7d75b7874ebda81709fd06aade4c25a94edb785f7f396102d4a35deb895f8fab

Sharing

Copy URL

Twitter E-mail

General

Target

7d75b7874ebda81709fd06aade4c25a94edb785f7f396102d4a35deb895f8fab
Size

245KB
MD5

138cec51bd5fef0a31f6a0d7a5e677b9
SHA1

d0aab7e3950018cd5f3f176db5b381d25adbe164
SHA256

7d75b7874ebda81709fd06aade4c25a94edb785f7f396102d4a35deb895f8fab
SHA512

14bf0c78eab7a98b7d7fad39f49097ecce325e62d3b0d1e47e0296e742c348c67091d93cb063276da751b382b6f72496a5fb874a5ebac6f37103ed3d4fbce492
SSDEEP

6144:mMWHbRh4N04G+U2cnJLaWVKhxQd91ShzXakv0h:zu4G4GlJLJKnw91SlXW

Score

N/A

Malware Config

Signatures

Files

7d75b7874ebda81709fd06aade4c25a94edb785f7f396102d4a35deb895f8fab
.exe windows x86

4a216a97b1e5c26106e51f46f36f5772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
RegCloseKey
OpenProcessToken
GetTokenInformation
GetSidSubAuthority
AddAce
QueryServiceStatusEx
RegQueryInfoKeyW
CheckTokenMembership
MakeSelfRelativeSD
GetSecurityDescriptorSacl
OpenThreadToken
IsValidSid
SetSecurityDescriptorDacl
ConvertSidToStringSidW
RegOpenKeyExW
GetAclInformation
OpenSCManagerW
InitializeSid
RegCreateKeyExW
SetEntriesInAclW
RegEnumKeyExW
GetSecurityDescriptorDacl
OpenServiceW
EqualSid
MakeAbsoluteSD
GetSecurityDescriptorOwner
InitializeAcl
BuildTrusteeWithSidW
GetSecurityDescriptorLength
RegSetValueExW
GetSecurityDescriptorGroup
SetSecurityInfo
GetSidLengthRequired
RegQueryValueExW
RegEnumValueW
CopySid
GetLengthSid
GetSecurityDescriptorControl
GetSecurityInfo
InitializeSecurityDescriptor
CreateServiceW
RegDeleteKeyW

kernel32

ReadFile
SetUnhandledExceptionFilter
WaitForMultipleObjects
VerifyVersionInfoW
DeleteCriticalSection
HeapReAlloc
CreateEventW
RaiseException
GetACP
CreateFileW
IsDebuggerPresent
LeaveCriticalSection
GetSystemTime
GetModuleHandleW
WriteFile
GetTempPathW
HeapDestroy
lstrlenA
HeapAlloc
VerSetConditionMask
FormatMessageW
CreateMutexW
SetLastError
DeleteFileW
HeapFree
GetThreadLocale
ReleaseMutex
GetProcessHeap
OpenEventW
HeapSize
WaitForSingleObject
FindFirstFileW
SetThreadLocale
FindClose
TerminateThread
GetCurrentThreadId
LockResource
UnhandledExceptionFilter
FindResourceExW
LoadResource
SizeofResource
CloseHandle
FindResourceW
CreateThread
EnterCriticalSection
lstrlenW
QueryDosDeviceW
GetLongPathNameW
LocalFree
GetSystemTimeAsFileTime
GetVersion
VirtualAllocEx
lstrcmpA

user32

CharLowerBuffW
UnregisterClassA
wsprintfW

shlwapi

PathRemoveFileSpecW
PathIsDirectoryW
PathStripPathW
PathFileExistsW
PathAppendW

userenv

UnloadUserProfile

oleaut32

VariantClear
SafeArrayCopy
SystemTimeToVariantTime
SysAllocStringByteLen
SafeArrayGetLBound
SysAllocStringLen
VariantCopyInd
SafeArrayCreate
SafeArrayGetUBound
GetErrorInfo
SafeArrayLock
VarBstrCmp
SafeArrayRedim
GetRecordInfoFromGuids
VarUdateFromDate
SafeArrayAccessData
VariantInit
SafeArrayGetVartype
SafeArrayGetDim
SafeArrayCreateVectorEx
SysAllocString
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SysStringByteLen
SafeArrayUnlock
VariantChangeType
SysFreeString
SysStringLen
SafeArrayDestroy
VariantCopy

shell32

SHGetSpecialFolderPathW

ole32

CoCreateInstance
StringFromGUID2
CoRevertToSelf
CoGetInterfaceAndReleaseStream
CoCreateGuid
CoMarshalInterThreadInterfaceInStream
CoQueryProxyBlanket
CoUninitialize
CoInitializeEx
CoImpersonateClient
CoSetProxyBlanket
CoGetCallContext

security

ExportSecurityContext
QuerySecurityContextToken
InitSecurityInterfaceA
AcceptSecurityContext

softpub

GenericChainCertificateTrust
SoftpubLoadSignature

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a216a97b1e5c26106e51f46f36f5772

Headers

File Characteristics

Imports

advapi32

kernel32

user32

shlwapi

userenv

oleaut32

shell32

ole32

security

softpub

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 214KB - Virtual size: 215KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 214KB - Virtual size: 215KB

.rsrc
Size: 9KB - Virtual size: 9KB