5257d5492304b274fd5b967172f2db03dd2f79bfae4d87458a07f3ed2244f426

Sharing

Copy URL

Twitter E-mail

General

Target

5257d5492304b274fd5b967172f2db03dd2f79bfae4d87458a07f3ed2244f426
Size

801KB
MD5

4c8e29c78ef54ad459128c4a60740460
SHA1

c00b53f928fb00c5bd40b379a5c314a522747927
SHA256

5257d5492304b274fd5b967172f2db03dd2f79bfae4d87458a07f3ed2244f426
SHA512

1eba90e84f01139f645acdb70e2007dde851f7a86932d6aa7846c79f398d58037988be942662b3b0c277ab2b5405733d5a8ff05b8fe5e3498cf5622042923b81
SSDEEP

12288:aDFOtFLS0WC4cAte9d1gz6zd/uoofrOPThA/78w63nGtTitN2tYSmRTdvwDkH8J8:aFotV74cQsLpPhMW3uJsRTdtwdN

Score

N/A

Malware Config

Signatures

Files

5257d5492304b274fd5b967172f2db03dd2f79bfae4d87458a07f3ed2244f426
.exe windows x86

c4f1e9c43a520518975cc739dd07096b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

StrCmpIW
PathGetDriveNumberW
PathFindSuffixArrayW
PathRemoveBlanksW
PathRemoveExtensionW
PathFileExistsW
PathIsNetworkPathW
StrSpnW
StrToIntW
StrChrA
SHRegGetBoolUSValueW

advapi32

RegQueryValueA
RegDeleteValueW
GetCurrentHwProfileW
SystemFunction029
AreAllAccessesGranted
RegSetKeySecurity
ImpersonateSelf
RegQueryValueExA
DuplicateTokenEx
SystemFunction018
GetSecurityDescriptorControl
RegNotifyChangeKeyValue
BuildExplicitAccessWithNameA
AddAccessAllowedAce
DeleteService
OpenThreadToken
IsValidSid
CryptImportKey
InitializeSecurityDescriptor
AddAccessDeniedAce
RegSetValueW

kernel32

WriteConsoleOutputW
GetCurrencyFormatW
UpdateResourceW
FindVolumeMountPointClose
GetCPInfo
ClearCommError
GetBinaryTypeA
EnumDateFormatsW
GetFileSizeEx
WriteConsoleA
RtlMoveMemory
GetProcessTimes
SetFileAttributesW
FindFirstChangeNotificationW
VirtualAlloc
GetCommConfig

oleaut32

SafeArrayCreate
VariantCopyInd
VariantClear
SysAllocStringByteLen
SafeArrayGetLBound
SafeArrayGetUBound
SysReAllocStringLen
SafeArrayPtrOfIndex
VariantChangeType
GetActiveObject
SysAllocStringLen

netapi32

DsGetDcNameW
DsEnumerateDomainTrustsW
NetUserSetInfo
NetLocalGroupGetMembers
NetGroupAdd
NetRemoteTOD
NetLocalGroupEnum
NetUserSetGroups
NetRegisterDomainNameChangeNotification
NetGetAnyDCName
NetShareAdd
NetUnjoinDomain
NetAlertRaiseEx
NetWkstaGetInfo
NetUserEnum

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cyvp
Size: 185KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aXUuUn
Size: 227KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JqQt
Size: 214KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4f1e9c43a520518975cc739dd07096b

Headers

File Characteristics

Imports

shlwapi

advapi32

kernel32

oleaut32

netapi32

Sections

.text Size: 97KB - Virtual size: 96KB

.cyvp Size: 185KB - Virtual size: 249KB

.aXUuUn Size: 227KB - Virtual size: 287KB

.JqQt Size: 214KB - Virtual size: 468KB

.rsrc Size: 74KB - Virtual size: 74KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 97KB - Virtual size: 96KB

.cyvp
Size: 185KB - Virtual size: 249KB

.aXUuUn
Size: 227KB - Virtual size: 287KB

.JqQt
Size: 214KB - Virtual size: 468KB

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 1KB - Virtual size: 1KB