7d541cebefc5d9b36f1fe93c6988f03e0ff876b37c73ca37b56debcc6d795ed2

Sharing

Copy URL Twitter E-mail

General

Target

7d541cebefc5d9b36f1fe93c6988f03e0ff876b37c73ca37b56debcc6d795ed2
Size

1.1MB
MD5

c5041c32bd6b6df813c7cc802d99940d
SHA1

1015eeaeed5170a4f12af3a1e81570c36edbb71a
SHA256

7d541cebefc5d9b36f1fe93c6988f03e0ff876b37c73ca37b56debcc6d795ed2
SHA512

4179c2269d252eb67e8a5a4ed61287a8a2002d8297daccbd41a3ad3c6927fb36eca7be319f14e7c52c08cc9737940a502137aa7251c9a2d46fe609e736f4cd53
SSDEEP

12288:PStqlOIKlSq0zbK4x1U6narLojhNWVMptYJg96AOUTUkqfxHaGW:PSaNySq4NqknAMoO9EfpHaGW

Score

N/A

Malware Config

Signatures

Files

7d541cebefc5d9b36f1fe93c6988f03e0ff876b37c73ca37b56debcc6d795ed2
.exe windows x86

dabdc9a055059a8a2cf07f89ab8c1644

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetCurrentConsoleFont
CopyFileW
RtlUnwind
GetCurrencyFormatW
FindAtomA
GetNumberOfConsoleInputEvents
DeleteAtom
IsValidCodePage
SetLocaleInfoW
GlobalUnlock
GetConsoleAliasW
GetDateFormatW
SetHandleInformation
EnumCalendarInfoExW
QueryDosDeviceW
GetBinaryTypeA
GetExitCodeProcess
SetFileAttributesA
GetConsoleCP
GetCurrentDirectoryA
GetEnvironmentStringsW
GetVolumePathNameA
GetThreadPriority
GetThreadLocale
CreateDirectoryW
SetConsoleActiveScreenBuffer
FileTimeToSystemTime
TlsAlloc
SetConsoleDisplayMode
LoadLibraryExA
FindVolumeMountPointClose
GetDriveTypeW
GetConsoleAliasExesW
FindNextFileW
GetCurrentDirectoryW
OpenEventW
GetStdHandle
GetTimeFormatA
GetCompressedFileSizeW
ReplaceFileA
LockFile
GetNumberFormatA
GetPrivateProfileStringA
CancelIo
GetEnvironmentVariableW
EnumCalendarInfoA
lstrcpynA
GetFullPathNameW
GetWindowsDirectoryA
GetStartupInfoW
SetPriorityClass
CompareStringA
GetProfileStringA
LCMapStringA
CreateSemaphoreW
GetPriorityClass
DebugBreak
GetQueuedCompletionStatus
GetEnvironmentVariableA
GetFileAttributesExW
GetComputerNameA
GetPrivateProfileIntA
SetThreadAffinityMask
CreateWaitableTimerW
GetOEMCP
CreateEventA
ResetEvent
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetUserDefaultLCID
OpenThread
SetEndOfFile
GetDiskFreeSpaceW
GetDriveTypeA
SetTapeParameters
ExitThread
LocalFileTimeToFileTime
CreateDirectoryExA
MoveFileWithProgressW
FreeEnvironmentStringsW
Module32NextW
SetThreadContext
SetVolumeMountPointA
CompareStringW
VirtualAlloc
MapViewOfFile
GetPrivateProfileSectionNamesW
GetFileInformationByHandle
Module32First
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetProcessWorkingSetSize
SetThreadIdealProcessor
OpenWaitableTimerA
FormatMessageW
PeekNamedPipe
CreateHardLinkA
GetHandleInformation
GetConsoleScreenBufferInfo
OpenWaitableTimerW
SetThreadPriorityBoost
SetEvent
SetSystemTimeAdjustment
GetModuleHandleW
FreeUserPhysicalPages
GetSystemDefaultLangID
CreateMailslotW
SetThreadLocale
LCMapStringW
ReleaseMutex
ReplaceFileW
VerSetConditionMask
GetFileTime
FindFirstFileW
lstrcmpA
CreateTimerQueueTimer
BindIoCompletionCallback
CreateToolhelp32Snapshot
GetCompressedFileSizeA
WritePrivateProfileStringW
GetConsoleAliasExesA
DeviceIoControl
VerifyVersionInfoW
GetDiskFreeSpaceA
CreateFileMappingW
GetShortPathNameW
FindVolumeClose
FindResourceExW
OpenProcess
PrepareTape
AssignProcessToJobObject
SetUnhandledExceptionFilter
GetDevicePowerState
GetSystemWindowsDirectoryA
GetDiskFreeSpaceExW
FindResourceW
SetConsoleCtrlHandler
GetTimeFormatW
GetExitCodeThread
ReadProcessMemory
CreateDirectoryExW
OpenJobObjectA
HeapSize
GetModuleHandleA
ConvertThreadToFiber
DuplicateHandle

rpcrt4

NdrMesTypeEncode2
RpcEpRegisterA
NdrAsyncClientCall
RpcServerListen
NdrSimpleStructUnmarshall
RpcIfInqId
RpcErrorAddRecord
RpcStringFreeA
RpcAsyncCompleteCall
NdrAllocate
RpcMgmtSetComTimeout
UuidHash
RpcAsyncCancelCall
RpcBindingInqAuthClientA
RpcServerRegisterIf2
RpcStringBindingParseA
RpcAsyncAbortCall
RpcEpRegisterNoReplaceW
NdrInterfacePointerBufferSize
RpcServerRegisterAuthInfoW
I_RpcBindingInqTransportType
NdrConformantStringMarshall
RpcServerUseProtseqEpExW

user32

GetAltTabInfoA

comctl32

ImageList_DrawIndirect
ord17
ImageList_Create
CreatePropertySheetPageW
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_Write
ImageList_EndDrag

advapi32

RegSetValueA
GetSidSubAuthorityCount
InitializeSecurityDescriptor
RegCreateKeyExA
AreAnyAccessesGranted
RegQueryValueExA
AddAccessDeniedAce
RegCreateKeyExW
RegSetValueExW
InitializeAcl
RegSetKeySecurity
GetKernelObjectSecurity
RegQueryMultipleValuesA
RegSetValueExA
RegSetValueW
SetKernelObjectSecurity
GetCurrentHwProfileW
SetTokenInformation
AddAuditAccessAce
AddAccessAllowedAce
RegNotifyChangeKeyValue
GetCurrentHwProfileA
GetTokenInformation
GetSidLengthRequired
GetSidSubAuthority
AreAllAccessesGranted
GetSidIdentifierAuthority

Sections

.text
Size: 834KB - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eij
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a098y
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dabdc9a055059a8a2cf07f89ab8c1644

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

comctl32

advapi32

Sections

.text Size: 834KB - Virtual size: 833KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 258KB

.eij Size: 124KB - Virtual size: 124KB

.a098y Size: 108KB - Virtual size: 107KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 834KB - Virtual size: 833KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 258KB

.eij
Size: 124KB - Virtual size: 124KB

.a098y
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 45KB - Virtual size: 45KB