79eeedd46302c38e162129b88cfc788fe2c8a307651f04b802de8830c793870d

Sharing

Copy URL Twitter E-mail

General

Target

79eeedd46302c38e162129b88cfc788fe2c8a307651f04b802de8830c793870d
Size

177KB
MD5

86c15759e0bf516a88772b6e979eb2f9
SHA1

4acf61bc5033fef88374c08b18fecaa8ca9774a6
SHA256

79eeedd46302c38e162129b88cfc788fe2c8a307651f04b802de8830c793870d
SHA512

6a45901528981bbead6404ed86192723d3713a86c5dc15ed7195805b3d3e6d60e19d2d89eccbfc96d739337a0378b4f415fde9455ad4e3e9f4cbc74e611727a0
SSDEEP

3072:3LqhMOjHJ/frFU1zT3P8axCdTM0hiwXde4hROjN4/XEP+70aQD4:7qhTZU13P8aII0hiwXc4TXx70a

Score

N/A

Malware Config

Signatures

Files

79eeedd46302c38e162129b88cfc788fe2c8a307651f04b802de8830c793870d
.exe windows x86

ba75e06c22c1f4ace4291afe6567fb8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

oleacc

LresultFromObject
AccessibleObjectFromPoint

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetACP
IsDebuggerPresent
VirtualAlloc
RtlUnwind
SetEndOfFile
HeapReAlloc
HeapFree
ReadFile
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
VirtualFree
GetDateFormatA
GetCurrentProcessId
InitializeCriticalSection
WriteConsoleA
HeapCreate
GetCurrentProcess
LoadLibraryA
GetCPInfo
EnumResourceTypesA
HeapSize
WriteFile
SetStdHandle
LCMapStringW
HeapDestroy
SetEnvironmentVariableA
GetLocaleInfoA
LeaveCriticalSection
TerminateProcess
FreeLibrary
QueryPerformanceCounter
IsValidCodePage
CompareStringA
GetTickCount
CreateNamedPipeA
EnterCriticalSection
RaiseException
GetConsoleOutputCP
SetFilePointer
MultiByteToWideChar
GetOEMCP
GetStringTypeW
LCMapStringA
CompareStringW
UnhandledExceptionFilter
GetTimeFormatA
GetStringTypeA

advapi32

RegEnumKeyExW
SetSecurityDescriptorDacl
QueryServiceStatus
QueryServiceLockStatusW
IsValidSecurityDescriptor
LockServiceDatabase
AddAce
ChangeServiceConfig2W
UnlockServiceDatabase
ChangeServiceConfigW
InitializeSecurityDescriptor
SetNamedSecurityInfoW
IsValidAcl
FreeSid
RegGetKeySecurity
DeleteService
AdjustTokenPrivileges
RegCreateKeyExW
OpenSCManagerW
RegSaveKeyW
GetAclInformation
GetSecurityDescriptorControl
AllocateAndInitializeSid
GetInheritanceSourceW
OpenProcessToken
ControlService
StartServiceA
GetSecurityInfo
FreeInheritedFromArray
QueryServiceConfigW
SetSecurityInfo
LookupPrivilegeDisplayNameA
OpenServiceW
RegSetValueExW
GetAce
EqualSid
RegDeleteValueW
RegRestoreKeyW
SetEntriesInAclW
LookupAccountSidW
InitializeAcl
GetTokenInformation
GetNamedSecurityInfoW
SetEntriesInAclA
CreateServiceW
LookupPrivilegeNameA
LookupPrivilegeValueA
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
EnumDependentServicesW
CloseServiceHandle
RegEnumValueW

shell32

SHGetFolderPathW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba75e06c22c1f4ace4291afe6567fb8d

Headers

File Characteristics

Imports

mprapi

oleacc

newdev

kernel32

advapi32

shell32

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 512B - Virtual size: 4KB