8aa8815527586f08752ed19ed9c67858ebc11d098b2c6df009a6d1279d236c78

Sharing

Copy URL

Twitter E-mail

General

Target

8aa8815527586f08752ed19ed9c67858ebc11d098b2c6df009a6d1279d236c78
Size

2.5MB
MD5

86ec80947567c7a6e6f1d85e5b2f8d34
SHA1

c7f8947b2b3a7bc3dd6216928dfb113dad8d0213
SHA256

8aa8815527586f08752ed19ed9c67858ebc11d098b2c6df009a6d1279d236c78
SHA512

1b7f7955489f6e52a56207bd927d4f3995b018bec86ce3cdaf861abba33cf5bebd0d03c8b994899d9b0104dd5037a96b91032f1301407a6ede95621a891506e7
SSDEEP

49152:pNPZYT1Wmj0+wfhuVtbPCE+YYJpg+MjdffiBgSUG5:pNPw0+wZurPCYYUJWTUs

Score

N/A

Malware Config

Signatures

Files

8aa8815527586f08752ed19ed9c67858ebc11d098b2c6df009a6d1279d236c78
.exe windows x86

bb4fc555e642d113d140dc56bdde9351

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord113
ord32
ord159
ord141
ord92
ord190
ord78
ord150
ord70
ord88
ord169
ord8
ord118
ord160

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Add
ord17

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

netapi32

NetGetJoinInformation
NetApiBufferFree

kernel32

LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
WideCharToMultiByte
AreFileApisANSI
CreateDirectoryW
SetFileAttributesW
DeleteFileW
FindResourceExW
GetFileAttributesExW
FileTimeToSystemTime
GetSystemTime
GetModuleHandleW
GetLocaleInfoW
MultiByteToWideChar
GetSystemTimeAsFileTime
SystemTimeToFileTime
GetNativeSystemInfo
GetSystemDefaultLCID
GetUserDefaultLCID
GetPrivateProfileStringW
LoadResource
SizeofResource
LockResource
LocalFree
GetTickCount
Sleep
GetExitCodeProcess
FindFirstFileW
FindClose
lstrlenW
lstrcpyW
lstrcatW
OpenProcess
lstrcmpiW
ExpandEnvironmentStringsW
GetVersion
GetWindowsDirectoryW
SetCurrentDirectoryW
GetVersionExW
CreateMutexW
WaitNamedPipeW
FormatMessageW
GetTempFileNameW
AttachConsole
FreeConsole
FindNextFileW
GetUserDefaultUILanguage
EnumResourceNamesW
GetDiskFreeSpaceExW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
RtlUnwind
RaiseException
SetFilePointerEx
GetStdHandle
GetCommandLineA
MoveFileExW
GetModuleHandleExW
ExitProcess
GetCPInfo
LoadLibraryExW
GetCurrentThreadId
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
HeapFree
DecodePointer
EncodePointer
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetFileType
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
FreeLibrary
LoadLibraryW
GetModuleFileNameW
GetProcAddress
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
CloseHandle
GetLastError
CreateFileW
ReadFile
WriteFile
SetFilePointer
GetFileAttributesW
GetCurrentProcess
IsWow64Process
GetTempPathW
GetSystemInfo
GetACP
GetOEMCP
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
SetStdHandle
HeapReAlloc
ReadConsoleW
WriteConsoleW
OutputDebugStringW
SetEnvironmentVariableW
SetEndOfFile
GetCommandLineW

user32

EnableMenuItem
KillTimer
GetSystemMenu
LoadImageW
SetCursor
GetDlgCtrlID
IsDlgButtonChecked
SetFocus
UpdateWindow
PostMessageW
LoadBitmapW
GetWindowDC
SetTimer
GetWindowTextLengthW
InvalidateRect
GetDC
SetParent
AttachThreadInput
BringWindowToTop
ReleaseDC
GetForegroundWindow
DrawTextW
GetWindowTextW
ScreenToClient
GetWindowRect
EndDialog
DialogBoxParamW
SendInput
ShowWindow
GetDlgItem
SetWindowTextW
SendMessageW
GetClientRect
GetDesktopWindow
CreateDialogParamW
ExitWindowsEx
GetWindowThreadProcessId
IsWindow
FindWindowW
wsprintfW
DestroyWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
DefWindowProcW
MessageBoxW
LoadStringW
GetSystemMetrics
SetWindowPos
SetForegroundWindow
SetWindowLongW

gdi32

GetDeviceCaps
SetBkMode
Rectangle
SelectObject
CreatePen
CreateSolidBrush
GetStockObject
SetTextColor
CreateFontW

advapi32

EqualSid
DuplicateTokenEx
IsValidSid
GetTokenInformation
FreeSid
AllocateAndInitializeSid
RegEnumKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
ControlService
QueryServiceStatusEx
RegOpenKeyA
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
StringFromGUID2
IIDFromString

oleaut32

SysAllocString
SystemTimeToVariantTime
SysFreeString
VariantInit

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26.6MB - Virtual size: 26.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb4fc555e642d113d140dc56bdde9351

Headers

DLL Characteristics

File Characteristics

Imports

msi

comctl32

wtsapi32

netapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 390KB - Virtual size: 390KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 9KB - Virtual size: 43KB

.rsrc Size: 26.6MB - Virtual size: 26.6MB

.reloc Size: 120KB - Virtual size: 119KB

.text
Size: 390KB - Virtual size: 390KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 9KB - Virtual size: 43KB

.rsrc
Size: 26.6MB - Virtual size: 26.6MB

.reloc
Size: 120KB - Virtual size: 119KB