8a45f57a2d32ee905c653bcd69aac18441602a82bc1a10690c38c9fa81c9ffde

Sharing

Copy URL Twitter E-mail

General

Target

8a45f57a2d32ee905c653bcd69aac18441602a82bc1a10690c38c9fa81c9ffde
Size

51KB
MD5

53d15dc652a2534572981bab1e2eddf3
SHA1

f5c10f86bcb16cdb0a4c51a80b4c992aebc0adb4
SHA256

8a45f57a2d32ee905c653bcd69aac18441602a82bc1a10690c38c9fa81c9ffde
SHA512

ef862d873d7ad9363a9a75b54c3ece9f70801a6e2699db4ccfaf0cd4378a32938fff61ceeb28c5bb2a9523ebfbac63885a163bf5a3ce4b998ae4af1727413310
SSDEEP

1536:E3v+4/0rUQzFUem/XkOelw7WoTzTE31W/x:m3Qz7mt37WoTzTIgJ

Score

N/A

Malware Config

Signatures

Files

8a45f57a2d32ee905c653bcd69aac18441602a82bc1a10690c38c9fa81c9ffde
.exe windows x86

5ef6e2df5430f259c62086d07661789c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetLocalTime
VirtualProtectEx
GetComputerNameA
CreateDirectoryA
WriteConsoleOutputW
CompareFileTime
SetConsoleNlsMode
WinExec
GetOEMCP
FlushViewOfFile
OpenJobObjectA
CreateEventA
CreateProcessA
EnumResourceNamesA
RtlZeroMemory
IsBadHugeWritePtr
AddAtomW
InterlockedExchange
GetOverlappedResult
EnumCalendarInfoExW
QueryInformationJobObject

user32

MapVirtualKeyA
GetNextDlgTabItem
GetMenuState
TileChildWindows
GetDlgItemTextA
IMPQueryIMEW
SendMessageA
LoadKeyboardLayoutW
CreateDialogIndirectParamW
OpenIcon
GetWindowModuleFileNameW
MapVirtualKeyA
GrayStringW
SetClassLongA
CopyRect
GetAltTabInfoW
QuerySendMessage
CloseWindowStation
GetFocus
GetClassLongA
LoadAcceleratorsW
GetWindowRect
IMPSetIMEA

advapi32

LsaICLookupSids
GetSecurityInfoExA
CryptDecrypt
ElfReportEventA
RegQueryValueExA
RegEnumKeyW
AllocateAndInitializeSid
RegSetValueA
FreeSid
SetServiceObjectSecurity
QueryServiceConfig2A
DuplicateEncryptionInfoFile
AddAuditAccessAce
BuildImpersonateTrusteeA
CryptReleaseContext
RegSetValueA
WmiQuerySingleInstanceW
I_ScIsSecurityProcess
RemoveUsersFromEncryptedFile
DeleteService
BuildExplicitAccessWithNameA
BuildTrusteeWithObjectsAndSidW
ElfNumberOfRecords
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetMultipleTrusteeOperationW
RegEnumKeyExW
ElfDeregisterEventSource
LsaOpenTrustedDomain

gdi32

CreateBitmap
bInitSystemAndFontsDirectoriesW
GdiConvertFont
EngCreatePalette
MaskBlt
EngQueryLocalTime
EnumFontFamiliesExA
CreateEllipticRgn
CloseMetaFile
GetEnhMetaFileBits
SelectPalette
GetTextCharsetInfo
AngleArc
Polygon
EngPaint
SetTextColor
STROBJ_vEnumStart
AngleArc
EngQueryLocalTime
GetEnhMetaFileW
GetCurrentPositionEx
GetObjectW
EngGetDriverName
GdiQueryFonts
GetTextFaceW
Chord
EngDeleteSemaphore
CreateColorSpaceW
SetEnhMetaFileBits

shell32

ExtractIconExW
RegenerateUserEnvironment
DllCanUnloadNow
DragQueryFileW
SHAppBarMessage
InternalExtractIconListW
PrintersGetCommand_RunDLLW
SHLoadInProc
FreeIconList
SHHelpShortcuts_RunDLL
SHGetFileInfoA
SHGetPathFromIDListA
ExtractAssociatedIconW
CheckEscapesW
ShellExecuteW
SHCreateDirectoryExA
Control_RunDLLW
SHChangeNotifySuspendResume
SHHelpShortcuts_RunDLL
ExtractAssociatedIconExA
StrRChrIA
DllCanUnloadNow
StrStrA
SHFileOperationW
FindExecutableW
StrRChrA
SHChangeNotifySuspendResume

Sections

.text
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ef6e2df5430f259c62086d07661789c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

shell32

Sections

.text Size: 21KB - Virtual size: 52KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 21KB - Virtual size: 52KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 28KB