339455f18471660c290406071c4ba40d58d8b8adad4f1baf77024eb7b0717953

Sharing

Copy URL Twitter E-mail

General

Target

339455f18471660c290406071c4ba40d58d8b8adad4f1baf77024eb7b0717953
Size

822KB
MD5

e1f2d9ce1e5e2e11159b7ca4e6757549
SHA1

ffa492f9ea0a326c5e3b660d5261a6ed47132cff
SHA256

339455f18471660c290406071c4ba40d58d8b8adad4f1baf77024eb7b0717953
SHA512

38883e1249815224a74162c81f5ddc50aeba48b83a2f79a2043399ac7b18117d1e333a397f21c125a32cac9083ab7c517e164dd138b3368d77c1136e99ecb028
SSDEEP

24576:RWCqIO37XBO1Mo0qG2wyaf1FP+H6aXeQn+:MCqIONOpzG2Hiv+teQn+

Score

N/A

Malware Config

Signatures

Files

339455f18471660c290406071c4ba40d58d8b8adad4f1baf77024eb7b0717953
.exe windows x86

8547ea88a77dc757b4fcb11ae641d4b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SystemFunction020
SystemFunction034
BuildTrusteeWithSidA
CryptEncrypt
FileEncryptionStatusW
IsTextUnicode
ConvertSecurityDescriptorToAccessW
ObjectPrivilegeAuditAlarmW
LsaAddAccountRights
CredProfileLoaded
GetAuditedPermissionsFromAclA
EqualDomainSid
LsaOpenTrustedDomainByName
CryptGetUserKey
GetKernelObjectSecurity
WmiSetSingleItemA
ObjectOpenAuditAlarmA
CredFree
GetTrusteeFormA
GetTraceLoggerHandle
CredpEncodeCredential
GetExplicitEntriesFromAclA
SetSecurityInfoExW
CreatePrivateObjectSecurity
BuildImpersonateExplicitAccessWithNameA
ElfRegisterEventSourceW

kernel32

GlobalReAlloc
IsValidLanguageGroup
HeapCreate
Process32Next
GetVersionExW
GetLocaleInfoA
_lopen
QueryPerformanceCounter
GetConsoleAliasW
GetPrivateProfileStructW
LoadLibraryA
GetOverlappedResult
GetCommMask
CopyLZFile
GetLargestConsoleWindowSize
HeapCompact
FlushFileBuffers
IsBadHugeWritePtr
SetFileApisToANSI
ReadConsoleOutputAttribute
CompareStringA
LZOpenFileW
GetPrivateProfileSectionNamesA
ReadConsoleA
GetVDMCurrentDirectories
EnumSystemLocalesA
GetUserDefaultLCID
EnumResourceLanguagesA
SetStdHandle
GetComputerNameExA
SetConsoleLocalEUDC
WriteTapemark
SetThreadLocale
CancelDeviceWakeupRequest
SetConsolePalette
GetDiskFreeSpaceExW
ClearCommError
GetExpandedNameA
HeapDestroy
DnsHostnameToComputerNameA
GetSystemTimeAsFileTime
GetSystemTime
GetTempFileNameW
GetComputerNameW
VirtualAlloc
ExitProcess
SetVolumeMountPointW
GetHandleInformation
SetWaitableTimer
BuildCommDCBW
VirtualAllocEx
GetNumberOfConsoleInputEvents
RaiseException
lstrcat
IsSystemResumeAutomatic
SetEvent
FindNextVolumeA
RemoveDirectoryW
TlsAlloc
GetModuleHandleA
FormatMessageW
WriteConsoleOutputCharacterW

advpack

IsNTAdmin
SetPerUserSecValues
UserUnInstStubWrapper
RegisterOCX
RegInstall
FileSaveMarkNotExist
LaunchINFSectionEx
RebootCheckOnInstall
LaunchINFSection
TranslateInfString
DelNodeRunDLL32
AddDelBackupEntry
RunSetupCommand
CloseINFEngine
AdvInstallFile
ExecuteCab
GetVersionFromFileEx
ExtractFiles
RegRestoreAll
NeedReboot
DelNode
TranslateInfStringEx
FileSaveRestore
OpenINFEngine
NeedRebootInit
RegSaveRestoreOnINF
DoInfInstall
FileSaveRestoreOnINF
RegSaveRestore
GetVersionFromFile
UserInstStubWrapper

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8547ea88a77dc757b4fcb11ae641d4b7

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

advpack

Sections

.text Size: 414KB - Virtual size: 414KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 196KB - Virtual size: 1.5MB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 1024B - Virtual size: 944B

.text
Size: 414KB - Virtual size: 414KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 196KB - Virtual size: 1.5MB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 1024B - Virtual size: 944B