0a4fe06e81290f720840537924deeff1e711a5e60e79357d3a9fc6e31fbd34f5

Sharing

Copy URL

Twitter E-mail

General

Target

0a4fe06e81290f720840537924deeff1e711a5e60e79357d3a9fc6e31fbd34f5
Size

93KB
MD5

814428f325bad108f5131acbeffe1140
SHA1

807435385b96a08adab4d0c31e6d7c2555c242ae
SHA256

0a4fe06e81290f720840537924deeff1e711a5e60e79357d3a9fc6e31fbd34f5
SHA512

5638dfe9dc27b9fd21e611b2e0c370beabd7efa6db97c81e29926ec268806450bb4377e05f1adc20603b64b778b845b08d33491d0d5a2701e2a34ccdcb8c9e2e
SSDEEP

1536:2pFh6eYsb6ssOyE2Ji7Y+zmvycZQOpSjptGVTJ+pUVBtTieqAue0TPQ:deCTOGg7pmvyceDmTopUgeqAdIQ

Score

N/A

Malware Config

Signatures

Files

0a4fe06e81290f720840537924deeff1e711a5e60e79357d3a9fc6e31fbd34f5
.exe windows x86

8baae8dd38021c6e65825ec47ec7880e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

advapi32

IsValidSid
SetFileSecurityA
CheckTokenMembership
InitializeSid
CryptCreateHash
RegEnumKeyExW
GetSidSubAuthority
AdjustTokenPrivileges
CopySid
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
CryptDestroyHash
GetSidLengthRequired
CryptReleaseContext
RegQueryValueExW
GetTokenInformation
RegCloseKey
RegDeleteValueW
CryptHashData
SetFileSecurityW
GetLengthSid
FreeSid
CryptAcquireContextW
CryptGetHashParam
AllocateAndInitializeSid
GetFileSecurityW
RegOpenKeyExW
SetSecurityDescriptorDacl

userenv

UnloadUserProfile

dnsapi

DnsQuery_W
DnsFree

user32

CharUpperW
PeekMessageW
CharToOemA
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
OemToCharA
CharUpperA
OemToCharBuffA
wsprintfW
CharToOemBuffW
CharLowerA

kernel32

QueryPerformanceFrequency
GetLocalTime
RaiseException
FileTimeToSystemTime
SetCurrentDirectoryW
lstrcpyW
WriteFile
GetShortPathNameW
HeapAlloc
IsDebuggerPresent
GetFileSize
GetTempFileNameW
LeaveCriticalSection
WideCharToMultiByte
DosDateTimeToFileTime
DeleteCriticalSection
LocalFileTimeToFileTime
GetTimeZoneInformation
HeapReAlloc
LockResource
OpenMutexW
GetTempPathW
GlobalFree
ReleaseMutex
CreateDirectoryA
SystemTimeToFileTime
SetFileTime
DeleteFileW
RemoveDirectoryW
GetVolumeInformationW
MoveFileW
FindNextFileA
SetEndOfFile
GetProcessHeap
LoadLibraryExW
SetThreadPriority
FindClose
EnterCriticalSection
FreeLibrary
WaitForSingleObject
FindFirstFileA
CreateMutexW
MoveFileExW
CopyFileW
GetWindowsDirectoryW
UnhandledExceptionFilter
SetFilePointer
CreateEventW
GetFileType
FindResourceW
SetFileAttributesW
GetDiskFreeSpaceExW
GetStdHandle
HeapFree
GetFileTime
GetSystemTime
SetLastError
GetCurrentDirectoryW
GetSystemWindowsDirectoryW
CreateProcessW
FindNextFileW
CreateFileA
CreateDirectoryW
CreateFileW
FindFirstFileW
GetSystemTimeAsFileTime
SetFileAttributesA
OutputDebugStringW
lstrlenA
IsDBCSLeadByte
SetUnhandledExceptionFilter
GetFileAttributesExW
CompareFileTime
DeviceIoControl
GetThreadPriority
GetSystemDirectoryW
LocalAlloc
HeapSize
SizeofResource
FindResourceExW
GetCurrentThreadId
GetSystemDefaultLangID
CloseHandle
ReadFile
lstrlenW
LoadResource
HeapDestroy
GetModuleHandleW
VirtualAlloc

shlwapi

PathAddBackslashW
PathFileExistsW
StrToIntExW
PathIsUNCServerW
PathAppendW
PathRemoveFileSpecW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

ws2_32

WSAStringToAddressW
WSAStartup
inet_ntoa
inet_addr
WSACleanup

ole32

CLSIDFromString
StringFromGUID2
CoCreateGuid

crypt32

CryptMemRealloc
CertCreateCertificateContext
CertCompareCertificate
CertNameToStrW
CertVerifyValidityNesting
CryptMsgOpenToDecode
CryptMemFree
CertGetIssuerCertificateFromStore
CertDuplicateCertificateContext
CryptMsgGetParam
CertOpenStore
CertFreeCertificateChain
CertCloseStore
CryptMsgClose
CryptMemAlloc
CertFreeCertificateContext
CertAddCertificateContextToStore
CryptDecodeObjectEx
CryptMsgControl
CertCompareIntegerBlob
CertGetIntendedKeyUsage
CertFindExtension
CryptMsgUpdate

iassvcs

IASUninitialize
IASSetMaxNumberOfThreads
IASSetMaxThreadIdle
IASVariantChangeType

glu32

gluPerspective
gluEndSurface
gluTessNormal
gluEndCurve
gluDisk
gluProject

Sections

.vcOQd
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_MEM_READ

.DrfNZec
Size: 1024B - Virtual size: 37KB

IMAGE_SCN_MEM_READ

.ntRkpjA
Size: 3KB - Virtual size: 38KB

IMAGE_SCN_MEM_READ

.rWliQMk
Size: 1KB - Virtual size: 36KB

IMAGE_SCN_MEM_READ

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RYzaBH
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ejuobG
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yvxfss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oxRZUrp
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DXZhxhr
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ylst
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Mhhhjaa
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xlHIli
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8baae8dd38021c6e65825ec47ec7880e

Headers

File Characteristics

Imports

version

advapi32

userenv

dnsapi

user32

kernel32

shlwapi

shell32

ws2_32

ole32

crypt32

iassvcs

glu32

Sections

.vcOQd Size: 2KB - Virtual size: 30KB

.DrfNZec Size: 1024B - Virtual size: 37KB

.ntRkpjA Size: 3KB - Virtual size: 38KB

.rWliQMk Size: 1KB - Virtual size: 36KB

.text Size: 19KB - Virtual size: 18KB

.RYzaBH Size: 2KB - Virtual size: 1KB

.ejuobG Size: 1024B - Virtual size: 930B

.yvxfss Size: 1KB - Virtual size: 1KB

.oxRZUrp Size: 1024B - Virtual size: 826B

.DXZhxhr Size: 2KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 12KB

.rdata Size: 211KB - Virtual size: 210KB

.Ylst Size: 3KB - Virtual size: 2KB

.Mhhhjaa Size: 1KB - Virtual size: 1KB

.xlHIli Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 9KB

.vcOQd
Size: 2KB - Virtual size: 30KB

.DrfNZec
Size: 1024B - Virtual size: 37KB

.ntRkpjA
Size: 3KB - Virtual size: 38KB

.rWliQMk
Size: 1KB - Virtual size: 36KB

.text
Size: 19KB - Virtual size: 18KB

.RYzaBH
Size: 2KB - Virtual size: 1KB

.ejuobG
Size: 1024B - Virtual size: 930B

.yvxfss
Size: 1KB - Virtual size: 1KB

.oxRZUrp
Size: 1024B - Virtual size: 826B

.DXZhxhr
Size: 2KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 12KB

.rdata
Size: 211KB - Virtual size: 210KB

.Ylst
Size: 3KB - Virtual size: 2KB

.Mhhhjaa
Size: 1KB - Virtual size: 1KB

.xlHIli
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 9KB