6a22c648492e0b972e1c809f1b4aee5229a664e130097a7399efb074df2725c2

Sharing

Copy URL

Twitter E-mail

General

Target

6a22c648492e0b972e1c809f1b4aee5229a664e130097a7399efb074df2725c2
Size

464KB
MD5

6f088e3ebaacd4ffc078cf19e643aee0
SHA1

f38d02e58246caec41ec6c86a335b5e22608b918
SHA256

6a22c648492e0b972e1c809f1b4aee5229a664e130097a7399efb074df2725c2
SHA512

e1ac17fc314d18fa5f764cafbcacf7429e3ca2e63fee4ee93f8b5d2c23dc2e8d946561c083c50e66507382b3b24b4513b15fada8b89629865ac6fe66069e8fe9
SSDEEP

6144:mekAYkG7dzJbl2+o94Nb/CjmJqhBNdafMOu2IyuPeC6jyffgTNzExh:2kGpzhl21+Nb/taBgLP7umCfgT1O

Score

N/A

Malware Config

Signatures

Files

6a22c648492e0b972e1c809f1b4aee5229a664e130097a7399efb074df2725c2
.dll windows x86

b3440554b37160bfe283992654820903

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

EnumServiceGroupW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegOpenKeyA
RegQueryValueExA
RegQueryValueW
SetSecurityInfo
SystemFunction001
AddAccessAllowedAce
AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
LogonUserW
RegSetValueExA
SetEntriesInAccessListA
SetSecurityDescriptorDacl
ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCreateKeyExA
StartServiceA
BuildImpersonateExplicitAccessWithNameA
CheckTokenMembership
ImpersonateSelf
LookupSecurityDescriptorPartsW
OpenThreadToken
QueryServiceConfig2A
ReadEventLogW
RevertToSelf
LsaOpenTrustedDomainByName
BackupEventLogA
CryptReleaseContext
ElfReportEventA
EncryptionDisable
EqualPrefixSid
GetNumberOfEventLogRecords
LogonUserA
ObjectPrivilegeAuditAlarmW
OpenSCManagerW
RegCreateKeyW
RemoveTraceCallback
SetFileSecurityA
ChangeServiceConfig2A
ChangeServiceConfig2W
ConvertToAutoInheritPrivateObjectSecurity
ElfReadEventLogW
GetAccessPermissionsForObjectA
SetEntriesInAclW
SystemFunction022

kernel32

CreateSemaphoreW
DeleteFileW
DnsHostnameToComputerNameW
FlushFileBuffers
GetProcAddress
GetShortPathNameW
GlobalUnWire
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LoadLibraryExW
ReadFile
SetFilePointer
Sleep
WriteFile
MultiByteToWideChar
CancelWaitableTimer
CloseHandle
CommConfigDialogA
CreateEventW
DeleteFiber
GetCurrencyFormatW
GetCurrentDirectoryA
GetDiskFreeSpaceW
GetFileSize
GetLocaleInfoA
GetOverlappedResult
GetUserDefaultUILanguage
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
IsProcessorFeaturePresent
LocalAlloc
LocalFree
MulDiv
OpenJobObjectA
ReadConsoleOutputW
ResetEvent
lstrcatA
lstrcpyA
lstrcpyW
lstrlenA
CreateFileMappingA
CreateMutexA
DisableThreadLibraryCalls
GetComputerNameA
GetVersion
GetVersionExA
GetWriteWatch
MapViewOfFile
OpenFileMappingA
ReleaseMutex
UnmapViewOfFile
WaitForSingleObject
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetLocalTime
InterlockedCompareExchange
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcatW
lstrlenW
CallNamedPipeA
CreateEventA
GetFileAttributesA
GetWindowsDirectoryA
OpenEventA
FindVolumeMountPointClose
FreeLibrary
GetDriveTypeW
GetFileAttributesW
GetFullPathNameW
LoadLibraryExA
SetErrorMode
WideCharToMultiByte
lstrcmpW
lstrcmpiW
FillConsoleOutputCharacterW
FindFirstFileExW
GetCurrentThread
GetProcessHeaps
_lopen
FormatMessageW
LoadLibraryW
Beep
CreateProcessW
FindFirstVolumeMountPointA
FreeResource
GetConsoleWindow
GetModuleFileNameA
HeapValidate
LoadLibraryA
QueryPerformanceFrequency
SizeofResource
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WriteProfileStringW
lstrcmpA
VirtualAlloc
BackupWrite
DefineDosDeviceA
EnumResourceTypesA
GetBinaryTypeW
GetDriveTypeA
GetEnvironmentStringsA
GetWindowsDirectoryW
OutputDebugStringA
lstrcpynA
ExitProcess
GetLastError
HeapFree
HeapAlloc
CreateProcessA
DuplicateHandle
RtlUnwind
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetTimeFormatA
GetDateFormatA
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetConsoleCP
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
VirtualProtect
GetSystemInfo
VirtualQuery
SetConsoleCtrlHandler
DeleteCriticalSection
VirtualFree
HeapReAlloc
SetLocalTime
FindFirstFileW
FindNextFileW
GetCommandLineA
GetProcessHeap
SetLastError
GetStdHandle
FatalAppExitA
IsDebuggerPresent
InitializeCriticalSection
GetACP
GetOEMCP
IsValidCodePage
HeapDestroy
HeapCreate
RaiseException
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
CreatePipe
GetExitCodeProcess
CreateFileW
SetStdHandle
PeekConsoleInputA
GetNumberOfConsoleInputEvents
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetLocaleInfoW
FindClose
SetEndOfFile
SetCurrentDirectoryA
GetFullPathNameA
SetEnvironmentVariableA
SetEnvironmentVariableW

oleaut32

VarR4FromDisp
VarFormatDateTime
VarI2FromDate
VarR4FromUI2
BSTR_UserSize
SafeArrayUnlock
VarBstrFromI2
VarI4FromStr
VarUI4FromBool
VarUI4FromI2
VarUI4FromR4
VarDateFromStr
VarDecFix
VarI4FromDec
VarUI1FromUI4

Exports

Exports

MGTCQWVEPRX

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3440554b37160bfe283992654820903

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 44KB - Virtual size: 56KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 44KB - Virtual size: 56KB

.reloc
Size: 16KB - Virtual size: 14KB