a8379fa14c7aac87ce1cce92e66a27881555999cab817a3ae78eabe8f0ff57f8

Sharing

Copy URL Twitter E-mail

General

Target

a8379fa14c7aac87ce1cce92e66a27881555999cab817a3ae78eabe8f0ff57f8
Size

958KB
MD5

9b0cde48ef2b66da65ed75fa319cd228
SHA1

f4081ef8f41bc7683478be0488a4250ef87c4c14
SHA256

a8379fa14c7aac87ce1cce92e66a27881555999cab817a3ae78eabe8f0ff57f8
SHA512

a44c658171cf5b85c539d33c071e1bbc9098ea93f2063dc78142584c1c1de8c5fc6afb74e5da66b781b1773fea7322e161750d3b14486872046234bc9a4bde69
SSDEEP

24576:YRFbPNATCYq+gU03zDeore1frB0NnDdlbBiX:YRFblAGYd2361WDTb0X

Score

N/A

Malware Config

Signatures

Files

a8379fa14c7aac87ce1cce92e66a27881555999cab817a3ae78eabe8f0ff57f8
.exe windows x86

81935bcd5a39fe5be580aae054f788a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
OpenMutexW
GetTempPathW
DefineDosDeviceW
FindNextChangeNotification
GetShortPathNameA
GetDefaultCommConfigA
WritePrivateProfileStructW
UnlockFileEx
ReadDirectoryChangesW
ConvertDefaultLocale
GetConsoleAliasA
WaitNamedPipeW
EnumResourceNamesW
lstrcpyA
GetDriveTypeA
GetDiskFreeSpaceW
ChangeTimerQueueTimer
IsBadStringPtrW
FindFirstVolumeW
LocalCompact

oleaut32

SysAllocStringByteLen
SafeArrayPtrOfIndex
VariantClear
VariantInit
SafeArrayGetLBound
VariantChangeType
SafeArrayGetUBound
GetErrorInfo
SysAllocStringLen
SysStringLen
SysReAllocStringLen
SafeArrayCreate

advapi32

RegQueryMultipleValuesA
RegOpenKeyW
RegSetValueExA
WmiOpenBlock
CryptEncrypt
RegSetKeySecurity
CryptDeriveKey
IsValidSid
SetFileSecurityW
RegQueryValueExA
InitializeSecurityDescriptor

netapi32

NetLocalGroupSetInfo
NetLocalGroupGetInfo
NetLocalGroupGetMembers
NetUseAdd
NetDfsSetClientInfo
NetUnjoinDomain
DsRoleFreeMemory
NetUseEnum
NetGetDCName
NetShareSetInfo
NetUseDel
NetLocalGroupAddMembers
NetGroupDelUser
NetFileGetInfo
NetLocalGroupEnum
NetShareDelSticky

shlwapi

PathRenameExtensionA
SHRegWriteUSValueW
AssocCreate
SHQueryValueExW
PathGetArgsA
SHRegOpenUSKeyA
PathRemoveFileSpecA
StrDupW

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sFIc
Size: 251KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ci
Size: 107KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.znYv
Size: 355KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81935bcd5a39fe5be580aae054f788a4

Headers

File Characteristics

Imports

kernel32

oleaut32

advapi32

netapi32

shlwapi

Sections

.text Size: 120KB - Virtual size: 120KB

.sFIc Size: 251KB - Virtual size: 460KB

.Ci Size: 107KB - Virtual size: 326KB

.znYv Size: 355KB - Virtual size: 404KB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 120KB - Virtual size: 120KB

.sFIc
Size: 251KB - Virtual size: 460KB

.Ci
Size: 107KB - Virtual size: 326KB

.znYv
Size: 355KB - Virtual size: 404KB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 1KB - Virtual size: 1KB