71fec4ad3ebca22d647ad9492ab74b3cd6ce9cbced8712e20c1e0f358036c0db

Sharing

Copy URL

Twitter E-mail

General

Target

71fec4ad3ebca22d647ad9492ab74b3cd6ce9cbced8712e20c1e0f358036c0db
Size

298KB
MD5

f8633539bccef00365d73039a7bce452
SHA1

badfaa62f427ae1c30efde48001e6cdba9a8e9b9
SHA256

71fec4ad3ebca22d647ad9492ab74b3cd6ce9cbced8712e20c1e0f358036c0db
SHA512

9cea193d1962c6fe477cfa62d5288f60e2eb19523e08bdfd816f75faa452908d74fd577363590a6ff541fdbf44e5e7cd1137bc34427bf79cc756ce65afe3660d
SSDEEP

6144:46QcDGsSQMsYHDQAnwOYS2BiVqx394VpMolap/jyH6/:hrGscxHDQNtSHC9WDg

Score

N/A

Malware Config

Signatures

Files

71fec4ad3ebca22d647ad9492ab74b3cd6ce9cbced8712e20c1e0f358036c0db
.exe windows x86

9b7fdaff652ec0eaf6eb6e53335d8e58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
OutputDebugStringW
TlsFree
GetSystemTimeAsFileTime
HeapSize
FindFirstFileW
TlsSetValue
SetThreadAffinityMask
CloseHandle
HeapAlloc
ResumeThread
ResetEvent
IsProcessorFeaturePresent
WriteProcessMemory
RegisterWaitForSingleObject
VirtualAllocEx
SetFilePointer
OpenFileMappingW
CreateThread
EnterCriticalSection
WaitForMultipleObjects
GetModuleHandleA
TlsAlloc
HeapDestroy
GetThreadContext
GetProcessAffinityMask
UnhandledExceptionFilter
LeaveCriticalSection
lstrcmpiW
CreateFileW
DuplicateHandle
FindClose
LockResource
SwitchToThread
FormatMessageW
UnmapViewOfFile
SizeofResource
GetTempPathW
OpenThread
UnregisterWaitEx
LoadLibraryExW
LoadResource
GetModuleHandleW
HeapReAlloc
TlsGetValue
DeleteFileW
GetThreadPriority
WideCharToMultiByte
WaitForSingleObject
FormatMessageA
GetCurrentThreadId
FreeEnvironmentStringsW
lstrlenW
OpenProcess
FindResourceExW
GlobalLock
ReadFile
SetUnhandledExceptionFilter
CreateProcessW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetProcessHeap
RaiseException
SetLastError
LocalFree
GetSystemInfo
DeleteCriticalSection
FreeLibrary
SetEnvironmentVariableW
SuspendThread
FindResourceW
CreateEventW
LCMapStringW
LocalAlloc
HeapFree
MapViewOfFile
GetThreadLocale
ExpandEnvironmentStringsW
GlobalUnlock
GlobalAlloc
GetFileInformationByHandle

oleaut32

VariantClear
SysStringByteLen
VarUI4FromStr
SysStringLen
SysAllocStringByteLen
VarBstrCmp
VarBstrCat
SysFreeString
SysAllocStringLen
SysAllocString
VariantInit

ole32

CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateGuid
CoUninitialize
StringFromCLSID
CoLockObjectExternal
CreateStreamOnHGlobal
CLSIDFromString
CoInitializeEx
CoTaskMemFree
CoCreateInstance

shell32

SHGetFolderPathW

advapi32

SetSecurityDescriptorDacl
IsValidSecurityDescriptor
RegCreateKeyExW
RegOpenKeyExA
RegQueryInfoKeyW
OpenProcessToken
PrivilegeCheck
RegEnumKeyExW
RegDeleteValueW
AddAccessAllowedAce
RegCloseKey
SetSecurityDescriptorOwner
DuplicateToken
RegOpenKeyExW
InitializeSecurityDescriptor
InitializeAcl
RegDeleteKeyW
RegSetValueExW
AllocateAndInitializeSid
LookupPrivilegeValueW
FreeSid
SetSecurityDescriptorGroup
RegQueryValueExW
GetLengthSid
AccessCheck
AdjustTokenPrivileges
RegQueryValueExA
RegConnectRegistryW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

user32

PeekMessageW
CharNextW
LoadStringW
PostThreadMessageW
TranslateMessage
CharUpperBuffW
DispatchMessageW
GetMessageW
UpdateWindow

comctl32

CreateStatusWindow
ImageList_EndDrag
ImageList_DragEnter
DestroyPropertySheetPage
ImageList_LoadImage
ImageList_DragShowNolock
InitMUILanguage
DrawStatusTextA
LBItemFromPt

msrle32

DriverProc

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 1012KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 142KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b7fdaff652ec0eaf6eb6e53335d8e58

Headers

File Characteristics

Imports

kernel32

oleaut32

ole32

shell32

advapi32

version

user32

comctl32

msrle32

Sections

.text Size: 14KB - Virtual size: 13KB

.bss Size: 74KB - Virtual size: 1012KB

.reloc Size: 142KB - Virtual size: 418KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 708KB

.rsrc Size: 14KB - Virtual size: 19KB

.text
Size: 14KB - Virtual size: 13KB

.bss
Size: 74KB - Virtual size: 1012KB

.reloc
Size: 142KB - Virtual size: 418KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 708KB

.rsrc
Size: 14KB - Virtual size: 19KB