b265f8219b193bd6097eb6b005bc752c5480297fe7f03eb6420d2dc8518f5e5e

Sharing

Copy URL Twitter E-mail

General

Target

b265f8219b193bd6097eb6b005bc752c5480297fe7f03eb6420d2dc8518f5e5e
Size

310KB
MD5

b20cc63cecfecba31348c12035aca1f6
SHA1

8907793661926c1e6135018cb761f56c6c64daa1
SHA256

b265f8219b193bd6097eb6b005bc752c5480297fe7f03eb6420d2dc8518f5e5e
SHA512

e33e4e2993710fa207edfbd56bbb83a214c43ca53cb068fbc785ce89925f4fae781eb37875d1e296736ff80f6f21546fa74fa2f226e66ac0c81f951591834dec
SSDEEP

6144:pUm2TuCtUlT372dlG7zEA/A6wSNGtaQLzgftTdmiTbR1HQHhMG/7ZaZ4tuRh5:piti37HvEJHHvstdmq1QBM8taZ4AP5

Score

N/A

Malware Config

Signatures

Files

b265f8219b193bd6097eb6b005bc752c5480297fe7f03eb6420d2dc8518f5e5e
.exe windows x86

310f9d6a3150575046aa1ce6e895d6bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoImpersonateClient
CoGetInterfaceAndReleaseStream
CLSIDFromProgID
CoInitializeEx
CoRevertToSelf
OleRun
CLSIDFromString
CoCreateInstance

user32

wsprintfW
UnregisterClassA

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
VariantChangeType
SafeArrayGetElement
SafeArrayGetDim
SafeArrayAccessData
SysAllocString
SafeArrayCreateVectorEx
SysFreeString
SafeArrayRedim
LoadTypeLi
VariantClear
VariantCopyInd
SafeArrayCopy
SafeArrayUnlock
SafeArrayGetVartype
SysStringByteLen
VariantTimeToSystemTime
LoadRegTypeLi
VariantCopy
GetRecordInfoFromGuids
SafeArrayGetLBound
SafeArrayUnaccessData
VarBstrCmp
SysStringLen
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayLock
VariantInit
SystemTimeToVariantTime
SysAllocStringByteLen

userenv

UnloadUserProfile
GetProfileType
DeleteProfileA
WaitForMachinePolicyForegroundProcessing
ForceSyncFgPolicy
RsopLoggingEnabled
FreeGPOListA

advapi32

InitializeSid
EqualSid
InitializeAcl
CopySid
RegQueryValueExW
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetSidSubAuthority
LookupPrivilegeValueW
DuplicateTokenEx
GetAclInformation
SetThreadToken
RegCreateKeyExW
GetSecurityDescriptorLength
OpenThreadToken
MakeSelfRelativeSD
RegCloseKey
AdjustTokenPrivileges
MakeAbsoluteSD
AddAce
ConvertStringSidToSidW
GetSecurityDescriptorSacl
GetTokenInformation
GetLengthSid
RegNotifyChangeKeyValue
IsValidSid
GetSecurityDescriptorGroup
InitializeSecurityDescriptor
GetSidLengthRequired
RevertToSelf
OpenProcessToken
GetSecurityDescriptorControl
LookupAccountSidW
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner

shlwapi

PathAppendW

kernel32

GetCurrentThreadId
SetThreadPriority
FileTimeToDosDateTime
DeleteFileW
GetModuleHandleW
ReadFile
GetSystemTimeAsFileTime
LocalFree
GlobalMemoryStatusEx
EnterCriticalSection
WaitForSingleObject
UnmapViewOfFile
LeaveCriticalSection
HeapSize
FindResourceW
GetThreadLocale
CreateEventW
SizeofResource
LockResource
HeapReAlloc
RaiseException
WriteFile
GetDriveTypeW
GetSystemTime
GetACP
LoadResource
GetProcessHeap
UnhandledExceptionFilter
FindClose
HeapFree
SetThreadLocale
SetFilePointer
SetLastError
DeviceIoControl
DeleteCriticalSection
QueryDosDeviceW
MapViewOfFile
GetSystemInfo
HeapAlloc
lstrlenW
GetFileSize
SetEndOfFile
ResetEvent
GetLongPathNameW
IsDebuggerPresent
HeapDestroy
CreateFileMappingW
CreateFileW
FindFirstFileW
ResumeThread
SetUnhandledExceptionFilter
FileTimeToSystemTime
SignalObjectAndWait
FindResourceExW
WaitForMultipleObjects
CreateThread
ExpandEnvironmentStringsW
CloseHandle
FreeLibrary
FormatMessageW
IsValidCodePage
VirtualAllocEx

iashlpr

DllUnregisterServer

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

310f9d6a3150575046aa1ce6e895d6bc

Headers

File Characteristics

Imports

ole32

user32

shell32

oleaut32

userenv

advapi32

shlwapi

kernel32

iashlpr

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 268KB - Virtual size: 271KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 268KB - Virtual size: 271KB

.rsrc
Size: 11KB - Virtual size: 11KB