02daef95e31e69704a85903d08e3d66af902e976ccc48e965592a6e1e76000c2

Sharing

Copy URL Twitter E-mail

General

Target

02daef95e31e69704a85903d08e3d66af902e976ccc48e965592a6e1e76000c2
Size

859KB
MD5

3006b7f279c08c44e3fde234b1b7bb40
SHA1

fec478a219a11732401b5968303a0cbb89e25575
SHA256

02daef95e31e69704a85903d08e3d66af902e976ccc48e965592a6e1e76000c2
SHA512

12e11c7f8df61540885263181b1cc686c8fcd5c005bd3d28553a348f758f71a03030d16c6ce968b90a8f9069d2ea6ce3b6132c6e40f2fc19f85c82df335f8d6b
SSDEEP

3072:Fb2uWVvjqxD6EY26lO1vagNcYs/9UI6UpkOZ3rZt603Hrn58XX8JFGlg2UnvE:JwNmxD6EY26mu1UXUpkwZ33HT5wkOavE

Score

N/A

Malware Config

Signatures

Files

02daef95e31e69704a85903d08e3d66af902e976ccc48e965592a6e1e76000c2
.exe windows x86

64376fb2a5fbc95eea3508348ca66fec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AccessCheckAndAuditAlarmA
AccessCheckAndAuditAlarmW
AreAnyAccessesGranted
CryptDestroyHash
CryptHashData
CryptSignHashW
ElfOpenEventLogA
GetAce
GetTokenInformation
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
BuildImpersonateExplicitAccessWithNameW
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceConfigW
SetSecurityDescriptorOwner
SetSecurityDescriptorRMControl
StartServiceW
CopySid

gdi32

CreateEllipticRgnIndirect
CreateEnhMetaFileA
ExtTextOutA
GdiDeleteSpoolFileHandle
GetBoundsRect
GetCharABCWidthsW
GetCharacterPlacementW
GetObjectW
InvertRgn
PlayEnhMetaFileRecord
SetPaletteEntries
DescribePixelFormat
SelectClipRgn
CreateSolidBrush
GetCurrentPositionEx
GetDeviceCaps
GetTextExtentPointI

kernel32

BuildCommDCBAndTimeoutsW
ContinueDebugEvent
DosDateTimeToFileTime
ExpandEnvironmentStringsW
FindNextFileW
FindResourceW
FreeLibrary
GetDiskFreeSpaceA
GetEnvironmentVariableW
GetNamedPipeHandleStateW
GetProcAddress
GetProfileStringW
GetThreadSelectorEntry
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryW
LoadResource
LockResource
Process32NextW
ReadConsoleW
SetLocaleInfoW
SystemTimeToFileTime
VerLanguageNameW
VirtualAlloc
lstrcpynW
lstrlenW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GlobalReAlloc
GlobalSize
InterlockedCompareExchange
InterlockedExchange
LoadLibraryExA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
FindFirstFileW
GetProcessHeap
DisableThreadLibraryCalls
GetExitCodeThread
GlobalHandle
HeapDestroy
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
MultiByteToWideChar
OpenFileMappingW
PurgeComm
QueryPerformanceFrequency
QueueUserWorkItem
SizeofResource
VirtualProtect
lstrlenA
CloseHandle
CreateFileMappingA
CreateSemaphoreA
DeviceIoControl
GetCurrentThread
GetLocalTime
GetThreadPriority
GetVersionExA
MapViewOfFile
ReadConsoleInputA
ReadFile
ResetEvent
SetComputerNameExA
SetConsoleTitleA
SetEvent
SetThreadPriority
UnmapViewOfFile
WaitForMultipleObjects
WaitForSingleObject
WriteFile
GetCPInfo
CompareStringA
GetLastError
CompareStringW
SetFileTime
LocalFileTimeToFileTime
LockFile
UnlockFile
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetCurrentDirectoryW
GetFullPathNameW
MoveFileW
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
GetConsoleCP
ReadConsoleInputW
GetFileType
CreateFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
WideCharToMultiByte
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetLocaleInfoA
GetSystemInfo
VirtualQuery
SetHandleCount
GetStdHandle
DeleteCriticalSection
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
CreateFileA
GetACP
GetOEMCP
SetFilePointer
SetConsoleCtrlHandler
WriteConsoleA
FatalAppExitA
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
GetFileAttributesW
RaiseException
HeapCreate
VirtualFree
IsBadWritePtr
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
SetEndOfFile
SetCurrentDirectoryA
RtlUnwind
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
InitializeCriticalSection
GetExitCodeProcess
CreateProcessW
HeapSize
FlushFileBuffers
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateProcessA
GetFileAttributesA

rpcrt4

I_RpcAsyncSetHandle
NdrConvert
NdrInterfacePointerBufferSize
NdrServerInitializeUnmarshall
RpcProtseqVectorFreeW
RpcServerYield
NdrComplexStructFree
NdrSimpleStructFree
RpcRevertToSelfEx
NdrSimpleStructUnmarshall
NdrUserMarshalBufferSize
NdrUserMarshalMemorySize
RpcServerUseProtseqEpExA
RpcNetworkIsProtseqValidA
NdrDllGetClassObject
NdrDllUnregisterProxy

shell32

SHGetIconOverlayIndexW
FreeIconList
ExtractIconEx

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 376KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

64376fb2a5fbc95eea3508348ca66fec

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

rpcrt4

shell32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 376KB - Virtual size: 374KB

.data Size: 296KB - Virtual size: 308KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 376KB - Virtual size: 374KB

.data
Size: 296KB - Virtual size: 308KB