841d6659f7ae343c39ecc2ed2b9f80bc2bd7b8c3f5ec170a3fb628ac748260dd

Sharing

Copy URL Twitter E-mail

General

Target

841d6659f7ae343c39ecc2ed2b9f80bc2bd7b8c3f5ec170a3fb628ac748260dd
Size

264KB
MD5

0a72857c9247c93a0640c7d81d0e9a78
SHA1

2880090a33553ff512ad4f42aa7c2bd68d3ae14d
SHA256

841d6659f7ae343c39ecc2ed2b9f80bc2bd7b8c3f5ec170a3fb628ac748260dd
SHA512

35f14d138afb506bca787467a047dd79897a297698f8a95a24f68c57534c9d5d3224f5f567595a7f011e39b9106d5e50e235fa2349639e615aa501b676f6d33f
SSDEEP

6144:wyNarLAOU8UJ194C9eqaDw8PxbkW/ZysPf9f+70tRSxFwg:DWLAOU8UxjoqkwsbPysPfpXqFwg

Score

N/A

Malware Config

Signatures

Files

841d6659f7ae343c39ecc2ed2b9f80bc2bd7b8c3f5ec170a3fb628ac748260dd
.exe windows x86

019debe039b39e09b851aadbad08994d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FindMimeFromData

kernel32

WaitForSingleObject
FindClose
UnhandledExceptionFilter
TlsSetValue
OpenEventW
LeaveCriticalSection
GetLocalTime
TlsAlloc
OpenProcess
WriteFile
WaitForMultipleObjects
GetFileSize
CreateDirectoryW
SetUnhandledExceptionFilter
FormatMessageW
SetLastError
GetTimeFormatW
ResetEvent
GetPrivateProfileIntW
lstrcpynW
TlsFree
CreateFileMappingW
GetCurrentThreadId
CreateProcessW
LocalFree
lstrlenW
DeleteFileW
TlsGetValue
HeapFree
GetSystemTimeAsFileTime
CreateMutexW
EnterCriticalSection
DeviceIoControl
FreeLibrary
GetDateFormatW
CreateEventW
MapViewOfFile
IsDebuggerPresent
GetProcessHeap
OutputDebugStringA
GetModuleHandleW
UnmapViewOfFile
FindNextFileW
SetFilePointer
ReadFile
lstrcpyW
GetPrivateProfileStringW
FindFirstFileW
LoadLibraryExW
CreateFileW
GetTempPathW
CloseHandle
DeleteCriticalSection
LoadLibraryA
VirtualAllocEx

user32

LoadStringW
wsprintfW

ole32

CoInitialize
CoUninitialize
OleRun
CoTaskMemFree
CoCreateInstance

advapi32

OpenProcessToken
InitializeSecurityDescriptor
RegCloseKey
ControlService
StartServiceW
SetServiceStatus
GetTokenInformation
CreateProcessAsUserW
SetTokenInformation
RegOpenKeyExW
RegConnectRegistryW
OpenServiceW
RegisterServiceCtrlHandlerW
GetSecurityDescriptorDacl
DuplicateTokenEx
SetSecurityInfo
GetSecurityInfo
RegQueryValueExW
LookupAccountSidW
BuildExplicitAccessWithNameW
OpenSCManagerW
CreateServiceW
ConvertStringSidToSidW
GetUserNameW
QueryServiceStatus
SetEntriesInAclW
LookupPrivilegeValueW
AdjustTokenPrivileges
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherW
DeleteService
CloseServiceHandle

ws2_32

WSACloseEvent
connect
WSAAccept
socket
WSAEventSelect
shutdown
WSAStartup
htonl
send
closesocket
WSASetEvent
WSACleanup
bind
WSAEnumNetworkEvents
htons
WSACreateEvent
recv
listen
ntohs
gethostname
inet_addr
gethostbyname
WSAWaitForMultipleEvents
WSAGetLastError

mscms

CreateProfileFromLogColorSpaceA
UnregisterCMMW
CloseColorProfile
GetColorProfileFromHandle
GetColorDirectoryA
InternalGetPS2CSAFromLCS
DeleteColorTransform
ConvertColorNameToIndex

odbccp32

SQLInstallerError
SQLManageDataSources
SQLCreateDataSourceEx
SQLInstallDriverManagerW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mkJDD
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jZK
Size: 512B - Virtual size: 885B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ubOxRi
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ueO
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Z
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hOx
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EhewaN
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HQ
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 212KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mAZD
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OmLFM
Size: 512B - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.S
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

019debe039b39e09b851aadbad08994d

Headers

DLL Characteristics

File Characteristics

Imports

urlmon

kernel32

user32

ole32

advapi32

ws2_32

mscms

odbccp32

Sections

.text Size: 16KB - Virtual size: 15KB

.s Size: 2KB - Virtual size: 2KB

.mkJDD Size: 2KB - Virtual size: 2KB

.jZK Size: 512B - Virtual size: 885B

.ubOxRi Size: 1KB - Virtual size: 2KB

.ueO Size: 1024B - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 3KB

.Z Size: 2KB - Virtual size: 2KB

.hOx Size: 1024B - Virtual size: 1KB

.EhewaN Size: 1KB - Virtual size: 1KB

.HQ Size: 512B - Virtual size: 272B

.data Size: 212KB - Virtual size: 416KB

.mAZD Size: 1024B - Virtual size: 1KB

.OmLFM Size: 512B - Virtual size: 680B

.S Size: 1KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 16KB - Virtual size: 15KB

.s
Size: 2KB - Virtual size: 2KB

.mkJDD
Size: 2KB - Virtual size: 2KB

.jZK
Size: 512B - Virtual size: 885B

.ubOxRi
Size: 1KB - Virtual size: 2KB

.ueO
Size: 1024B - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 3KB

.Z
Size: 2KB - Virtual size: 2KB

.hOx
Size: 1024B - Virtual size: 1KB

.EhewaN
Size: 1KB - Virtual size: 1KB

.HQ
Size: 512B - Virtual size: 272B

.data
Size: 212KB - Virtual size: 416KB

.mAZD
Size: 1024B - Virtual size: 1KB

.OmLFM
Size: 512B - Virtual size: 680B

.S
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 16KB