af08303933066772500960f3e15b8fd4f5da6a7d3f0340100beab082b7296d53

Sharing

Copy URL Twitter E-mail

General

Target

af08303933066772500960f3e15b8fd4f5da6a7d3f0340100beab082b7296d53
Size

288KB
MD5

8b677133143e7220846ba63531a3fdcc
SHA1

30a68965685d6f687417457c5fd05e6a5d40d275
SHA256

af08303933066772500960f3e15b8fd4f5da6a7d3f0340100beab082b7296d53
SHA512

86793ea466b32d1f3ea82a253069099f06035b0862d3974f82048b35d6a1e447e1f6809cf67197eac5d66098a831f9c9838253c53565cb87cc73239c5a074f5a
SSDEEP

6144:CfWOBDkoz6tOD8517IU/Z7OK+YDh1nBA+JA5dgPbfVa3mD2qxR3T6iy:Cj9buqcZ777Dh1nBba5ePbVH2qXD

Score

N/A

Malware Config

Signatures

Files

af08303933066772500960f3e15b8fd4f5da6a7d3f0340100beab082b7296d53
.exe windows x86

1958ea26678c5475df940476899109a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegOpenKeyExA
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegConnectRegistryW
RegSetValueExW
RegSetValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyW

kernel32

SetLastError
LocalFree
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
SetFileAttributesW
SetFilePointer
HeapDestroy
CompareStringW
SwitchToThread
lstrlenA
GetCurrentDirectoryW
FlushViewOfFile
GetFileSize
EnterCriticalSection
HeapSize
GetFileType
HeapAlloc
VirtualAlloc
DeleteCriticalSection
CopyFileW
SetUnhandledExceptionFilter
CreateFileW
CloseHandle
GetSystemTimeAsFileTime
CreateFileMappingW
MapViewOfFileEx
LocalAlloc
RaiseException
LCMapStringW
ExpandEnvironmentStringsW
HeapReAlloc
UnhandledExceptionFilter
DeviceIoControl
VirtualFree
LeaveCriticalSection
HeapFree
IsDebuggerPresent
MapViewOfFile
WideCharToMultiByte
DeleteFileW
FreeLibrary
GetProcessHeap
GetCurrentThreadId
lstrlenW
GetSystemInfo

oleaut32

SysStringLen
SysFreeString
VariantInit
VariantClear
VariantCopy
SysAllocString
SysStringByteLen
VarBstrCat
SysAllocStringLen
SysAllocStringByteLen

ole32

CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CreateStreamOnHGlobal
CoCreateInstance

rpcrt4

UuidCreate

msdart

mpCalloc
mpFree
MpGetHeapHandle
?sm_dblDfltSpinAdjFctr@CCritSec@@1NA
?sm_wDefaultSpinCount@CReaderWriterLock2@@1GA
MPInitializeCriticalSectionAndSpinCount
?sm_dblDfltSpinAdjFctr@CFakeLock@@1NA

nddeapi

NDdeShareDelW
NDdeIsValidShareNameA
NDdeSetTrustedShareA

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1958ea26678c5475df940476899109a6

Headers

File Characteristics

Imports

advapi32

kernel32

oleaut32

ole32

rpcrt4

msdart

nddeapi

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 265KB - Virtual size: 627KB

.rdata Size: 2KB - Virtual size: 175KB

.rsrc Size: 9KB - Virtual size: 20KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 265KB - Virtual size: 627KB

.rdata
Size: 2KB - Virtual size: 175KB

.rsrc
Size: 9KB - Virtual size: 20KB