c15e872a9099c5462dbd0cc918b519ca2b01fb3a3c08a941f86946b2fdb67d7c

Sharing

Copy URL Twitter E-mail

General

Target

c15e872a9099c5462dbd0cc918b519ca2b01fb3a3c08a941f86946b2fdb67d7c
Size

310KB
MD5

0b075108ba8f38b551101247cc94883d
SHA1

05dd1e3795749e856c42b5c194d6e3ae4b8c4cf6
SHA256

c15e872a9099c5462dbd0cc918b519ca2b01fb3a3c08a941f86946b2fdb67d7c
SHA512

cfd2e5d9e9583cc0a0e1b26b11bae35af9b305aaa6bf3f857b2ee2e053dc2dfde958557e81ed31e2826cf503ffa140335a1a4ba8e41916a0af17295f7b88c271
SSDEEP

6144:+Um2TuCtUlT372dlG7zEA/A6wSNGtaQLzgftTdmiTbR1HQHhMG/7ZaZ4tuRh5:6iti37HvEJHHvstdmq1QBM8taZ4AP5

Score

N/A

Malware Config

Signatures

Files

c15e872a9099c5462dbd0cc918b519ca2b01fb3a3c08a941f86946b2fdb67d7c
.exe windows x86

310f9d6a3150575046aa1ce6e895d6bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoImpersonateClient
CoGetInterfaceAndReleaseStream
CLSIDFromProgID
CoInitializeEx
CoRevertToSelf
OleRun
CLSIDFromString
CoCreateInstance

user32

wsprintfW
UnregisterClassA

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
VariantChangeType
SafeArrayGetElement
SafeArrayGetDim
SafeArrayAccessData
SysAllocString
SafeArrayCreateVectorEx
SysFreeString
SafeArrayRedim
LoadTypeLi
VariantClear
VariantCopyInd
SafeArrayCopy
SafeArrayUnlock
SafeArrayGetVartype
SysStringByteLen
VariantTimeToSystemTime
LoadRegTypeLi
VariantCopy
GetRecordInfoFromGuids
SafeArrayGetLBound
SafeArrayUnaccessData
VarBstrCmp
SysStringLen
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayLock
VariantInit
SystemTimeToVariantTime
SysAllocStringByteLen

userenv

UnloadUserProfile
GetProfileType
DeleteProfileA
WaitForMachinePolicyForegroundProcessing
ForceSyncFgPolicy
RsopLoggingEnabled
FreeGPOListA

advapi32

InitializeSid
EqualSid
InitializeAcl
CopySid
RegQueryValueExW
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetSidSubAuthority
LookupPrivilegeValueW
DuplicateTokenEx
GetAclInformation
SetThreadToken
RegCreateKeyExW
GetSecurityDescriptorLength
OpenThreadToken
MakeSelfRelativeSD
RegCloseKey
AdjustTokenPrivileges
MakeAbsoluteSD
AddAce
ConvertStringSidToSidW
GetSecurityDescriptorSacl
GetTokenInformation
GetLengthSid
RegNotifyChangeKeyValue
IsValidSid
GetSecurityDescriptorGroup
InitializeSecurityDescriptor
GetSidLengthRequired
RevertToSelf
OpenProcessToken
GetSecurityDescriptorControl
LookupAccountSidW
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner

shlwapi

PathAppendW

kernel32

GetCurrentThreadId
SetThreadPriority
FileTimeToDosDateTime
DeleteFileW
GetModuleHandleW
ReadFile
GetSystemTimeAsFileTime
LocalFree
GlobalMemoryStatusEx
EnterCriticalSection
WaitForSingleObject
UnmapViewOfFile
LeaveCriticalSection
HeapSize
FindResourceW
GetThreadLocale
CreateEventW
SizeofResource
LockResource
HeapReAlloc
RaiseException
WriteFile
GetDriveTypeW
GetSystemTime
GetACP
LoadResource
GetProcessHeap
UnhandledExceptionFilter
FindClose
HeapFree
SetThreadLocale
SetFilePointer
SetLastError
DeviceIoControl
DeleteCriticalSection
QueryDosDeviceW
MapViewOfFile
GetSystemInfo
HeapAlloc
lstrlenW
GetFileSize
SetEndOfFile
ResetEvent
GetLongPathNameW
IsDebuggerPresent
HeapDestroy
CreateFileMappingW
CreateFileW
FindFirstFileW
ResumeThread
SetUnhandledExceptionFilter
FileTimeToSystemTime
SignalObjectAndWait
FindResourceExW
WaitForMultipleObjects
CreateThread
ExpandEnvironmentStringsW
CloseHandle
FreeLibrary
FormatMessageW
IsValidCodePage
VirtualAllocEx

iashlpr

DllUnregisterServer

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

310f9d6a3150575046aa1ce6e895d6bc

Headers

File Characteristics

Imports

ole32

user32

shell32

oleaut32

userenv

advapi32

shlwapi

kernel32

iashlpr

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 268KB - Virtual size: 271KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 268KB - Virtual size: 271KB

.rsrc
Size: 11KB - Virtual size: 11KB