493e5edd7075c94c0077959eadabb368781013d30b3a690b22f081d5ff85ca0a

Sharing

Copy URL Twitter E-mail

General

Target

493e5edd7075c94c0077959eadabb368781013d30b3a690b22f081d5ff85ca0a
Size

271KB
MD5

ef3a4241a61f0d8dfc51f755e473177b
SHA1

865e9ec72abcdeb6b4ef886575009a0886cd00ec
SHA256

493e5edd7075c94c0077959eadabb368781013d30b3a690b22f081d5ff85ca0a
SHA512

3eb4dc150542ca0f22d0f7cc51968c68259ab9eae709fa3842ff049062df0cd2588f75f833d9c04a88cccc5bab7438368d54a8380357e04ac4b5356af2df1b22
SSDEEP

6144:M0aMiwJ17lAhHxz9NceB7oIjZFWuQi4wd1oDL:MKJ1JAjBBjZFWvi4ws

Score

N/A

Malware Config

Signatures

Files

493e5edd7075c94c0077959eadabb368781013d30b3a690b22f081d5ff85ca0a
.exe windows x86

bf29b8472f9e3c9bf48e88a2fcd3d5ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsW
CharNextW
wsprintfW
GetDesktopWindow
GetSystemMetrics

mpr

WNetGetUniversalNameW

iphlpapi

GetAdaptersInfo

ole32

CoCreateGuid
IIDFromString
CoCreateInstance
CoTaskMemFree
StringFromIID
CoTaskMemAlloc
StringFromCLSID
CLSIDFromString
CoTaskMemRealloc

kernel32

GetSystemTime
RaiseException
CreateMutexW
GetDriveTypeW
VirtualQuery
LoadLibraryExW
TlsFree
CreateIoCompletionPort
GetDiskFreeSpaceExW
TlsSetValue
GetSystemInfo
UnmapViewOfFile
SizeofResource
GetFileAttributesExW
CreateEventA
GetWindowsDirectoryW
FindFirstFileW
ExpandEnvironmentStringsW
CreateWaitableTimerA
FindResourceW
GetLongPathNameW
SetEndOfFile
lstrcmpW
WriteFile
SearchPathW
DeleteFileW
GetQueuedCompletionStatus
GetCurrentThreadId
GlobalMemoryStatusEx
SystemTimeToFileTime
FormatMessageW
CloseHandle
FileTimeToSystemTime
EnterCriticalSection
QueryPerformanceFrequency
GetModuleHandleW
CreateFileW
WaitForMultipleObjects
DeleteCriticalSection
lstrlenA
lstrlenW
SetLastError
ResumeThread
GlobalFree
lstrcmpiW
lstrcmpA
HeapDestroy
ReadProcessMemory
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
WTSGetActiveConsoleSessionId
GetVolumeInformationW
FindFirstFileExW
IsDebuggerPresent
VirtualAlloc
GetTempFileNameW
UnhandledExceptionFilter
ReleaseMutex
TlsAlloc
HeapSize
SetWaitableTimer
HeapAlloc
LockResource
PostQueuedCompletionStatus
MoveFileW
GetFileTime
GetOverlappedResult
MapViewOfFile
RemoveDirectoryW
QueryDosDeviceW
TzSpecificLocalTimeToSystemTime
LoadResource
TlsGetValue
GetUserDefaultLCID
GetFullPathNameW
GetTempPathW
OpenProcess
FormatMessageA
CreateWaitableTimerW
GetFileInformationByHandle
MoveFileExW
CancelWaitableTimer
CreateFileMappingW
GetSystemWow64DirectoryW
SetFilePointerEx
CreateSemaphoreA
HeapReAlloc
GetSystemDirectoryW
WideCharToMultiByte
LocalAlloc
GetProcessHeap
SetFileAttributesW
ReleaseSemaphore
GetFileSizeEx
GetVolumeNameForVolumeMountPointW
GetLocalTime
ReadFile
SystemTimeToTzSpecificLocalTime
WaitForSingleObject
CreateMutexA
FindNextFileW
CreateDirectoryW
DuplicateHandle
FindResourceExW
ResetEvent
HeapFree
DeviceIoControl
GetSystemDefaultUILanguage
CreateProcessW
LocalFileTimeToFileTime
VirtualFree
CreateEventW
GetSystemDefaultLangID
LocalFree
LeaveCriticalSection
CopyFileW
FindClose
FreeLibrary
GetCurrentDirectoryW

oleaut32

VarDateFromStr
VarUI4FromStr
VariantClear
VariantTimeToSystemTime
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
VariantInit

psapi

EnumDeviceDrivers
GetDeviceDriverFileNameW
EnumProcessModules
GetModuleBaseNameW
GetMappedFileNameW

crypt32

CertCloseStore
CertFreeCertificateContext
CryptQueryObject
CertGetNameStringW
CryptMsgClose
CertGetEnhancedKeyUsage
CertNameToStrW
CryptMsgGetParam
CertFindCertificateInStore

rpcrt4

UuidCreate

wintrust

WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminCalcHashFromFileHandle
WintrustGetRegPolicyFlags
CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminEnumCatalogFromHash

wininet

InternetGetConnectedState

iassvcs

IASUninitialize
IASSetMaxNumberOfThreads
IASRadiusCrypt
IASGetLocalDictionary

licmgr10

DllRegisterServer
DllUnregisterServer
DllCanUnloadNow

Sections

.lyqGsyB
Size: 512B - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.mKIIe
Size: 1KB - Virtual size: 38KB

IMAGE_SCN_MEM_READ

.PQtF
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_MEM_READ

.onHPZUK
Size: 512B - Virtual size: 27KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.YDmfJD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eICEtB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YbsqJ
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.JOkXhDa
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WKmWQ
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zQGwt
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qGxCmc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf29b8472f9e3c9bf48e88a2fcd3d5ff

Headers

DLL Characteristics

File Characteristics

Imports

user32

mpr

iphlpapi

ole32

kernel32

oleaut32

psapi

crypt32

rpcrt4

wintrust

wininet

iassvcs

licmgr10

Sections

.lyqGsyB Size: 512B - Virtual size: 20KB

.mKIIe Size: 1KB - Virtual size: 38KB

.PQtF Size: 1024B - Virtual size: 36KB

.onHPZUK Size: 512B - Virtual size: 27KB

.text Size: 19KB - Virtual size: 18KB

.YDmfJD Size: 1KB - Virtual size: 1KB

.eICEtB Size: 1KB - Virtual size: 1KB

.YbsqJ Size: 2KB - Virtual size: 1KB

.JOkXhDa Size: 2KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 288KB

.WKmWQ Size: 1024B - Virtual size: 1020B

.zQGwt Size: 3KB - Virtual size: 2KB

.rdata Size: 210KB - Virtual size: 210KB

.qGxCmc Size: 2KB - Virtual size: 2KB

.rsrc Size: 15KB - Virtual size: 15KB

.lyqGsyB
Size: 512B - Virtual size: 20KB

.mKIIe
Size: 1KB - Virtual size: 38KB

.PQtF
Size: 1024B - Virtual size: 36KB

.onHPZUK
Size: 512B - Virtual size: 27KB

.text
Size: 19KB - Virtual size: 18KB

.YDmfJD
Size: 1KB - Virtual size: 1KB

.eICEtB
Size: 1KB - Virtual size: 1KB

.YbsqJ
Size: 2KB - Virtual size: 1KB

.JOkXhDa
Size: 2KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 288KB

.WKmWQ
Size: 1024B - Virtual size: 1020B

.zQGwt
Size: 3KB - Virtual size: 2KB

.rdata
Size: 210KB - Virtual size: 210KB

.qGxCmc
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 15KB - Virtual size: 15KB