af391277e6bc66036717ccb417e93a7c5344b9c1447f931eb0b44acbaf6b638f

Sharing

Copy URL Twitter E-mail

General

Target

af391277e6bc66036717ccb417e93a7c5344b9c1447f931eb0b44acbaf6b638f
Size

85KB
MD5

774911ddde19fd12f1e36eee9264fc4c
SHA1

b64225e2a16029dc4b798c88c2aa0d1590211997
SHA256

af391277e6bc66036717ccb417e93a7c5344b9c1447f931eb0b44acbaf6b638f
SHA512

a1f0d738e190300566a4c70b8b1b6cb4f69bfeef015f972cc2bdc8e720d169d654b208ca95f69b6284b672b2661ccb1670ef8afa11d99c36c1dd6868b9051d85
SSDEEP

1536:Hugey66WEu6AFYQnA3US85vnxI50GhhIiZK/IwEbAkimjF+6IzLkzuhhXpn:Ogm6W56AFYQ/txU0GzpUIwqAxmpVIzLB

Score

N/A

Malware Config

Signatures

Files

af391277e6bc66036717ccb417e93a7c5344b9c1447f931eb0b44acbaf6b638f
.exe windows x86

a28f178fc939a7690047fc63cfcf7cd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassW
SetCapture
PostMessageW
DestroyIcon
OpenClipboard
LoadIconA
SetActiveWindow
RegisterClassA
ScrollWindowEx
LockSetForegroundWindow
GetCapture

kernel32

LCMapStringW
CreateThread
SetEvent
TlsFree
HeapDestroy
GetSystemTimeAsFileTime
GetFileAttributesA
ReadFile
TerminateProcess
SetLastError
DeleteFileW
LocalFree
GetConsoleMode
TryEnterCriticalSection
Sleep
WriteFile
SizeofResource
FindClose
WaitForSingleObjectEx
GetSystemInfo
FindFirstFileA
FindFirstFileW
ExitProcess
LeaveCriticalSection
LockResource
LoadLibraryW
SetHandleCount
LocalAlloc
GetModuleHandleW
GetACP
GetConsoleOutputCP
GetFileSize
HeapCreate
FormatMessageW
WriteConsoleW
GetStartupInfoA
InitializeCriticalSection
GetVersionExA
lstrlenW
GetModuleFileNameA
HeapSize
CreateFileW
HeapAlloc
SetFilePointer
InitializeCriticalSectionAndSpinCount
FreeLibrary
GetFileSizeEx
CreateEventA
CreateFileA
RaiseException
LCMapStringA
SetFilePointerEx
CloseHandle
GetLocaleInfoA
FindNextFileW
LoadResource
GlobalFree
GetTickCount
CreateFileMappingA
WideCharToMultiByte
HeapFree
GetFileAttributesW
GetStringTypeA
FindCloseChangeNotification
GetStartupInfoW
InterlockedCompareExchange
GetCurrentProcessId
LoadLibraryA
InterlockedIncrement
InterlockedExchange
MultiByteToWideChar
InterlockedDecrement
FreeLibraryAndExitThread
IsDebuggerPresent
GetOEMCP
GetExitCodeProcess
GetVersionExW
GlobalAlloc
DeleteCriticalSection
QueryPerformanceCounter
GetEnvironmentStringsW
GetCurrentProcess
SetStdHandle
GetModuleFileNameW
CreateEventW
WaitForSingleObject
EnterCriticalSection
GetCurrentThreadId
SetEndOfFile
GetStdHandle
FreeEnvironmentStringsW
GetCommandLineW
LoadLibraryExW
GetStringTypeW
lstrlenA
GetProcAddress
GetModuleHandleA
GetLastError
SetUnhandledExceptionFilter
SetErrorMode

gdi32

OffsetRgn
CreateFontIndirectW
FrameRgn
CreatePolygonRgn
GetRgnBox
CreateSolidBrush
CreateDCA
CreateRectRgn

setupapi

SetupOpenAppendInfFileA

advapi32

ControlService
DuplicateToken
CloseEventLog
RegRestoreKeyA
RegNotifyChangeKeyValue
InitiateSystemShutdownA
OpenEventLogW
RegSetValueExA
OpenSCManagerA
RegCreateKeyExA
RegCreateKeyA
RegCreateKeyExW
RegDeleteKeyW
OpenEncryptedFileRawW
GetNumberOfEventLogRecords
QueryServiceStatus
ImpersonateSelf
EnumServicesStatusA
RegEnumKeyExW
ReadEventLogW
OpenThreadToken
GetTokenInformation
RegOpenKeyExA
CreateProcessAsUserA
DeregisterEventSource
OpenServiceA
GetFileSecurityA
BackupEventLogA
OpenServiceW
AdjustTokenPrivileges
DuplicateTokenEx
OpenProcessToken
CloseServiceHandle
RegConnectRegistryA
LookupPrivilegeValueA
RegEnumValueA
RegFlushKey
RegEnumKeyExA
OpenSCManagerW
IsValidSid
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegGetKeySecurity
GetUserNameA
GetUserNameW
RegDeleteKeyA
RegQueryInfoKeyA
RegSetKeySecurity

msvcrt

_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
exit
_exit
_XcptFilter

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a28f178fc939a7690047fc63cfcf7cd3

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

setupapi

advapi32

msvcrt

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 48KB - Virtual size: 112KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 48KB - Virtual size: 112KB

.rsrc
Size: 16KB - Virtual size: 15KB