46bcf877194436a89672ba79398ea493d38e74352d3e42d82429ef63950ce447

Sharing

Copy URL

Twitter E-mail

General

Target

46bcf877194436a89672ba79398ea493d38e74352d3e42d82429ef63950ce447
Size

336KB
MD5

a4f01dd2e7aea1c16eee945a52735500
SHA1

e24d2faae32fc3207d150a69e1fa4643ea026a59
SHA256

46bcf877194436a89672ba79398ea493d38e74352d3e42d82429ef63950ce447
SHA512

57a315ca14b3cf6201ad011b9464cf0a2346702d63b4b71d2f8917d24480077cfacbd9ea8ac345f94641d331c18db54e11e49121010a021c28a31e99c597e82b
SSDEEP

6144:BYR65cL+/EfEq6QgCdiy74pvKTTJ8xnSYK82+AqC1W/IPwJ:Bll/EfEq6QgCdiUSCTTCxSYK82+xwyw

Score

N/A

Malware Config

Signatures

Files

46bcf877194436a89672ba79398ea493d38e74352d3e42d82429ef63950ce447
.dll windows x86

80df6fa8643a6abc7b1f10c87c5c2fbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
DeregisterEventSource
FreeSid
GetLengthSid
InitializeAcl
LsaICLookupSids
LsaQueryTrustedDomainInfoByName
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
ReportEventA
SetSecurityDescriptorDacl
BuildImpersonateTrusteeW
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
CryptVerifySignatureW
RegQueryValueExA
SystemFunction020
TrusteeAccessToObjectW
GetSecurityDescriptorRMControl

kernel32

DisableThreadLibraryCalls
VirtualAlloc
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
DeleteFileA
FindClose
FindFirstFileA
GetCurrentProcessId
GetFileSize
GetLocalTime
GetPrivateProfileStructW
GetSystemInfo
GetTickCount
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
MoveFileA
OpenMutexA
OpenSemaphoreA
ReadFile
ReleaseMutex
ResetEvent
SetEndOfFile
SetEvent
SetFilePointer
Sleep
VirtualFree
WaitForSingleObject
WriteFile
AreFileApisANSI
BackupRead
FreeUserPhysicalPages
GetCommTimeouts
GetCurrentThreadId
GetProcessHeap
GetSystemTimeAsFileTime
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
WritePrivateProfileStringA
CreateThread
EnumDateFormatsA
GetDateFormatW
GetProfileIntA
GetUserDefaultLCID
HeapCreate
MultiByteToWideChar
RaiseException
SetMailslotInfo
WaitForSingleObjectEx
GetLocaleInfoA
LoadLibraryA
LocalAlloc
LocalFree
lstrcatW
lstrcpynW
lstrlenW
GetLastError
GetFullPathNameA
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
GetCommandLineA
GetVersionExA
HeapFree
RtlUnwind
ExitThread
GetDriveTypeA
GetCurrentDirectoryA
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
FatalAppExitA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
VirtualProtect
VirtualQuery
LCMapStringA
WideCharToMultiByte
LCMapStringW
FlushFileBuffers
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapReAlloc
HeapSize
IsBadWritePtr
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CompareStringA
CompareStringW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
WriteConsoleA
GetTimeZoneInformation
SetConsoleCtrlHandler
GetLocaleInfoW
SetEnvironmentVariableA

ole32

HWND_UserSize
EnableHookObject
SetDocumentBitStg
OleRegGetMiscStatus

rpcrt4

RpcStringBindingComposeW
RpcServerInqBindings
NdrVaryingArrayFree
NdrFixedArrayFree
NdrDllGetClassObject
NdrDllUnregisterProxy
NdrAsyncClientCall
MesHandleFree

Exports

Exports

ifux

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80df6fa8643a6abc7b1f10c87c5c2fbf

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

rpcrt4

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 48KB - Virtual size: 58KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 48KB - Virtual size: 58KB

.reloc
Size: 12KB - Virtual size: 11KB