805622cb5bad11007d9e4d88e5dda67bcf9bd7f42dc5dce4f2699a953f36bb6c

Sharing

Copy URL Twitter E-mail

General

Target

805622cb5bad11007d9e4d88e5dda67bcf9bd7f42dc5dce4f2699a953f36bb6c
Size

371KB
MD5

96ce633f920bf3bda058fbb2ad7a4603
SHA1

7feca11cc71e46ae58a5c907cf6e96f3201a83af
SHA256

805622cb5bad11007d9e4d88e5dda67bcf9bd7f42dc5dce4f2699a953f36bb6c
SHA512

c40e30d3c9c2a882ceda4bc34c584ea4df18d7f796f57ae0252261b95df15b1ea740583db497c74693d574ff48d9985f480ba32a0c793a95d377f36ec6c197cd
SSDEEP

6144:RAqyZZsaVCrjjwrYYy2hf8/97vIYtTjNTYNyKHam3+17YUvKc8Zq9iFK0G3HIT:RSuxnjwsH2hc9UINTYNy48hKc4K

Score

N/A

Malware Config

Signatures

Files

805622cb5bad11007d9e4d88e5dda67bcf9bd7f42dc5dce4f2699a953f36bb6c
.exe windows x86

25a29220911a9e3e8e35120f0d670474

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shlwapi

StrFormatKBSizeW
SHRegDeleteUSValueA
SHDeleteValueW
SHRegGetBoolUSValueW
PathIsRelativeW
PathMakePrettyW
SHCopyKeyW
wvnsprintfA
ColorRGBToHLS
PathSearchAndQualifyA
DelayLoadFailureHook
PathRemoveArgsW
SHRegEnumUSKeyA
UrlGetLocationW
StrCatW
SHDeleteValueA
SHDeleteKeyW
UrlCreateFromPathW
PathMatchSpecW
UrlCombineA
PathBuildRootW
StrFormatByteSizeA
PathIsUNCServerShareA
SHIsLowMemoryMachine
StrTrimA
AssocQueryStringByKeyW
PathStripToRootW
PathIsNetworkPathA
StrStrNW
PathSetDlgItemPathW
PathBuildRootA
PathRemoveBlanksW
UrlIsOpaqueW
UrlHashW
PathFindNextComponentA
StrToIntW

clusapi

CloseClusterNetInterface
ClusterGroupControl
ClusterNetworkOpenEnum
ClusterResourceControl
GetClusterKey
GetClusterNetworkKey
ClusterRegDeleteValue
OpenClusterNetwork
SetClusterGroupNodeList
OfflineClusterGroup
ClusterRegEnumKey
SetClusterResourceName
GetClusterResourceNetworkName
GetClusterFromGroup
RestoreClusterDatabase
DeleteClusterGroup
GetClusterResourceTypeKey
CloseClusterNotifyPort
GetClusterResourceKey
GetClusterNetInterfaceState
ClusterOpenEnum
ClusterGroupGetEnumCount
SetClusterQuorumResource
ClusterResourceEnum
GetClusterNodeId
ClusterResourceCloseEnum
SetClusterName
SetClusterNetworkPriorityOrder
ClusterResourceTypeEnum
PauseClusterNode
GetClusterNodeKey
ClusterRegEnumValue
ClusterGroupOpenEnum
OpenClusterGroup
ClusterNetworkEnum
ClusterGroupCloseEnum
ResumeClusterNode

advapi32

GetCurrentHwProfileA
SaferCloseLevel
RegQueryValueExW
LookupAccountNameA
AreAllAccessesGranted
CloseServiceHandle
RegOpenKeyW
SetSecurityInfoExW
QueryServiceStatus
SaferRecordEventLogEntry
TrusteeAccessToObjectW
RegFlushKey
IsValidSecurityDescriptor
ElfCloseEventLog
MD5Update
BuildTrusteeWithObjectsAndNameW
SetFileSecurityA
SetNamedSecurityInfoW
SystemFunction018
CryptCreateHash
ReadEncryptedFileRaw
GetKernelObjectSecurity
RegisterServiceCtrlHandlerExA
AddAccessDeniedObjectAce
LsaAddPrivilegesToAccount
GetSecurityDescriptorRMControl
RemoveTraceCallback
BackupEventLogW
SystemFunction030
WmiEnumerateGuids
NotifyChangeEventLog
ConvertStringSecurityDescriptorToSecurityDescriptorW
SystemFunction020
GetTrusteeNameW
ControlTraceA
GetTraceLoggerHandle
GetSidSubAuthority
SystemFunction017

uxtheme

GetThemeInt
GetThemeTextExtent
GetThemeDocumentationProperty
GetThemeFont
GetThemeSysColor
DrawThemeIcon
GetThemeColor
HitTestThemeBackground
GetThemePartSize
IsThemePartDefined
GetThemeBackgroundContentRect
GetThemeSysFont
GetThemeBackgroundExtent
GetThemeSysString
GetThemeMargins
GetCurrentThemeName
CloseThemeData
DrawThemeParentBackground
DrawThemeBackground
SetWindowTheme
SetThemeAppProperties
GetThemeEnumValue
GetThemeAppProperties
GetThemeBool
DrawThemeEdge
IsAppThemed
GetThemeRect
GetThemeTextMetrics
GetThemePosition
GetThemeFilename
EnableThemeDialogTexture
IsThemeActive
GetThemePropertyOrigin
IsThemeBackgroundPartiallyTransparent
EnableTheming
DrawThemeText
GetThemeBackgroundRegion
OpenThemeData
GetThemeMetric
IsThemeDialogTextureEnabled
GetThemeSysBool
GetThemeString

crtdll

_unlink
_ismbcupper
atol
_lfind
strlen
_ismbcalpha
_ismbblead
atof
_mbsspn
div
_CIatan2
_wcsnicmp
_utime
_jn
_execlpe
strrchr
wprintf
_mbcjmstojis
_kbhit
strtod
_basemajor_dll
_wcsicoll
time
clock
_pipe
fgetpos
_mbsnbcat
_ismbbprint
_mbsnbcmp
_CIsqrt
fgetwc
floor
_strset
_mbbtombc
ispunct
_execve
_strspnp
is_wctype
swscanf
__pxcptinfoptrs
freopen
_mbsbtype
_eof
_sys_errlist
wctomb
_fputchar
_c_exit
wcsncat
_osminor_dll
_strupr
setlocale
_findclose
_gcvt
_ismbbpunct
_open
gets
_CIexp
wcstok
exp
_wcsupr
getchar
_getsystime
asin

kernel32

FindNextFileA
_llseek
GetConsoleAliasesW
GlobalUnlock
GlobalFlags
GetLastError
DebugSetProcessKillOnExit
BindIoCompletionCallback
HeapSize
WaitForMultipleObjectsEx
UpdateResourceA
LocalAlloc
QueryPerformanceCounter
Module32Next
GetProcAddress
SetConsoleInputExeNameW
InitializeSListHead
SetFileAttributesA
ExpandEnvironmentStringsW
OpenMutexA
EnumDateFormatsW
EnumResourceNamesW
GetLogicalDriveStringsW
GetConsoleFontSize
VirtualAlloc
AddLocalAlternateComputerNameW
Heap32Next
SetEvent
GetNumberFormatA
GetAtomNameA
GetStringTypeExW
FindNextFileW
FindResourceExW
SetProcessAffinityMask
SetConsoleDisplayMode
SetComputerNameA
GetConsoleHardwareState
GetThreadPriorityBoost
GetEnvironmentStringsW
GetProcessWorkingSetSize
DeleteFileA
FoldStringW
LoadLibraryA
GetConsoleCursorInfo
_lcreat
GetCurrentThread
FindActCtxSectionGuid
InitializeCriticalSectionAndSpinCount
SetProcessShutdownParameters
FatalAppExitW
CreateEventW

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25a29220911a9e3e8e35120f0d670474

Headers

File Characteristics

Imports

shlwapi

clusapi

advapi32

uxtheme

crtdll

kernel32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 1KB - Virtual size: 524KB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 1KB - Virtual size: 524KB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 1KB - Virtual size: 1KB