl
CreateSemaphoreW
GetProcessTimes
FindResourceA
FreeEnvironmentStringsA
FindResourceExW
CreateFileW
GetWindowsDirectoryW
DefineDosDeviceA
GetSystemDefaultLCID
ChangeTimerQueueTimer
GetVolumePathNameA
SetEndOfFile
GetModuleFileNameW
CreateMutexA
GetBinaryTypeW
SetHandleInformation
EnumCalendarInfoA
GetNumberFormatW
VerifyVersionInfoW
GetHandleInformation
GetSystemWindowsDirectoryW
ReplaceFileW
CreateWaitableTimerW
GetCurrentConsoleFont
CreateDirectoryExW
ResetWriteWatch
GetMailslotInfo
FlushConsoleInputBuffer
FormatMessageA
FindAtomA
FreeEnvironmentStringsW
AddAtomW
SetConsoleOutputCP
ReplaceFileA
GetProfileSectionW
GetDevicePowerState
GetAtomNameA
SetTapeParameters
GetProfileIntW
GetCurrentProcess
GetTempPathA
AddAtomA
CreateWaitableTimerA
CreateMailslotW
SetComputerNameExW
GetLogicalDrives
OpenEventW
SetComputerNameExA
GetProcAddress
GetProcessWorkingSetSize
DefineDosDeviceW
ContinueDebugEvent
GetFullPathNameA
GetTimeFormatA
SetConsoleMode
FormatMessageW
SetCurrentDirectoryW
GetConsoleCP
SetConsoleActiveScreenBuffer
QueryInformationJobObject
GetPrivateProfileStructA
AreFileApisANSI
GetEnvironmentStrings
FlushInstructionCache
FindFirstFileA
CreateTapePartition
ReadFile
CompareStringA
OpenWaitableTimerA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetConsoleOutputCP
OpenFileMappingW
ConvertThreadToFiber
OpenJobObjectA
Module32FirstW
SetThreadIdealProcessor
AssignProcessToJobObject
ReadDirectoryChangesW
PeekNamedPipe
SearchPathA
SetConsoleCP
FreeUserPhysicalPages
SetThreadAffinityMask
ReleaseSemaphore
OpenEventA
GetConsoleCursorInfo
ConvertDefaultLocale
CreateDirectoryExA
LCMapStringW
Toolhelp32ReadProcessMemory
EnumCalendarInfoW
GetLogicalDriveStringsA
CreateFileMappingA
DeleteTimerQueueTimer
GetNamedPipeHandleStateW
MultiByteToWideChar
GetSystemDefaultLangID
GetStringTypeExA
GetConsoleAliasA
CreateSemaphoreA
GetProfileSectionA
SetLocaleInfoW
GetDriveTypeW
SetThreadPriorityBoost
CopyFileExW
GetCPInfoExA
CreateTimerQueue
OpenSemaphoreA
GetVolumeInformationW
GetLongPathNameA
GetSystemDirectoryA
GetNamedPipeHandleStateA
CopyFileA
GetEnvironmentVariableA
SetThreadPriority
FoldStringW
ReadProcessMemory
DosDateTimeToFileTime
ExpandEnvironmentStringsA
CreateJobObjectA
GetCurrentDirectoryA
GetCompressedFileSizeW
EnumCalendarInfoExW
DnsHostnameToComputerNameW
Module32First
GetThreadPriority
CancelWaitableTimer
MapUserPhysicalPagesScatter
SwitchToThread
GetStringTypeW
MapViewOfFile
GetFileAttributesExA
SetConsoleDisplayMode
OpenJobObjectW
ReleaseMutex
SetUnhandledExceptionFilter
GetPrivateProfileSectionNamesW
FindResourceW
MoveFileWithProgressW
GetACP
GetProfileStringA
GetPrivateProfileStringA
CreateMutexW
OpenFileMappingA
FlushViewOfFile
GetDiskFreeSpaceA
SetSystemTimeAdjustment
GetOEMCP
SetErrorMode
OpenMutexA
BindIoCompletionCallback
GetProcessAffinityMask
GetConsoleAliasExesLengthW
FlushFileBuffers
GetConsoleWindow
DeleteAtom
GetNamedPipeInfo
GetTempPathW
SetThreadExecutionState
GetProcessVersion
SetThreadLocale
CreateMailslotA
GetFileInformationByHandle
GetConsoleAliasesW
FoldStringA
DeleteVolumeMountPointA
CompareStringW
GetSystemWindowsDirectoryA
EnumCalendarInfoExA
IsValidCodePage
GetCurrencyFormatA
GetFileAttributesA
Module32Next
Module32NextW
GetVolumeNameForVolumeMountPointA
IsSystemResumeAutomatic
SetLocaleInfoA
GetCommandLineA
GetConsoleAliasExesA
GetCalendarInfoA
MapUserPhysicalPages
TerminateThread
LockFile
LCMapStringA
CompareFileTime
lstrcpynW
FindFirstVolumeMountPointA
GetConsoleAliasExesW
SetConsoleTextAttribute
DeleteTimerQueueEx
lstrcpyA
CancelIo
TlsFree
HeapSize
GetModuleHandleW
GetFileAttributesExW
CreateTimerQueueTimer
SetVolumeMountPointA
OpenThread
GetCurrentThread
GlobalSize
GetLocaleInfoW
RemoveDirectoryA
FindNextFileW
GetFileType
GetPrivateProfileStringW
GetThreadLocale
GetCompressedFileSizeA
SetProcessWorkingSetSize
GetProcessIoCounters
GetFileSize
SetPriorityClass
CreateNamedPipeA
GetVolumeInformationA
SetCurrentDirectoryA
GetPrivateProfileIntW
GetFullPathNameW
ResetEvent
SetFileTime
GetModuleFileNameA
GetSystemDefaultUILanguage
GetThreadTimes
CreateEventW
GetTapeStatus
OpenProcess
GetComputerNameExW
GetTimeFormatW
SetWaitableTimer
SetTapePosition
GetVersion
MoveFileWithProgressA
FindAtomW
FindFirstFileExA
CreateEventA
DisconnectNamedPipe
SetEnvironmentVariableA
SetFileAttributesA
CopyFileW
SetSystemPowerState
GlobalAddAtomW
GetStringTypeExW
GetConsoleScreenBufferInfo
MoveFileW
GetEnvironmentVariableW
GetPrivateProfileSectionW
GetShortPathNameA
CreateDirectoryW
CreateJobObjectW
GetThreadContext
GetVolumePathNameW
GetAtomNameW
GetDiskFreeSpaceW
GetConsoleMode
SetStdHandle
FindVolumeMountPointClose
FindVolumeClose
GetCurrencyFormatW
VirtualAlloc
GetSystemDirectoryW
SetInformationJobObject
SetFileAttributesW
ExpandEnvironmentStringsW
LoadResource
PostQueuedCompletionStatus
IsDBCSLeadByteEx
CreateFileMappingW
GetPrivateProfileStructW
GetLogicalDriveStringsW
GetModuleHandleA
SetProcessAffinityMask
GetDateFormatW
FreeConsole
GetConsoleAliasW
CreateHardLinkW
GetCalendarInfoW
HeapReAlloc
HeapAlloc
CreateNamedPipeW
CreateDirectoryA
GetConsoleAliasesA
CreateIoCompletionPort
GetPrivateProfileSectionA
DeleteTimerQueue
GetCPInfo
GetNumberFormatA
GetPrivateProfileSectionNamesA
GetBinaryTypeA
SetEvent
FindNextChangeNotification
GetProfileStringW
SetThreadContext
SetMailslotInfo
DnsHostnameToComputerNameA
GetConsoleAliasExesLengthA
SetConsoleCtrlHandler
SetProcessPriorityBoost
GetLocaleInfoA
GetStringTypeA
GetFileAttributesW
SetNamedPipeHandleState
GetPrivateProfileIntA
GetStdHandle
GetLongPathNameW
GetWindowsDirectoryA
OpenSemaphoreW
SetCalendarInfoA
PrepareTape
OpenMutexW
VerSetConditionMask
GetDriveTypeA
ProcessIdToSessionId
GetUserDefaultUILanguage
GetFileTime
HeapSetInformation
ExitProcess
DecodePointer
WriteFile
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapFree
Sleep
RtlUnwind
IsProcessorFeaturePresent

user32

IsCharAlphaA

advapi32

CryptDestroyHash
GetSidSubAuthority
RegEnumValueW
AddAce
CryptCreateHash
SetSecurityDescriptorOwner
RegEnumKeyExA
RegFlushKey
SetEntriesInAclW
StartServiceW
SetThreadToken
CreateProcessAsUserW
GetAce
AllocateAndInitializeSid
RegEnumValueA
InitializeAcl
RegSetValueExW
RegOpenKeyExW
SetFileSecurityW
RegCreateKeyW
RegDeleteKeyA
LsaOpenPolicy
RegCreateKeyA
LsaFreeMemory
CryptHashData
SetNamedSecurityInfoW
RegDeleteValueA
EqualSid
RegQueryInfoKeyA
AddAccessAllowedAce
FreeSid
GetSidLengthRequired
RegSetKeySecurity
LookupAccountSidW
RegConnectRegistryW

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 491KB - Virtual size: 490KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94d9297d306566b9f974106a33806f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 491KB - Virtual size: 490KB

.data Size: 270KB - Virtual size: 589KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 491KB - Virtual size: 490KB

.data
Size: 270KB - Virtual size: 589KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 13KB - Virtual size: 13KB