9442642b46d9e76ab82df2c9e8ec050eb90c4536d54218ad2ccedfd642e8934e

Sharing

Copy URL Twitter E-mail

General

Target

9442642b46d9e76ab82df2c9e8ec050eb90c4536d54218ad2ccedfd642e8934e
Size

32KB
MD5

57b35311c72326c0f1df9d2d65d6daa3
SHA1

a35ee32d1598781049b34b4c3a8980a62ad07233
SHA256

9442642b46d9e76ab82df2c9e8ec050eb90c4536d54218ad2ccedfd642e8934e
SHA512

65bd10e2203b0e7dfea3725734a81f140f023f37c9ab88fabb73267ea7c2eb0897b43b64df0abc25f78fa2af73619e3402374b4a4136dd47520708b7566baba9
SSDEEP

768:/vIO/RNC+RGpJsBpZoEfrIqv6dXBaG0LCPWBZ1EGNobpZN96Z:HIOpNC+RJpZoxs6dXBzYZ17otZN96

Score

N/A

Malware Config

Signatures

Files

9442642b46d9e76ab82df2c9e8ec050eb90c4536d54218ad2ccedfd642e8934e
.exe windows x86

a7b00d540040e31784128ab80eb6f86d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptGetKeyParam
RegSetKeySecurity
RegNotifyChangeKeyValue
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptGenRandom
RegSetValueExW
FreeSid
RegCloseKey
OpenThreadToken
StartServiceA
CryptGetDefaultProviderW
CryptCreateHash
InitializeAcl
GetUserNameW
CryptGenKey
UnlockServiceDatabase
CryptSetHashParam
LockServiceDatabase
IsValidSid
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
QueryServiceConfigA
CryptAcquireContextA
GetSecurityDescriptorDacl
CryptGetHashParam
CopySid
RegDeleteKeyA
AllocateAndInitializeSid
GetSidSubAuthorityCount
RegOpenKeyExA
CloseServiceHandle
SystemFunction040
GetLengthSid
CryptVerifySignatureA
LookupAccountSidW
CryptGetProvParam
CryptSetProviderA
CryptReleaseContext
CryptHashData
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
CryptDeriveKey
RegEnumValueW
RegDeleteValueA
A_SHAFinal
OpenServiceW
SetSecurityDescriptorOwner
MD5Final
OpenSCManagerW
RegEnumKeyExA
RegConnectRegistryA
ControlService
ChangeServiceConfigA
RegGetKeySecurity
RegQueryValueExW
GetSidIdentifierAuthority
CryptSetKeyParam
RegOpenKeyExW
SystemFunction041
MD5Init
LookupPrivilegeValueA
CryptEncrypt
RegEnumValueA
EqualSid
RegQueryInfoKeyW
CryptExportKey
CryptGetUserKey
CryptSignHashA
GetUserNameA
CryptImportKey
GetTokenInformation
RegConnectRegistryW
A_SHAUpdate
CryptDecrypt
RegDeleteKeyW
OpenProcessToken
RegDeleteValueW
LsaNtStatusToWinError
RegEnumKeyA
GetSidSubAuthority
MD5Update
RegCreateKeyExW
A_SHAInit
GetSecurityDescriptorOwner
CryptDestroyKey
CryptSetProvParam
GetAce
QueryServiceStatus
StartServiceW
CryptDestroyHash
RegEnumKeyExW
RegQueryValueExA

rpcrt4

RpcBindingFromStringBindingA
NdrClientCall2
RpcRevertToSelf
RpcBindingFromStringBindingW
RpcStringBindingComposeW
UuidToStringA
RpcEpResolveBinding
RpcStringFreeA
RpcBindingFree
RpcStringFreeW
UuidCreate
RpcBindingSetAuthInfoExW
RpcStringBindingComposeA
RpcImpersonateClient

msvcrt

_ultoa
isupper
isxdigit
_initterm
wcscat
_onexit
__dllonexit
_itow
wcschr
_ltoa
qsort
memmove
strncpy
_adjust_fdiv
atol
wcscpy
_snprintf
malloc
wcslen
strncmp
sprintf
free
isdigit
_ltow
_except_handler3
memcpy
strtoul
_snwprintf
_wcsnicmp
bsearch
wcscmp
_wcsicmp

user32

GetSystemMetrics
LoadStringW
MessageBoxW
LoadStringA
wsprintfW
GetProcessDefaultLayout
wsprintfA
MessageBoxA

kernel32

FindNextFileW
OpenFileMappingW
WideCharToMultiByte
FindClose
OpenEventA
GetSystemDefaultLangID
OpenMutexA
LoadLibraryExA
FindFirstChangeNotificationW
ReleaseMutex
GetTimeFormatA
FindCloseChangeNotification
SetEvent
GetACP
FindNextFileA
GetTempFileNameA
CreateFileW
CompareFileTime
DelayLoadFailureHook
WaitForSingleObject
GetFileAttributesA
EnterCriticalSection
FindFirstFileA
GetCurrentThread
GetTickCount
GetUserDefaultLCID
FileTimeToLocalFileTime
FindFirstFileW
TlsFree
CreateFileMappingA
ExpandEnvironmentStringsW
FileTimeToSystemTime
FormatMessageW
LeaveCriticalSection
LocalAlloc
SetFilePointer
CreateThread
InitializeCriticalSection
TerminateProcess
GetFileAttributesW
GetCurrentProcess
lstrlenW
GetFileSize
CreateDirectoryW
OpenMutexW
LocalSize
DeleteFileW
GetLocalTime
CompareStringW
QueryPerformanceCounter
GetDateFormatA
VirtualAlloc
CloseHandle
TlsSetValue
GetFileAttributesExW
CreateEventA
Sleep
CreateMutexA
SetEndOfFile
DeleteCriticalSection
InterlockedExchange
GetEnvironmentVariableA
lstrcatA
FreeLibraryAndExitThread
CreateFileA
lstrcpyA
LoadLibraryA
TlsAlloc
OutputDebugStringA
SetFileAttributesW
WaitForMultipleObjectsEx
InterlockedDecrement
SetLastError
WaitForSingleObjectEx
GetDateFormatW
GetSystemTime
lstrlenA
ExitThread
InterlockedIncrement
TlsGetValue
LocalFree
GetCurrentProcessId
LoadLibraryExW
GetModuleFileNameW
ExpandEnvironmentStringsA
DuplicateHandle
WriteFile
lstrcmpA
GetSystemTimeAsFileTime
MapViewOfFile
GetModuleHandleA
GetProcAddress
DeleteFileA
CompareStringA
FormatMessageA
PulseEvent
FindNextChangeNotification
ReadFile
GetVersionExA
GetTimeFormatW
GetComputerNameA
MultiByteToWideChar
GetLastError
GetTempPathA
CreateFileMappingW
FindFirstChangeNotificationA
SetUnhandledExceptionFilter
CreateMutexW
UnhandledExceptionFilter
SetFileAttributesA
GetComputerNameW
GetCurrentThreadId
InterlockedCompareExchange
GetModuleFileNameA
FreeLibrary
SystemTimeToFileTime
CreateDirectoryA
UnmapViewOfFile

adsldpc

ADsFreeColumn

msasn1

ASN1BERDecMultibyteString
ASN1charstring_free
ASN1CEREncNewBlkElement
ASN1utf8string_free
ASN1_CloseModule
ASN1CEREncUTCTime
ASN1BERDecOpenType2
ASN1_FreeEncoded
ASN1char16string_free
ASN1BERDecSXVal
ASN1octetstring_free
ASN1BEREncBool
ASN1CEREncGeneralizedTime
ASN1BERDecChar32String
ASN1BEREncMultibyteString
ASN1EncSetError
ASN1BERDecCharString
ASN1BERDecOctetString
ASN1CEREncBeginBlk
ASN1BERDecZeroCharString
ASN1open_free
ASN1char32string_free
ASN1ztcharstring_free
ASN1BERDecOctetString2
ASN1_Decode
ASN1BEREoid_free
ASN1BERDecS32Val
ASN1BERDecNotEndOfContents
ASN1BEREncChar16String
ASN1_SetEncoderOption
ASN1BEREoid2DotVal
ASN1BEREncS32
ASN1Free
ASN1BERDecExplicitTag
ASN1BERDecBool
ASN1DecRealloc
ASN1CEREncFlushBlkElement
ASN1_Encode
ASN1objectidentifier2_cmp
ASN1BEREncChar32String
ASN1BERDecEndOfContents
ASN1BERDecPeekTag
ASN1intx_free
ASN1BEREncBitString
ASN1CEREncEndBlk
ASN1BEREncSX
ASN1BERDecUTCTime
ASN1BEREncObjectIdentifier2
ASN1BERDecEoid
ASN1BEREncExplicitTag
ASN1BERDecBitString2
ASN1BEREncEoid
ASN1BERDecObjectIdentifier2
ASN1BERDotVal2Eoid
ASN1BEREncEndOfContents
ASN1BERDecOpenType
ASN1_CloseDecoder
ASN1_CreateModule
ASN1BEREncOpenType
ASN1BERDecUTF8String
ASN1BERDecU32Val
ASN1_CreateDecoder
ASN1_CloseEncoder
ASN1DecSetError
ASN1BEREncU32
ASN1_CreateEncoder
ASN1_FreeDecoded
ASN1BEREncOctetString
ASN1BERDecBitString
ASN1BEREncUTF8String
ASN1BERDecGeneralizedTime
ASN1BERDecChar16String
ASN1bitstring_free
ASN1BEREncCharString

Sections

.textbss
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7b00d540040e31784128ab80eb6f86d

Headers

File Characteristics

Imports

advapi32

rpcrt4

msvcrt

user32

kernel32

adsldpc

msasn1

Sections

.textbss Size: - Virtual size: 96KB

.text Size: 512B - Virtual size: 416B

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 216B

.idata Size: 30KB - Virtual size: 29KB

.textbss
Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 416B

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 216B

.idata
Size: 30KB - Virtual size: 29KB