401050383f7dc5f99f066faa3748887741a8e2e1f06b4e7910cdb167efb239f1

Sharing

Copy URL

Twitter E-mail

General

Target

401050383f7dc5f99f066faa3748887741a8e2e1f06b4e7910cdb167efb239f1
Size

1022KB
MD5

64be2effb56ee4822dc660f33709a38b
SHA1

f77761d81ca3e4bf0439648b4d33ae03b14f5df1
SHA256

401050383f7dc5f99f066faa3748887741a8e2e1f06b4e7910cdb167efb239f1
SHA512

5aa606ebb1a26bf9a727fc2492abb1c3fd2fafa038268769a392b551d433de227ba4e73dbb3f24fc9e8ead016554af281fc415a288354d2843cf4f896aceba0b
SSDEEP

12288:DiNTF7cP+H6WA5uYY11WjIYjs3mWvgILI/I0qXxd4xNLn9Kg/zfgFah8/M9:e9Zcu6lUzyq2WvgHqfend/Lg0h7

Score

N/A

Malware Config

Signatures

Files

401050383f7dc5f99f066faa3748887741a8e2e1f06b4e7910cdb167efb239f1
.exe windows x86

f60c6372b71a7ac1fcbeb437e89b5340

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

LookupPrivilegeValueW
MakeSelfRelativeSD
RegQueryValueExA
GetTraceEnableLevel
LookupAccountSidW
GetSidLengthRequired
InitializeAcl
RevertToSelf
RegOverridePredefKey
EnumServiceGroupW
GetUserNameW
AddAccessDeniedAce
LsaRetrievePrivateData
CryptDestroyKey
RegSetValueExA
ConvertSidToStringSidW
RegCreateKeyExW
GetCurrentHwProfileA
GetSidSubAuthority
LookupAccountNameW
CreateProcessAsUserA
EqualSid
GetLengthSid
SystemFunction029
RegSaveKeyA
ReadEncryptedFileRaw

mscms

GetColorProfileHeader
TranslateBitmapBits
InstallColorProfileW
GetColorDirectoryW
InternalGetPS2PreviewCRD
GetStandardColorSpaceProfileW
InternalGetPS2CSAFromLCS
CreateColorTransformA
EnumColorProfilesW
IsColorProfileValid
CreateColorTransformW
TranslateColors
GetColorDirectoryA
CloseColorProfile
InternalGetPS2ColorRenderingDictionary
OpenColorProfileW
OpenColorProfileA
EnumColorProfilesA
UninstallColorProfileW
GetColorProfileElement
InternalGetPS2ColorSpaceArray
DeleteColorTransform

crypt32

CertAddSerializedElementToStore

winspool.drv

AddPrinterDriverW
DeletePrinter
ReadPrinter
StartDocPrinterW
SetJobW
EnumPrintProcessorsW
GetPrinterDriverW
AddPrintProcessorW
EnumMonitorsW
SetPrinterW
GetPrinterDataExW
PrinterProperties
FreePrinterNotifyInfo
GetPrinterW
EndPagePrinter
DeletePrinterDriverW
GetPrintProcessorDirectoryA
DeleteFormW
AbortPrinter
GetFormW
GetPrintProcessorDirectoryW

imm32

ImmGetConversionStatus
ImmLockIMC
ImmDisableIME
ImmDestroyContext
ImmUnlockIMC
ImmEscapeW
ImmSetOpenStatus
ImmNotifyIME
ImmRequestMessageW
ImmSetCandidateWindow
ImmGetCompositionFontW
ImmGetProperty
ImmEnumRegisterWordW
ImmRegisterWordW
ImmSetCompositionStringW
ImmSetHotKey
ImmCreateContext
ImmGetGuideLineW
ImmGetIMEFileNameA
ImmGetIMCCSize
ImmSetCompositionFontW
ImmGetIMEFileNameW
ImmLockIMCC
ImmAssociateContext
ImmGetImeMenuItemsW
ImmGetHotKey
ImmReleaseContext
ImmGetCandidateListW
ImmIsIME
ImmUnlockIMCC
ImmGetCompositionStringW
ImmConfigureIMEW

msvcrt

_wcsdup
wcsncpy
iswpunct
system
_gcvt
_wmakepath
floor
_CIasin
_msize
_CIsin
div
tan
_lseeki64
fopen
_getpid

user32

SetClassLongW
ReuseDDElParam
EnumWindows
GetFocus
GetDlgItemInt
SetFocus
CreateWindowExW
SetMenuContextHelpId
EnumDisplayDevicesA
LoadAcceleratorsA
SubtractRect
ChangeClipboardChain
PeekMessageA
GetClipboardViewer
GetMenuItemInfoA
CharNextW
IsWindowEnabled
DrawCaptionTempW

kernel32

GetFileAttributesW
GetLogicalDriveStringsA
GetWindowsDirectoryA
GetProfileSectionA
_lcreat
InterlockedIncrement
SetFileApisToOEM
OpenWaitableTimerA
LocalAlloc
VirtualAllocEx
_lread
WaitForMultipleObjects
ProcessIdToSessionId
GetPrivateProfileStructA
GetDateFormatA
DeleteCriticalSection
SetCommState
GetCurrencyFormatW
Sleep
GetCurrentProcess
ExpandEnvironmentStringsA
SignalObjectAndWait
WritePrivateProfileSectionA
GetCommandLineW
GetProcessVersion
Toolhelp32ReadProcessMemory
CompareStringW
OutputDebugStringW
FormatMessageW
GetModuleFileNameW
CreateJobObjectW
DuplicateHandle
SetFilePointer
BindIoCompletionCallback
WritePrivateProfileStringW
VirtualAlloc
LockFile
GetLastError
DisconnectNamedPipe
CopyFileExW
GetCommProperties
HeapReAlloc

Sections

CODE
Size: 97KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 383KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 395KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f60c6372b71a7ac1fcbeb437e89b5340

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

mscms

crypt32

winspool.drv

imm32

msvcrt

user32

kernel32

Sections

CODE Size: 97KB - Virtual size: 537KB

.data Size: 383KB - Virtual size: 815KB

.rdata Size: 395KB - Virtual size: 402KB

.rsrc Size: 144KB - Virtual size: 144KB

.reloc Size: 1KB - Virtual size: 1KB

CODE
Size: 97KB - Virtual size: 537KB

.data
Size: 383KB - Virtual size: 815KB

.rdata
Size: 395KB - Virtual size: 402KB

.rsrc
Size: 144KB - Virtual size: 144KB

.reloc
Size: 1KB - Virtual size: 1KB