a3cfeaf4591957dcff8776dc7bfdc050ec6d5850bf9025d3c8a6972fabdf4846

Sharing

Copy URL Twitter E-mail

General

Target

a3cfeaf4591957dcff8776dc7bfdc050ec6d5850bf9025d3c8a6972fabdf4846
Size

44KB
MD5

d410d5e89b1de6033a1f424011df5b84
SHA1

4a1c1e7d71f2d5adede2fbb19635de0182e86f6e
SHA256

a3cfeaf4591957dcff8776dc7bfdc050ec6d5850bf9025d3c8a6972fabdf4846
SHA512

9868cd09f7a44305ad1d7e269a79aa1ddfa301c737ae54aa1b3b3bcf0860f476d1480fa2bc7b1305a00aa70eb6bb4a39559c754fd6a0957ad0250fbea0e2852f
SSDEEP

768:DhcVm352fWVCgEBiIuKHNW5kyLVUOyJN8+VOd1B5Ltp5Do0T6tBZcnjn:lcVmJQWVul3NW5/LVUOy5VOd1Dtp+i6g

Score

N/A

Malware Config

Signatures

Files

a3cfeaf4591957dcff8776dc7bfdc050ec6d5850bf9025d3c8a6972fabdf4846
.exe windows x86

d524b440169f7af587372894b2a1d859

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SetVolumeLabelW
CreateMutexA
BaseCheckAppcompatCache
HeapCreate
GetOEMCP
lstrcpyA
EnumCalendarInfoExA
GetPrivateProfileIntA
lstrcatW
CreateProcessInternalW
LocalFlags
DebugActiveProcessStop
DnsHostnameToComputerNameA
GetLargestConsoleWindowSize
RtlFillMemory
HeapSetInformation
CreateDirectoryExA
GetSystemDefaultLCID
VerifyConsoleIoHandle
AddConsoleAliasW
GetConsoleTitleA
GetFileAttributesW
FreeUserPhysicalPages
TerminateJobObject
WriteConsoleOutputW
ReadConsoleOutputCharacterA
lstrcpynW
LoadLibraryW
ScrollConsoleScreenBufferW
VirtualQuery
GetHandleContext
_lcreat
CreateJobObjectW
RemoveDirectoryW
SetCommBreak
SetComputerNameW
CreateEventA
GetUserDefaultUILanguage
IsValidLanguageGroup
CreateProcessInternalA
HeapSize
GetConsoleAliasW

user32

SetLayeredWindowAttributes
DdeAbandonTransaction
DdeCreateStringHandleW
SetDeskWallpaper
GetNextDlgGroupItem
WinHelpA
GetTabbedTextExtentA
GetCursorPos
CreatePopupMenu
ActivateKeyboardLayout
DdeConnectList
RegisterClassW
SetPropW
EqualRect
RegisterMessagePumpHook
SendInput
EnumDisplaySettingsA
MessageBoxTimeoutA
DdeFreeStringHandle
CharToOemBuffA
MessageBoxExA
ShowCursor
GetMenuStringA
GetMonitorInfoA
LoadMenuIndirectW
SetKeyboardState

advapi32

InstallApplication
GetExplicitEntriesFromAclA
LookupAccountSidA
RegDisablePredefinedCache
EnumerateTraceGuids
RegGetKeySecurity
LsaEnumerateAccountRights
SystemFunction028
GetLengthSid
QueryTraceA
CredEnumerateW
QueryAllTracesW
LogonUserW
TreeResetNamedSecurityInfoA
AddAuditAccessAceEx
LogonUserA

ifsutil

?Lock@IO_DP_DRIVE@@QAEEXZ
?DiskCopyMainLoop@@YGHPBVWSTRING@@000EPAVMESSAGE@@1@Z
?GetCannedSecurity@IFS_SYSTEM@@SGPAVCANNED_SECURITY@@XZ
?Initialize@MOUNT_POINT_MAP@@QAEEXZ
?Write@SECRUN@@UAEEXZ
?QueryNumber@NUMBER_SET@@QBE?AVBIG_INT@@V2@@Z
?ReverseCopy@INTSTACK@@QAEEPAV1@@Z
?QueryCompressedInteger@BIG_INT@@QBEXPAE0@Z
??1INTSTACK@@UAE@XZ
?SetVolumeLabelAndPrintFormatReport@VOL_LIODPDRV@@QAEEPBVWSTRING@@PAVMESSAGE@@@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?QueryContainingRange@NUMBER_SET@@QBEEVBIG_INT@@PAV2@1@Z
?Initialize@DIGRAPH@@QAEEK@Z
?DismountVolume@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
??0LOG_IO_DP_DRIVE@@QAE@XZ
?QueryDisjointRangeAndAssignBuffer@TLINK@@QAEPAXPAVBIG_INT@@PAG1PAXK2@Z
?QueryParents@DIGRAPH@@QBEEKPAVNUMBER_SET@@@Z
?QueryNtfsTime@IFS_SYSTEM@@SGXPAT_LARGE_INTEGER@@@Z
?Initialize@READ_WRITE_CACHE@@QAEEPAVIO_DP_DRIVE@@K@Z
?QueryParentsWithChildren@DIGRAPH@@QBEEPAVNUMBER_SET@@K@Z
?DumpHashTable@SPARSE_SET@@QAEXXZ
?ChkDsk@VOL_LIODPDRV@@QAEEW4FIX_LEVEL@@PAVMESSAGE@@KKGPAKPBVWSTRING@@@Z
??1TLINK@@UAE@XZ

oleaut32

VariantTimeToSystemTime
QueryPathOfRegTypeLib
VarUI1FromI4
VarUI1FromR4
VarBoolFromStr
VarDecRound
VarBoolFromCy
DispGetParam
OleCreatePropertyFrameIndirect
VarCyNeg
VarUI2FromDec
VarI1FromUI8
VarDateFromR4

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d524b440169f7af587372894b2a1d859

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ifsutil

oleaut32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 404B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 404B

.rsrc
Size: 6KB - Virtual size: 5KB