99a8687fc4b964b9235e520a0545e4879c9cc768aedfeacc8564333f5025e704

Sharing

Copy URL Twitter E-mail

General

Target

99a8687fc4b964b9235e520a0545e4879c9cc768aedfeacc8564333f5025e704
Size

162KB
MD5

ad888d3f64d5d02da3420af0ae0b2fde
SHA1

868b154c66f5da6e4de8dd071d0f8e70d0d47e8b
SHA256

99a8687fc4b964b9235e520a0545e4879c9cc768aedfeacc8564333f5025e704
SHA512

4b0b0e68c9fa38cc027246987f59dbe970699adfdd5afc59bc22fb88d285582904ea4c9ef99dd29d9579a79a6dfacfc7a1bcc0f1b4d38410d3f82f17667d99c9
SSDEEP

3072:ePBYXAPCF+qt9QhVKOxKigy1pXNgo29mIpezjPEbEAW4UcTkAMyujS:eGXLF+qtgKOFgyfsbCad

Score

N/A

Malware Config

Signatures

Files

99a8687fc4b964b9235e520a0545e4879c9cc768aedfeacc8564333f5025e704
.exe windows x86

653e247f037f6253d750277575d6b8a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
AccessibleObjectFromPoint

shell32

SHGetFolderPathW

advapi32

RegDeleteValueW
OpenSCManagerW
QueryServiceLockStatusW
SetNamedSecurityInfoW
RegEnumKeyExW
QueryServiceConfigW
IsValidSecurityDescriptor
CloseServiceHandle
RegDeleteKeyW
LookupPrivilegeDisplayNameA
RegOpenKeyExW
CreateServiceW
AllocateAndInitializeSid
GetSecurityInfo
OpenProcessToken
SetEntriesInAclW
AddAce
InitializeSecurityDescriptor
RegSetValueExW
RegCreateKeyExW
UnlockServiceDatabase
LockServiceDatabase
StartServiceA
GetTokenInformation
EqualSid
EnumDependentServicesW
FreeInheritedFromArray
SetSecurityInfo
LookupPrivilegeNameA
GetAclInformation
InitializeAcl
RegQueryValueExW
RegCloseKey
RegGetKeySecurity
SetEntriesInAclA
SetSecurityDescriptorDacl
RegRestoreKeyW
GetInheritanceSourceW
LookupAccountSidW
DeleteService
FreeSid
ChangeServiceConfigW
OpenServiceW
ChangeServiceConfig2W
ControlService
AdjustTokenPrivileges
IsValidAcl
RegSaveKeyW
GetAce
GetSecurityDescriptorControl
LookupPrivilegeValueA
GetNamedSecurityInfoW
QueryServiceStatus
RegEnumValueW

kernel32

EnterCriticalSection
HeapReAlloc
GetACP
HeapFree
GetOEMCP
IsDebuggerPresent
VirtualFree
SetEndOfFile
LCMapStringA
RtlUnwind
VirtualAlloc
GetTimeZoneInformation
SetFilePointer
WriteFile
GetLocaleInfoA
GetCPInfo
LeaveCriticalSection
CompareStringA
WriteConsoleA
FreeLibrary
EnumResourceTypesA
GetDateFormatA
GetStringTypeW
CompareStringW
GetConsoleOutputCP
IsValidCodePage
GetTimeFormatA
QueryPerformanceCounter
UnhandledExceptionFilter
CreateNamedPipeA
HeapSize
MultiByteToWideChar
RaiseException
GetCurrentProcess
LoadLibraryA
HeapCreate
GetTickCount
GetSystemTimeAsFileTime
ReadFile
LCMapStringW
SetStdHandle
GetCurrentProcessId
HeapDestroy
TerminateProcess
InitializeCriticalSection
SetEnvironmentVariableA
SetUnhandledExceptionFilter
GetStringTypeA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

653e247f037f6253d750277575d6b8a2

Headers

File Characteristics

Imports

mprapi

newdev

oleacc

shell32

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 3KB - Virtual size: 407KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 3KB - Virtual size: 407KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 512B - Virtual size: 4KB