73fee79214536e389ae53a3965e76ec589f7a4393de11dcfecb7e996f1dfbee3

Sharing

Copy URL Twitter E-mail

General

Target

73fee79214536e389ae53a3965e76ec589f7a4393de11dcfecb7e996f1dfbee3
Size

289KB
MD5

b86196c1da4cfa18ddcfd7f65d5a26b1
SHA1

5c07e4d73fb67eeeedb42a6b2a6e81cae250b074
SHA256

73fee79214536e389ae53a3965e76ec589f7a4393de11dcfecb7e996f1dfbee3
SHA512

e50b329edd39db44e61a91ee32abb93c4da7733c4db1eacb49280a8e0b7da25752b170654e68a92fe1e38b06593005df530eee9e28c4089595273d0773b29cd6
SSDEEP

6144:QOA2ZP1btFJfID5mbedFfGRAS+f+zodvZnNKhlko8/:QOzZP5tjKRmAS+nvPKh5Q

Score

N/A

Malware Config

Signatures

Files

73fee79214536e389ae53a3965e76ec589f7a4393de11dcfecb7e996f1dfbee3
.exe windows x86

697697f82165fcfdd5da16fec82cc327

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsValidSecurityDescriptor
OpenServiceW
RegDeleteKeyW
SetSecurityDescriptorOwner
AccessCheck
RegOpenKeyW
LsaQueryInformationPolicy
RegQueryValueExW
RegQueryInfoKeyW
RegCloseKey
InitializeAcl
RegDeleteValueW
OpenProcessToken
AllocateAndInitializeSid
RegOpenKeyExW
LsaClose
FreeSid
RegEnumKeyExW
GetLengthSid
OpenThreadToken
ImpersonateSelf
QueryServiceConfigW
RegCreateKeyExW
SetSecurityDescriptorGroup
RegSetValueExW
SetSecurityDescriptorDacl
LsaFreeMemory
OpenSCManagerW
LsaOpenPolicy
QueryServiceStatus
CloseServiceHandle
RevertToSelf
AddAccessAllowedAce
InitializeSecurityDescriptor

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

oleaut32

SysAllocString
SysStringLen
LoadTypeLi
VariantClear
VarBstrCmp
VariantInit
GetErrorInfo
CreateErrorInfo
SetErrorInfo
SysFreeString
LoadRegTypeLi
VarUI4FromStr

shell32

CommandLineToArgvW

kernel32

FindResourceW
GetConsoleCP
InitializeCriticalSectionAndSpinCount
HeapAlloc
FileTimeToSystemTime
UnmapViewOfFile
SetLastError
lstrlenW
GetTempPathW
FlushFileBuffers
CloseHandle
TlsGetValue
MapViewOfFile
GetFullPathNameW
SetEnvironmentVariableA
IsDebuggerPresent
CompareStringW
GetOEMCP
TlsFree
GetConsoleMode
LocalAlloc
lstrcmpiW
CreateThread
HeapDestroy
GetFileType
EnumUILanguagesW
LoadLibraryExW
FreeLibrary
IsWow64Process
GetStdHandle
GetWindowsDirectoryW
SetEndOfFile
LCMapStringW
EnterCriticalSection
FindFirstFileExW
FreeEnvironmentStringsW
WriteConsoleW
GetPrivateProfileStringW
GetDiskFreeSpaceExW
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetShortPathNameW
WideCharToMultiByte
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetSystemInfo
CreateFileW
TlsSetValue
GetSystemDirectoryW
GetACP
GetCommandLineW
GetPrivateProfileSectionW
TlsAlloc
CreateFileMappingW
GetFileInformationByHandle
FormatMessageW
RaiseException
SetStdHandle
GetModuleHandleW
PeekNamedPipe
FindClose
GetCurrentDirectoryW
ReadFile
HeapSize
IsValidCodePage
IsProcessorFeaturePresent
RtlUnwind
GetCommandLineA
SetHandleCount
SetFilePointer
HeapReAlloc
GetCurrentThreadId
GetProcessHeap
LeaveCriticalSection
GetDriveTypeW
WriteFile
HeapFree
GetLocalTime
DeleteCriticalSection
MulDiv
SizeofResource
LoadResource
LocalFree
lstrcmpW
VirtualAlloc
GetVersion

ole32

CoTaskMemRealloc
CoCreateInstance
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
StringFromCLSID
CoInitializeEx
CoInitialize
CoTaskMemAlloc
OleRun
CLSIDFromString

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps

user32

TranslateMessage
MessageBoxW
CharNextW
GetSystemMetrics
ReleaseDC
PeekMessageW
MsgWaitForMultipleObjects
SystemParametersInfoW
DispatchMessageW
CharPrevW
GetDC

comcat

DllUnregisterServer
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

697697f82165fcfdd5da16fec82cc327

Headers

File Characteristics

Imports

advapi32

version

oleaut32

shell32

kernel32

ole32

gdi32

user32

comcat

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 254KB - Virtual size: 7.3MB

.rdata Size: 4KB - Virtual size: 168KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 254KB - Virtual size: 7.3MB

.rdata
Size: 4KB - Virtual size: 168KB

.rsrc
Size: 10KB - Virtual size: 10KB