6178b1b775b99fb40645409a6f308d591fc40f428e8c59090d92829f8a11b81e

Sharing

Copy URL Twitter E-mail

General

Target

6178b1b775b99fb40645409a6f308d591fc40f428e8c59090d92829f8a11b81e
Size

249KB
MD5

a9d5dbf1ba8811cb9a57fd5e3de9b792
SHA1

3fbb5665dbed0be16d8a60987f5838ef85e2450e
SHA256

6178b1b775b99fb40645409a6f308d591fc40f428e8c59090d92829f8a11b81e
SHA512

080b2c788bd418604e33f18b15e4cb59d875e162f9cde1ae22727326fea63b1972d7f1932134d662b18fe57cd84cc5154c368dc184f2ab2785217c88da3df882
SSDEEP

6144:HO0B+atbcA+9uMUpUz+7TdgPcTfBS4ymsAI/:upDf9u/UQdgPEJQm

Score

N/A

Malware Config

Signatures

Files

6178b1b775b99fb40645409a6f308d591fc40f428e8c59090d92829f8a11b81e
.exe windows x86

c4e58450a03f6132bf4afec772f514cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersAddresses
GetTcpTable
GetUdpTable
GetAdaptersInfo
NotifyAddrChange
GetIpAddrTable
GetIpForwardTable
SendARP
GetIpNetTable
NotifyRouteChange

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

ws2_32

WSACleanup
ntohs
WSAStartup
inet_addr

rpcrt4

RpcRevertToSelf
UuidCreate
RpcImpersonateClient

advapi32

GetTraceEnableLevel
GetSidSubAuthorityCount
QueryServiceConfigW
RegSetValueExW
GetSidSubAuthority
StartServiceW
QueryServiceStatusEx
OpenProcessToken
GetTraceLoggerHandle
ControlService
CloseServiceHandle
ControlTraceW
RegOpenKeyExW
UnregisterTraceGuids
GetTraceEnableFlags
RegisterTraceGuidsW
TraceMessage
RegCloseKey
GetTokenInformation
OpenServiceW
OpenSCManagerW
RegQueryValueExW

user32

TranslateMessage
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW

oleaut32

SysAllocString
VariantInit
SafeArrayCreate
VariantClear
SafeArrayDestroy
SysFreeString

kernel32

FormatMessageW
RaiseException
SetFileAttributesW
SetLastError
HeapDestroy
DeviceIoControl
SizeofResource
WaitForSingleObject
GetCurrentThreadId
FindResourceExW
CreateSemaphoreW
GetFileSize
lstrlenA
LockResource
IsDebuggerPresent
LoadLibraryExW
FindResourceW
EnterCriticalSection
GetSystemTime
FreeLibrary
HeapReAlloc
LocalAlloc
lstrlenW
WriteFile
GetSystemTimeAsFileTime
HeapFree
SetEndOfFile
LeaveCriticalSection
DeleteFileW
HeapSize
OpenProcess
GetProcessHeap
LoadResource
GetACP
WideCharToMultiByte
CreateFileW
SetFilePointer
CreateEventW
ReleaseSemaphore
HeapAlloc
SetUnhandledExceptionFilter
ReadFile
CloseHandle
FileTimeToSystemTime
DeleteCriticalSection
UnhandledExceptionFilter
HeapCreate
VirtualAllocEx

shlwapi

PathAddBackslashW

esent

JetStopServiceInstance
JetEndSession
JetSetTableSequential
JetReadFile
JetIndexRecordCount
JetAttachDatabase2
JetSetCurrentIndex4
JetDeleteColumn2
JetGetIndexInfo
JetAttachDatabaseWithStreaming
JetEscrowUpdate

htui

HTUI_DeviceColorAdjustmentW
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustment

Sections

.ZgMO
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PiMSc
Size: 512B - Virtual size: 399B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sGVoZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DzUhR
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kZOw
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YZPVkVz
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lciaj
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JwDw
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4e58450a03f6132bf4afec772f514cf

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

ole32

ws2_32

rpcrt4

advapi32

user32

oleaut32

kernel32

shlwapi

esent

htui

Sections

.ZgMO Size: 1024B - Virtual size: 16KB

.text Size: 16KB - Virtual size: 15KB

.PiMSc Size: 512B - Virtual size: 399B

.sGVoZ Size: 3KB - Virtual size: 2KB

.DzUhR Size: 1024B - Virtual size: 516B

.data Size: 7KB - Virtual size: 59KB

.kZOw Size: 2KB - Virtual size: 2KB

.rdata Size: 209KB - Virtual size: 208KB

.YZPVkVz Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.Lciaj Size: 2KB - Virtual size: 2KB

.JwDw Size: 1024B - Virtual size: 518B

.ZgMO
Size: 1024B - Virtual size: 16KB

.text
Size: 16KB - Virtual size: 15KB

.PiMSc
Size: 512B - Virtual size: 399B

.sGVoZ
Size: 3KB - Virtual size: 2KB

.DzUhR
Size: 1024B - Virtual size: 516B

.data
Size: 7KB - Virtual size: 59KB

.kZOw
Size: 2KB - Virtual size: 2KB

.rdata
Size: 209KB - Virtual size: 208KB

.YZPVkVz
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.Lciaj
Size: 2KB - Virtual size: 2KB

.JwDw
Size: 1024B - Virtual size: 518B