b505212c87c18f831d403199d6db0d200ef26aaeface1d6002a7eb46b6e3aa18

Sharing

Copy URL Twitter E-mail

General

Target

b505212c87c18f831d403199d6db0d200ef26aaeface1d6002a7eb46b6e3aa18
Size

281KB
MD5

da1f410b769e3f9db729f1792a66e693
SHA1

eb8db08a7ab374b827862cc004f0b12a6aaed52b
SHA256

b505212c87c18f831d403199d6db0d200ef26aaeface1d6002a7eb46b6e3aa18
SHA512

7da4e67bd7305c7399438e085811d2b316c021e0f7492666ed5e4a6b9b4dc7d786e1ae14e0cf7926521c74b9c6d4f3d3a78f4198fe64d7eb806fde485cc16896
SSDEEP

6144:ODOPvkeTkeieZXbMnb0F648hXVu7ryf1s4eb+4fMm/B4A:ONlHelwb0F648NVz/4fMmOA

Score

N/A

Malware Config

Signatures

Files

b505212c87c18f831d403199d6db0d200ef26aaeface1d6002a7eb46b6e3aa18
.exe windows x86

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2

rpcrt4

UuidCreate

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW
InitializeSecurityDescriptor

ws2_32

WSCInstallProvider
WSACleanup
WSCGetProviderPath
WSCWriteProviderOrder
WSAStartup
WSCDeinstallProvider
WSCEnumProtocols

kernel32

WideCharToMultiByte
GetSystemTimeAsFileTime
UnhandledExceptionFilter
HeapReAlloc
ReadFile
EnumSystemLocalesA
GetSystemDirectoryA
HeapDestroy
CloseHandle
HeapFree
GetModuleHandleA
SystemTimeToTzSpecificLocalTime
GetOEMCP
SetEndOfFile
GetConsoleOutputCP
VirtualAlloc
WriteFile
SetUnhandledExceptionFilter
GetCommandLineA
SetStdHandle
TlsGetValue
CreateFileA
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetStdHandle
SetLastError
GetModuleHandleW
VirtualFree
SetHandleCount
GetConsoleCP
IsValidCodePage
WriteConsoleW
GetFileType
SetFilePointer
FreeEnvironmentStringsW
GetTimeFormatA
EnterCriticalSection
WriteConsoleA
HeapAlloc
TlsSetValue
GetUserDefaultLCID
LeaveCriticalSection
RtlUnwind
LCMapStringA
RaiseException
GetTempPathA
GetSystemTime
ExpandEnvironmentStringsA
GetACP
TlsFree
FreeEnvironmentStringsA
HeapSize
GetConsoleMode
SystemTimeToFileTime
FreeLibrary
IsDebuggerPresent
LCMapStringW
IsValidLocale
GetProcessHeap
TlsAlloc
FileTimeToSystemTime
GetCurrentThreadId
DeleteCriticalSection
VirtualAllocEx

esent

JetCreateIndex
JetGetLS
JetSetColumnDefaultValue
JetDelete
JetInit2
JetDupCursor
JetCreateDatabase2
JetGetDatabaseFileInfo
JetOSSnapshotFreeze
JetCloseFileInstance
JetGetTableColumnInfo
JetBackupInstance
JetTerm
JetGetInstanceInfo
JetCloseDatabase
JetPrepareToCommitTransaction
JetUpgradeDatabase
JetOSSnapshotThaw
JetGetSecondaryIndexBookmark
JetRestore

compstui

GetCPSUIUserData
CommonPropertySheetUIW
SetCPSUIUserData

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 249KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841a2bef1748d676d34bf1c208f32ad1

Headers

File Characteristics

Imports

ole32

rpcrt4

advapi32

ws2_32

kernel32

esent

compstui

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 249KB - Virtual size: 936KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 249KB - Virtual size: 936KB

.rsrc
Size: 5KB - Virtual size: 5KB