aaa0f259ebe9e777e50b56c896a2127ce96425e336d723d658758fc0b0d48914

Sharing

Copy URL Twitter E-mail

General

Target

aaa0f259ebe9e777e50b56c896a2127ce96425e336d723d658758fc0b0d48914
Size

43KB
MD5

decba3744ec02488d6d5798e70f75186
SHA1

7e95556e0161df2bda8acaf466555b22db187af3
SHA256

aaa0f259ebe9e777e50b56c896a2127ce96425e336d723d658758fc0b0d48914
SHA512

28b2869c070e644af48786286aff7ae97a782e399209b1923888ada326fe3001c7349c2287e04f10c558695a9dec71c5a83d1fbd5c46615d810006549fbd63b2
SSDEEP

768:0pE9GFKTDM4HDm1xo95Xu2TMkbukiwqNxVDpmjyzla8f8+sFU/d8HQ:0pW3TAOVMyMNxVFmcI8f8bU/Cw

Score

N/A

Malware Config

Signatures

Files

aaa0f259ebe9e777e50b56c896a2127ce96425e336d723d658758fc0b0d48914
.exe windows x86

7776468fe428f2906b9fc0dddc74a58f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiGetShortcutTargetA
MsiDatabaseGenerateTransformA
MsiEnumClientsA
MsiOpenDatabaseW
MsiNotifySidChangeA
MsiEnableLogA
MsiSetFeatureStateW
MsiGetDatabaseState
MsiSourceListAddSourceW
MsiQueryFeatureStateW
MsiAdvertiseProductExW
MsiGetFileVersionA
MsiSummaryInfoGetPropertyCount
MsiDatabaseGenerateTransformW
MsiDatabaseGetPrimaryKeysA
MsiSetExternalUIA
MsiGetPropertyW
MsiRecordReadStream
MsiConfigureProductA
MsiVerifyPackageW
MsiReinstallProductA
MsiVerifyPackageA
MsiGetFeatureUsageA
MsiRecordGetStringW
MsiProvideComponentW
Migrate10CachedPackagesW
MsiProvideQualifiedComponentA
MsiEnumComponentsW
MsiQueryFeatureStateFromDescriptorA
MsiProvideComponentFromDescriptorW
MsiProvideAssemblyA
MsiDatabaseOpenViewW
MsiCollectUserInfoW

kernel32

VirtualAlloc
GetFileType
GetConsoleAliasesLengthW
GetFileSize
FindFirstFileW
SetCommBreak
GetDiskFreeSpaceA
_lread
CancelDeviceWakeupRequest
Heap32ListNext
EraseTape
GetCompressedFileSizeA
GetConsoleCharType
GlobalDeleteAtom
ReadConsoleInputExA
GetProcessId
GetModuleHandleA
RemoveDirectoryA
WriteFile
GetConsoleOutputCP
FreeLibrary
FindAtomA
GetSystemDirectoryA
SetFileShortNameA
OpenEventW
GetSystemDefaultUILanguage
LoadLibraryA
GetModuleHandleExW
OpenJobObjectW
HeapUnlock

ifsutil

?CheckAndAdd@SPARSE_SET@@QAEEVBIG_INT@@PAE@Z
??0CANNED_SECURITY@@QAE@XZ
?CloseDriveHandle@DP_DRIVE@@QAEXXZ
?IsEntryPresent@AUTOREG@@SGEPBVWSTRING@@0@Z
?Initialize@SPARSE_SET@@QAEEXZ
??1DP_DRIVE@@UAE@XZ
?DeleteEntry@AUTOREG@@SGEPBVWSTRING@@E@Z
?Initialize@VOL_LIODPDRV@@IAEEPBVWSTRING@@0PAVSUPERAREA@@PAVMESSAGE@@E@Z
?Recover@VOL_LIODPDRV@@QAEEPBVWSTRING@@PAVMESSAGE@@@Z
?QueryCanonicalNtDriveName@IFS_SYSTEM@@SGEPBVWSTRING@@PAV2@@Z
?EnableVolumeUpgrade@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?Initialize@CANNED_SECURITY@@QAEEXZ
??0VOL_LIODPDRV@@IAE@XZ
?GetData@TLINK@@QAEAAVBIG_INT@@PAX@Z
?Initialize@INTSTACK@@QAEEXZ
?Verify@IO_DP_DRIVE@@QAEEVBIG_INT@@0@Z
?QuerySectorSize@DP_DRIVE@@UBEKXZ
?Lock@IO_DP_DRIVE@@QAEEXZ
?DumpHashTable@SPARSE_SET@@QAEXXZ
?GetMessageW@SUPERAREA@@QAEPAVMESSAGE@@XZ
?EnableVolumeCompression@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?Add@NUMBER_SET@@QAEEVBIG_INT@@0@Z
?EnableFileSystem@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
?RemoveAll@SPARSE_SET@@QAEEXZ
??1SUPERAREA@@UAE@XZ
?QueryParents@DIGRAPH@@QBEEKPAVNUMBER_SET@@@Z
?Verify@IO_DP_DRIVE@@QAEEVBIG_INT@@0PAVNUMBER_SET@@@Z
?QuerySize@TLINK@@QBEGXZ
?IsEntryPresent@AUTOREG@@SGEPBVWSTRING@@@Z
?Initialize@READ_CACHE@@QAEEPAVIO_DP_DRIVE@@K@Z
?Read@LOG_IO_DP_DRIVE@@QAEEVBIG_INT@@KPAX@Z

gdi32

DdEntry41
GdiDescribePixelFormat
GetTextCharacterExtra
GdiSetBatchLimit
EndDoc
FONTOBJ_vGetInfo
XFORMOBJ_iGetXform
EnumEnhMetaFile
DdEntry30
CreateSolidBrush
EngUnicodeToMultiByteN
GdiGetCodePage
GetCharWidth32A
SetDIBitsToDevice
DdEntry44
GetCharWidthW
SetBoundsRect
EngDeleteSurface
GetObjectType
SetTextColor
GetCharWidthFloatA
EngDeletePalette
GdiInitSpool
FONTOBJ_cGetGlyphs
DdEntry48
CreatePolygonRgn
QueryFontAssocStatus
EngCheckAbort
SetSystemPaletteUse

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7776468fe428f2906b9fc0dddc74a58f

Headers

DLL Characteristics

File Characteristics

Imports

msi

kernel32

ifsutil

gdi32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 298B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 298B

.rsrc
Size: 3KB - Virtual size: 3KB