0bef0478d3d4bd4ad066ee2859743cc7e3998ec0e18f04de603ed6f49fa404e5

Sharing

Copy URL Twitter E-mail

General

Target

0bef0478d3d4bd4ad066ee2859743cc7e3998ec0e18f04de603ed6f49fa404e5
Size

180KB
MD5

b83d1b728c724286c28731a558275a20
SHA1

582e2d200ff5f5fd66d2df99de0238235d3feea7
SHA256

0bef0478d3d4bd4ad066ee2859743cc7e3998ec0e18f04de603ed6f49fa404e5
SHA512

cc7241bbe5f3e41f71ff3ca998163ee4c0fb5b7503bcd2b7f06e915722986acec797fc22e38dfb6012c9d829970520c7b03f47729a4b55a31efca13aaadaa66a
SSDEEP

3072:yBkf5az2uQM/p9b9wGHDEOgAA9lBCGc0Wizigc:iK59uQMh9iG3A9lzWi

Score

N/A

Malware Config

Signatures

Files

0bef0478d3d4bd4ad066ee2859743cc7e3998ec0e18f04de603ed6f49fa404e5
.dll windows x86

d6df7a28557624ba83f9e97fad862cb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
SetCriticalSectionSpinCount
VirtualAlloc
MapViewOfFileEx
PostQueuedCompletionStatus
SetLastError
WaitForSingleObject
SetThreadPriorityBoost
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnmapViewOfFile
LoadLibraryA
LocalAlloc
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
CancelIo
GetOverlappedResult
GlobalFree
WaitForSingleObjectEx
lstrcatA
FileTimeToSystemTime
GetComputerNameA
TransactNamedPipe
SetNamedPipeHandleState
WaitNamedPipeW
FlushFileBuffers
lstrcmpiA
ConnectNamedPipe
CreateNamedPipeW
GetQueuedCompletionStatus
CreateIoCompletionPort
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetSystemDirectoryW
lstrlenW
VirtualProtect
GetSystemInfo
TlsSetValue
TlsAlloc
TlsGetValue
VirtualFree
IsBadWritePtr
WideCharToMultiByte
GetModuleFileNameA
GetComputerNameExW
GetSystemTimeAsFileTime
lstrcpyA
lstrcmpW
InterlockedExchangeAdd
LocalFree
GlobalMemoryStatusEx
QueueUserAPC
DuplicateHandle
CreateThread
SetUnhandledExceptionFilter
RaiseException
CreateEventW
HeapAlloc
HeapFree
GetCommandLineW
CreateFileW
WriteFile
GetCurrentProcessId
ResetEvent
CompareStringW
InterlockedExchange
GetCurrentThreadId
Sleep
lstrlenA
InterlockedCompareExchange
SetEvent
InterlockedDecrement
InterlockedIncrement
FormatMessageW
FormatMessageA
GetCurrentThread
GetCurrentProcess
CloseHandle
GetTickCount
GetComputerNameW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
GetProcessHeap
DisconnectNamedPipe
HeapReAlloc
GetStartupInfoA
GetCurrentDirectoryA
SetHandleInformation
ExitThread

advapi32

OpenProcessToken
RevertToSelf
OpenThreadToken
LookupAccountSidW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegQueryInfoKeyA
RegEnumValueA
RegEnumValueW
MakeSelfRelativeSD
GetSecurityDescriptorLength
GetSecurityDescriptorControl
IsValidSecurityDescriptor
CredIsMarshaledCredentialW
CredUnmarshalCredentialW
CopySid
GetLengthSid
LookupAccountNameW
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
EqualSid
IsValidSid
CloseServiceHandle
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegOpenKeyW
ImpersonateNamedPipeClient
GetTokenInformation
SetThreadToken

msvcrt

toupper

secur32

GetUserNameExW

Exports

Exports

AssignToBeing
AuthenticatedServerOrBeOr
CALsThe
DeviceYour
InstancesCALs

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 822B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6df7a28557624ba83f9e97fad862cb4

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

secur32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 48KB - Virtual size: 112KB

.rsrc Size: 68KB - Virtual size: 64KB

.reloc Size: 4KB - Virtual size: 822B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 48KB - Virtual size: 112KB

.rsrc
Size: 68KB - Virtual size: 64KB

.reloc
Size: 4KB - Virtual size: 822B