6e823f8eed496e4bab08fcc3908c28242adf77d75f0a768504f0a7b97a487b6d

Sharing

Copy URL

Twitter E-mail

General

Target

6e823f8eed496e4bab08fcc3908c28242adf77d75f0a768504f0a7b97a487b6d
Size

315KB
MD5

62b24155a83b72a14418a4019f3d3ff6
SHA1

fc0198765a758662c0c203590029ecb90849b43e
SHA256

6e823f8eed496e4bab08fcc3908c28242adf77d75f0a768504f0a7b97a487b6d
SHA512

f02d3be6017e631cec19e32f189c128c215ec161a71a3280e818158f859112f4d525d6b53c9ef638edfc703affacb713cf780914f0fcaa6faab996d6e1ef4973
SSDEEP

6144:eT/x7vZtGgdR7uj4K+l1XbdktC47Kfy6IepGxzuI8Bkfb:el7vZsgjujepbCMy6IepGxzuXmj

Score

N/A

Malware Config

Signatures

Files

6e823f8eed496e4bab08fcc3908c28242adf77d75f0a768504f0a7b97a487b6d
.exe windows x86

7a4cfaefb1417afb455d2f791a2b4b21

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyW
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSidSubAuthority
InitializeAcl
AddAce
InitializeSecurityDescriptor
ImpersonateNamedPipeClient
OpenProcessToken
IsValidSid
InitializeSid
GetLengthSid
GetAclInformation
GetSecurityDescriptorLength
SetSecurityDescriptorDacl
ConvertSidToStringSidW
RegCloseKey
GetSecurityDescriptorOwner
GetTokenInformation
RegQueryValueExW
EqualSid
ConvertStringSidToSidW
CopySid
MakeAbsoluteSD
MakeSelfRelativeSD
GetSidLengthRequired
SetThreadToken
GetSecurityDescriptorSacl
OpenThreadToken
GetSecurityDescriptorControl
SetSecurityDescriptorOwner
RegOpenKeyExW
RevertToSelf

user32

UnregisterClassA
wsprintfW

shell32

SHGetFolderPathW

userenv

UnloadUserProfile
ExpandEnvironmentStringsForUserW

ole32

CoRevertToSelf
CoCreateInstance
CoUninitialize
CoMarshalInterThreadInterfaceInStream
OleRun
CoInitializeEx
CoUnmarshalInterface
CoImpersonateClient

ws2_32

socket
WSACleanup
WSAStartup
htons
sendto
inet_addr
closesocket

kernel32

WaitForSingleObject
ReadFile
DisconnectNamedPipe
GetFileInformationByHandle
LocalFree
SetUnhandledExceptionFilter
LCMapStringW
QueryPerformanceFrequency
HeapFree
GetOverlappedResult
LeaveCriticalSection
MoveFileExW
DeleteCriticalSection
GetDriveTypeW
HeapAlloc
EnterCriticalSection
GetLongPathNameW
GetSystemTimeAsFileTime
FindResourceW
ExpandEnvironmentStringsW
FindResourceExW
GetCurrentThreadId
FreeLibrary
ResetEvent
HeapDestroy
WideCharToMultiByte
CreateThread
CreateFileW
OpenEventW
GetModuleHandleA
HeapReAlloc
SetThreadLocale
GetThreadLocale
GetProcessHeap
GetFileSize
VerSetConditionMask
VerifyVersionInfoW
OutputDebugStringW
FindFirstFileW
ConnectNamedPipe
CreateEventW
CancelIo
SetLastError
LockResource
CreateNamedPipeW
FormatMessageW
lstrlenW
HeapSize
GetShortPathNameW
GetModuleHandleW
UnhandledExceptionFilter
CloseHandle
GetVolumePathNameW
GetACP
lstrlenA
FindClose
FormatMessageA
SizeofResource
QueryDosDeviceW
LoadResource
IsDebuggerPresent
OpenProcess
RaiseException
OutputDebugStringA
WaitForMultipleObjects
WriteFile
CompareFileTime
VirtualAllocEx

shlwapi

StrStrIW
SHGetValueA
PathRemoveFileSpecW

psapi

GetModuleFileNameExW

oleaut32

VarBstrCmp
SafeArrayCreateVectorEx
VariantCopy
SysStringByteLen
VariantInit
SafeArrayLock
SafeArrayDestroyData
SysAllocStringLen
SafeArrayGetUBound
VariantChangeType
SafeArrayUnlock
SysAllocString
SafeArrayDestroyDescriptor
SafeArrayCreate
VariantCopyInd
VarBstrCat
GetErrorInfo
SafeArrayDestroy
SysFreeString
SafeArrayRedim
SafeArrayUnaccessData
LoadRegTypeLi
SafeArrayAccessData
SysStringLen
SafeArrayCopy
SafeArrayGetVartype
GetRecordInfoFromGuids
LoadTypeLi
SysAllocStringByteLen
VariantClear
SafeArrayGetLBound

comctl32

ImageList_LoadImageW
ImageList_SetBkColor
ImageList_Destroy
ImageList_Replace
DrawInsert
ImageList_Add
ImageList_Remove

inetmib1

SnmpExtensionQuery

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a4cfaefb1417afb455d2f791a2b4b21

Headers

File Characteristics

Imports

advapi32

user32

shell32

userenv

ole32

ws2_32

kernel32

shlwapi

psapi

oleaut32

comctl32

inetmib1

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 286KB - Virtual size: 1.0MB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 286KB - Virtual size: 1.0MB

.rsrc
Size: 3KB - Virtual size: 2KB