86e9e29fa16618554fb7a6afaf6c2218959d695bdeecc61484382359f388d209

Sharing

Copy URL Twitter E-mail

General

Target

86e9e29fa16618554fb7a6afaf6c2218959d695bdeecc61484382359f388d209
Size

287KB
MD5

01d9e546b18e333f0d2f3be8455cbd25
SHA1

c3b3eaae6b0dd24bf3ec76f446834a548715b2c1
SHA256

86e9e29fa16618554fb7a6afaf6c2218959d695bdeecc61484382359f388d209
SHA512

2af82da3caa641747cd76fdf496dbd2a003862cbc1effe39e7ced3bbf82eb26866185a86ef378345b852ef6987b069a4e29d4e34c5325397c5777322fd7f1836
SSDEEP

6144:xUPr455vJdzLG1OJg6PqUdSwqmVvRXSvfGL2o5GpeZp:xUzE/0OJRiUA3mVvRXSnGqoA

Score

N/A

Malware Config

Signatures

Files

86e9e29fa16618554fb7a6afaf6c2218959d695bdeecc61484382359f388d209
.exe windows x86

8add20d6a3a8d8da40f92e87ab8dc38a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetVolumeNameForVolumeMountPointW
WaitForSingleObject
GetCurrentThreadId
GetProcessHeap
HeapFree
IsDebuggerPresent
FindVolumeMountPointClose
EnterCriticalSection
ResumeThread
UnhandledExceptionFilter
GetLogicalDriveStringsW
FindNextVolumeMountPointW
ResetEvent
CreateEventW
GetDriveTypeW
LeaveCriticalSection
CreateThread
GetACP
FindFirstVolumeMountPointW
GetThreadLocale
FormatMessageW
SetUnhandledExceptionFilter
SetThreadLocale
lstrlenW
HeapReAlloc
HeapDestroy
CloseHandle
DeleteCriticalSection
GetSystemTime
RaiseException
HeapSize
GetSystemTimeAsFileTime
HeapAlloc
GetModuleHandleW
VirtualAlloc

ole32

CoGetInterfaceAndReleaseStream
StringFromGUID2
CoMarshalInterThreadInterfaceInStream
CoRevertToSelf
CoQueryProxyBlanket
CoInitializeEx
CoCreateGuid
CoUninitialize
CoImpersonateClient
CoCreateInstance
CoSetProxyBlanket

advapi32

OpenProcessToken
GetLengthSid
RegOpenKeyExW
EqualSid
IsValidSid
CopySid
RegSetValueExW
RegCloseKey
OpenThreadToken
SetThreadToken
GetTokenInformation

user32

wsprintfW
UnregisterClassA
GetWindowLongW

userenv

UnloadUserProfile

oleaut32

VariantTimeToSystemTime
SysStringLen
SysStringByteLen
SafeArrayLock
SysAllocStringLen
SafeArrayGetVartype
VarBstrCmp
SafeArrayCopy
SafeArrayUnlock
SafeArrayGetLBound
SysAllocString
SafeArrayDestroy
LoadTypeLi
SystemTimeToVariantTime
VariantInit
VariantClear
VariantCopy
SysAllocStringByteLen
SafeArrayCreate
VariantCopyInd
LoadRegTypeLi
SafeArrayGetUBound
SafeArrayRedim
SysFreeString

comctl32

CreateStatusWindow
ImageList_GetIcon
FlatSB_GetScrollPos
CreatePropertySheetPageW
ImageList_LoadImageW
DllGetVersion
ImageList_AddIcon
ImageList_GetIconSize
ImageList_DragLeave
CreateMappedBitmap
CreateUpDownControl
ImageList_DragEnter

iasacct

DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8add20d6a3a8d8da40f92e87ab8dc38a

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

user32

userenv

oleaut32

comctl32

iasacct

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 249KB - Virtual size: 817KB

.rsrc Size: 17KB - Virtual size: 120KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 249KB - Virtual size: 817KB

.rsrc
Size: 17KB - Virtual size: 120KB