5829aa0cee4ba56e9d383335c553e78b9a4271be6bb24ccb04969b3b94b49415

Sharing

Copy URL Twitter E-mail

General

Target

5829aa0cee4ba56e9d383335c553e78b9a4271be6bb24ccb04969b3b94b49415
Size

235KB
MD5

4f7b3bab9931aaf71d44ea21281ae750
SHA1

baef1f973a2ad87f137778c04c2186bf8f0705aa
SHA256

5829aa0cee4ba56e9d383335c553e78b9a4271be6bb24ccb04969b3b94b49415
SHA512

5fa3d990b7a93a87c68e50f58ca71932b5680b5160fadcb73cb283b8992b43ba501c16ca9556adc712c5b445eb86b358b32331d897cb3d04f812af594e11a84b
SSDEEP

6144:iEKo5gspafR3a8X+89odzW24WjLrchjbSy0:pKMgwaR3ak9YzWIjvchT

Score

N/A

Malware Config

Signatures

Files

5829aa0cee4ba56e9d383335c553e78b9a4271be6bb24ccb04969b3b94b49415
.exe windows x86

e1cfdff372d4dfe89bc91cc341e0f565

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA

advapi32

SystemFunction016
MSChapSrvChangePassword
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
LsaICLookupNamesWithCreds
GetAclInformation
LsaEnumeratePrivileges
AddUsersToEncryptedFile
OpenThreadToken
RegCloseKey
LockServiceDatabase
SetSecurityDescriptorControl

kernel32

FreeEnvironmentStringsA
RaiseException
lstrcatA
SetFileAttributesA
SetErrorMode
LocalFree
InterlockedDecrement
GlobalAddAtomA
GetModuleHandleA
FlushFileBuffers
ExitProcess
LockResource
Beep
VirtualFree
DuplicateHandle
FindNextFileA
InterlockedIncrement
CompareStringA
GetProcAddress
InitializeCriticalSection
FindResourceA
GetTimeZoneInformation
SystemTimeToFileTime
SetConsoleCursorInfo
GetStringTypeW
HeapCreate
WideCharToMultiByte
HeapSize
GetCurrentThread
HeapAlloc
GetCommandLineA
HeapReAlloc
TlsFree
LoadResource
GlobalFree
IsBadCodePtr
TlsSetValue
FileTimeToSystemTime
GlobalAlloc
lstrcpyA
lstrcmpA
LoadLibraryA
FindClose
GetWindowsDirectoryA
FlushInstructionCache
FileTimeToLocalFileTime
SetEndOfFile
UnhandledExceptionFilter
GetOEMCP
LocalFileTimeToFileTime
EnterCriticalSection
GetVersion
GetLastError
LocalAlloc
GetCurrentProcess
GetThreadLocale
TlsAlloc
IsBadReadPtr
FreeLibrary
LocalUnlock
WriteFile
DeleteCriticalSection
SetUnhandledExceptionFilter
GlobalFindAtomA
RtlUnwind
GlobalDeleteAtom
CompareStringW
GetFileTime
GetVersionExA
VirtualAlloc
SetConsoleTextAttribute
SetSystemTime
GetEnvironmentStringsW
GetFileAttributesA
lstrcpynA
GetDriveTypeA
SetStdHandle
GetStringTypeA
SetLastError
GetVolumeInformationA
LCMapStringA
GetProcessVersion
lstrcmpiA
SetFilePointer
LockFile
GetCPInfo
ReadFile
UnlockFile
lstrlenA
SetEnvironmentVariableA
SystemTimeToTzSpecificLocalTime
DeleteFileA
GetEnvironmentVariableA
GlobalGetAtomNameA
GetSystemDirectoryA
CreateFileA
GetFullPathNameA
GetStdHandle
SetHandleCount
HeapFree
MultiByteToWideChar
HeapDestroy
FindFirstFileA
GetFileType
GetEnvironmentStringsA
IsValidLocale
FreeEnvironmentStringsW
GetACP
LeaveCriticalSection
IsDebuggerPresent
GlobalUnlock
GetStartupInfoA
GetFileSize
LCMapStringW
IsBadWritePtr
GetCurrentThreadId
TlsGetValue
GlobalFlags
MulDiv
InitializeSListHead
DosDateTimeToFileTime
LocalReAlloc
CloseHandle
GlobalHandle
GetCurrentDirectoryA
GetModuleFileNameA
SetCurrentDirectoryA
Sleep
GlobalLock
ReleaseActCtx

gdi32

ScaleViewportExtEx
GetDeviceCaps
SetWindowExtEx
TextOutA
DeleteObject
GetRelAbs
SetViewportExtEx
GetClipBox
DeleteDC
RestoreDC
CreateDIBitmap
SetMapMode
RoundRect
CreateEllipticRgn

winmm

timeGetSystemTime
mixerOpen
mmioAdvance

user32

GetLastActivePopup
GetWindowLongA
PostMessageA
DestroyWindow
CopyRect
SetWindowLongA
IsWindowVisible
EndDialog
GetForegroundWindow
ValidateRect
CreateDialogIndirectParamA
CreateWindowExA
TranslateMessage
GetWindowPlacement
GetMenu
EnableWindow
LoadStringA
ReleaseDC
GetTopWindow
GetActiveWindow
GetMessagePos
ShowWindow
SendDlgItemMessageA
wsprintfA
EnableMenuItem
GetDlgCtrlID
SystemParametersInfoA
DrawIcon
UpdateWindow
GetMenuCheckMarkDimensions
MessageBoxA
SetMenuItemBitmaps
ExitWindowsEx
IsWindow
PostQuitMessage
GetParent
GetWindowRect
SetPropA
SetActiveWindow
LoadBitmapA
GetWindow
GetCursorPos
RegisterClassA
GetSubMenu
GetKeyState
GetCapture
SetWindowTextA
GetSysColor
DefWindowProcA
CheckMenuItem
GetSystemMetrics
PtInRect
SendMessageA
GrayStringA
GetMenuState
SetWindowPos
LoadIconA
PeekMessageA
IsWindowEnabled
CallNextHookEx
DestroyMenu
BeginPaint
GetClassNameA
GetMenuItemCount
UnregisterClassA
RemovePropA
ClientToScreen
GetClientRect
LoadCursorA
GetDlgItem
GetClassInfoA
GetDC
GetMenuItemID
CallWindowProcA
GetPropA
SetWindowsHookExA
CharUpperA
GetMessageA
IsDialogMessageA
GetWindowTextA
MapWindowPoints
GetWindowTextLengthA
WinHelpA
GetFocus

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1cfdff372d4dfe89bc91cc341e0f565

Headers

File Characteristics

Imports

comdlg32

advapi32

kernel32

gdi32

winmm

user32

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 504B

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 504B