d5b14fd72923b596aef127e26fcddbd43f0f816bf5db56869ec4c49b3681a256

Sharing

Copy URL Twitter E-mail

General

Target

d5b14fd72923b596aef127e26fcddbd43f0f816bf5db56869ec4c49b3681a256
Size

820KB
MD5

71858fee86b8fe84e2d0d23e6244db50
SHA1

19faf457c935347ed9e79e74f6598060f8344c2a
SHA256

d5b14fd72923b596aef127e26fcddbd43f0f816bf5db56869ec4c49b3681a256
SHA512

e738ab524fc606684ddc725e2af95409a1346b4de94687d0fe4609317d2b426157a1266d899a86111d60105f42e8f7350a0d55af33d4f45d8482d9dd1253f7c3
SSDEEP

24576:dskAqBgfugkQHJGsnqEwqOCElmExjwKi:KqBgfugLiiOCzExU

Score

N/A

Malware Config

Signatures

Files

d5b14fd72923b596aef127e26fcddbd43f0f816bf5db56869ec4c49b3681a256
.exe windows x86

963daeffb6bf1b9da34fa7d882a526d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rasctrs

CollectRasPerformanceData
OpenRasPerformanceData
CloseRasPerformanceData

cfgmgr32

CM_Get_HW_Prof_Flags_ExW
CM_Get_Device_ID_ExA
CM_Query_Arbitrator_Free_Size
CM_Find_Range
CM_Query_Resource_Conflict_List
CM_Request_Eject_PC
CM_Uninstall_DevNode
CM_Get_Device_Interface_List_Size_ExA
CM_Get_DevNode_Status_Ex
CM_Enumerate_EnumeratorsA
CM_Delete_Class_Key_Ex
CM_Set_DevNode_Registry_PropertyA
CM_Run_Detection
CM_Get_Device_ID_List_SizeW
CM_Get_Parent
CM_Get_Global_State_Ex
CM_Unregister_Device_InterfaceA
CM_Open_DevNode_Key

advapi32

QueryServiceConfig2W
CloseCodeAuthzLevel
ElfOpenBackupEventLogW
RegReplaceKeyA
ElfOpenEventLogW
RegReplaceKeyW
SystemFunction041
QueryUsersOnEncryptedFile
SetSecurityInfoExW
WmiMofEnumerateResourcesA
GetServiceDisplayNameW
AccessCheckByType
WmiQuerySingleInstanceA
SetNamedSecurityInfoA
LsaOpenTrustedDomainByName
ElfOpenBackupEventLogA
GetFileSecurityW
CreateProcessAsUserW

uxtheme

GetThemePosition
GetThemeSysString
GetThemeSysFont
GetThemeMetric
IsThemeBackgroundPartiallyTransparent
GetThemeBool
GetWindowTheme
SetThemeAppProperties
GetThemeColor
GetThemeFont
GetCurrentThemeName
IsThemeActive
IsAppThemed
OpenThemeData
GetThemePropertyOrigin
GetThemeSysSize
GetThemeSysBool
SetWindowTheme
GetThemePartSize

userenv

RsopSetPolicySettingStatus
LeaveCriticalPolicySection
GetAllUsersProfileDirectoryW
GetAllUsersProfileDirectoryA
WaitForUserPolicyForegroundProcessing
CreateEnvironmentBlock
WaitForMachinePolicyForegroundProcessing
DeleteProfileA
GetUserProfileDirectoryW
LoadUserProfileA

kernel32

HeapCreate
CmdBatNotification
GetLocaleInfoA
DefineDosDeviceA
CompareFileTime
HeapDestroy
FindNextVolumeA
GlobalAddAtomW
ReadConsoleInputA
GetPrivateProfileSectionNamesW
GetCPInfoExA
GetProcAddress
LoadLibraryW
VirtualQueryEx
ScrollConsoleScreenBufferA
AddLocalAlternateComputerNameA
LocalCompact
GetPrivateProfileIntW
GlobalFree
QueryPerformanceFrequency
CancelIo
GetConsoleCommandHistoryLengthA
SetLastError
GetDevicePowerState
SetConsoleTitleA
OpenProcess
GetDiskFreeSpaceExA
GetConsoleCursorInfo
RemoveDirectoryW
RegisterWaitForSingleObject
ReadFile

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

963daeffb6bf1b9da34fa7d882a526d1

Headers

DLL Characteristics

File Characteristics

Imports

rasctrs

cfgmgr32

advapi32

uxtheme

userenv

kernel32

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 193KB - Virtual size: 193KB

.reloc Size: 1024B - Virtual size: 808B

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 193KB - Virtual size: 193KB

.reloc
Size: 1024B - Virtual size: 808B