8fc841be063ce43198f97799fe22a488702072a8b95589130804953d5ae8e384

Sharing

Copy URL Twitter E-mail

General

Target

8fc841be063ce43198f97799fe22a488702072a8b95589130804953d5ae8e384
Size

261KB
MD5

c318ab773f8940f36fc865850d254ce1
SHA1

3370cdcdc4bc272d77f8c8ff3d7a18c00cd60513
SHA256

8fc841be063ce43198f97799fe22a488702072a8b95589130804953d5ae8e384
SHA512

49b77cc8eaee68b1f60d5710b4598eb067d8d4a929f1d4eaf9918970d83d76ac0c4b2bc4e8afbf5144159c89219d57946dca5b855821e5d3f05cc95c6971d905
SSDEEP

6144:tpoqkPtoYJJgs7vBcIizR/7S0/Qg4gZdvmcwWt:tpoqkVH/96fF4V+mIt

Score

N/A

Malware Config

Signatures

Files

8fc841be063ce43198f97799fe22a488702072a8b95589130804953d5ae8e384
.exe windows x86

f1dd2d6cf26a743c6f23a4cf254dd4d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW
EnumProcessModules

kernel32

EnterCriticalSection
LocalFree
GetProcessHeap
GetSystemDirectoryW
SetThreadPriority
OpenFileMappingW
ReleaseSemaphore
GetModuleHandleW
PulseEvent
HeapAlloc
SetUnhandledExceptionFilter
WideCharToMultiByte
UnhandledExceptionFilter
CreateThread
GetFileSize
GetPriorityClass
CreateSemaphoreW
TlsSetValue
SetProcessWorkingSetSize
GetDateFormatW
FindCloseChangeNotification
lstrcmpW
TryEnterCriticalSection
SetPriorityClass
LoadLibraryExW
GetTempFileNameW
UnmapViewOfFile
OpenEventW
GetSystemInfo
CreateMutexW
CompareFileTime
SetLastError
TlsFree
CreateProcessW
CloseHandle
GetSystemTimeAsFileTime
CreateFileMappingW
FindNextChangeNotification
ExpandEnvironmentStringsW
HeapReAlloc
GetDriveTypeW
SystemTimeToFileTime
DeviceIoControl
lstrcpyW
ReleaseMutex
DeleteCriticalSection
FlushFileBuffers
FindFirstChangeNotificationW
GetSystemTime
WaitForSingleObject
TlsAlloc
GetLocalTime
GetWindowsDirectoryW
GetFileTime
SetFilePointer
GetCurrentDirectoryW
OpenSemaphoreW
GetPrivateProfileIntW
GetQueuedCompletionStatus
ResumeThread
MapViewOfFile
CreateFileW
LocalAlloc
RaiseException
DeleteFileW
SetEndOfFile
CreateEventW
lstrlenW
HeapFree
OutputDebugStringW
GetCurrentThreadId
LeaveCriticalSection
lstrcpynW
FindFirstFileW
FindNextFileW
GetPrivateProfileStringW
OpenMutexW
GetComputerNameW
lstrcatW
GetTempPathW
OpenProcess
lstrcmpA
WriteFile
IsDebuggerPresent
FindClose
SetCurrentDirectoryW
TlsGetValue
ResetEvent
TerminateThread
DuplicateHandle
CreateIoCompletionPort
SetErrorMode
lstrlenA
FreeLibrary
FormatMessageW
GetTimeFormatW
VirtualAllocEx

user32

MessageBoxW
wsprintfW
MsgWaitForMultipleObjects
DispatchMessageW
LoadStringW
FindWindowW
PeekMessageW

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyW
SetSecurityDescriptorDacl
RegQueryValueExW
QueryServiceStatus
GetTokenInformation
OpenServiceW
RegDeleteValueW
RegSetValueExW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenSCManagerW
RegOpenKeyA
StartServiceW
ControlService
CloseServiceHandle
CreateProcessAsUserW
InitializeSecurityDescriptor
EnumDependentServicesW
RegOpenKeyExW

mscms

RegisterCMMA
UnregisterCMMA
InternalGetDeviceConfig
RegisterCMMW
ConvertIndexToColorName
SelectCMM
InstallColorProfileA
CreateProfileFromLogColorSpaceW
InternalGetPS2ColorSpaceArray

iedkcs32

BrandICW

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pghfZ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.B
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.utmKY
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.T
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hVu
Size: 1024B - Virtual size: 961B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 213KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.go
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1dd2d6cf26a743c6f23a4cf254dd4d6

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

advapi32

mscms

iedkcs32

Sections

.text Size: 18KB - Virtual size: 17KB

.pghfZ Size: 2KB - Virtual size: 2KB

.B Size: 1KB - Virtual size: 2KB

.utmKY Size: 1024B - Virtual size: 1KB

.T Size: 1KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.hVu Size: 1024B - Virtual size: 961B

.data Size: 213KB - Virtual size: 451KB

.go Size: 2KB - Virtual size: 3KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 18KB - Virtual size: 17KB

.pghfZ
Size: 2KB - Virtual size: 2KB

.B
Size: 1KB - Virtual size: 2KB

.utmKY
Size: 1024B - Virtual size: 1KB

.T
Size: 1KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB

.hVu
Size: 1024B - Virtual size: 961B

.data
Size: 213KB - Virtual size: 451KB

.go
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 16KB