8aecdb11050fc9a5cf555823e1cddab09500f66b6c380fa13fe8aa9a0d0abe61

Sharing

Copy URL Twitter E-mail

General

Target

8aecdb11050fc9a5cf555823e1cddab09500f66b6c380fa13fe8aa9a0d0abe61
Size

104KB
MD5

3fd31148b9e89a889e8b20fe18b82d99
SHA1

0217e61f8217d907c4b30d19bfff7cab729bc17f
SHA256

8aecdb11050fc9a5cf555823e1cddab09500f66b6c380fa13fe8aa9a0d0abe61
SHA512

3fe5fb7d6cb47da5e9d8d4f6d0b51e7e176f1724938dbb061efa971b299a84f9b8fe535aa6155ec507ec8a843f4a0fa558a1f3c9b81a685a0c6b282ae21a65ba
SSDEEP

1536:53i2FC0jJKr6ODdtYFaDzC1WS1WRjVbU7xTp0b1NBhQjzPqz:pE0F/adtYFWycRjVbU7xCxN0jzPqz

Score

N/A

Malware Config

Signatures

Files

8aecdb11050fc9a5cf555823e1cddab09500f66b6c380fa13fe8aa9a0d0abe61
.exe windows x86

74ac8f98c0ef45fe6bc190b79306dd83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegCloseKey
CloseServiceHandle
RegDeleteValueW
FreeSid
FreeSid
OpenThreadToken
RegCreateKeyExW
GetLengthSid
RegDeleteValueW
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueW
AllocateAndInitializeSid
RegEnumKeyExW
FreeSid
OpenProcessToken
RegEnumValueW
InitializeSecurityDescriptor
RegEnumValueW
RegDeleteValueW
GetLengthSid
InitializeSecurityDescriptor
RegDeleteKeyW
AddAccessAllowedAce
AddAccessAllowedAce
RegEnumKeyExW
RegDeleteKeyW
CloseServiceHandle
RegOpenKeyW
RegQueryValueExW
GetTokenInformation
RegOpenKeyExA
RegOpenKeyExW
AddAccessAllowedAce
AdjustTokenPrivileges
InitializeSecurityDescriptor
RegQueryValueExW
GetLengthSid
RegCreateKeyExA
RegCloseKey
RegEnumKeyExW
RegCreateKeyExA
OpenProcessToken
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExA
InitializeSecurityDescriptor
FreeSid
GetTokenInformation
RegQueryValueExA
RegQueryValueExA
AdjustTokenPrivileges
RegOpenKeyW
RegOpenKeyW

shell32

SHGetFolderPathW
ExtractIconExW
DragAcceptFiles
SHGetSpecialFolderPathW
DragAcceptFiles
DragAcceptFiles
DragFinish
DragFinish
SHGetSpecialFolderLocation
ShellAboutW
ShellAboutW
DragFinish
ExtractIconW
SHGetFileInfoW
SHGetFolderPathW
SHGetDesktopFolder
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
CommandLineToArgvW
SHGetFileInfoW
CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetSpecialFolderLocation
ShellAboutW
ShellExecuteExW
ShellExecuteExW
Shell_NotifyIconW
SHChangeNotify
SHGetDesktopFolder
Shell_NotifyIconW
ExtractIconW
DragFinish
SHChangeNotify
SHGetMalloc
ShellExecuteExW
DragQueryFileW
SHGetPathFromIDListW
SHGetDesktopFolder
CommandLineToArgvW
DragQueryFileW
SHGetFolderPathW
ExtractIconW
ShellExecuteExW
DragAcceptFiles
SHGetDesktopFolder
SHGetMalloc
SHGetMalloc
ExtractIconExW
SHGetSpecialFolderPathW
DragAcceptFiles
ShellAboutW
DragQueryFileW
SHGetPathFromIDListW
SHGetMalloc
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetSpecialFolderLocation

gdi32

SetBkColor
PatBlt
GetObjectW
SetBkMode
GetTextMetricsW
GetTextMetricsW
MoveToEx
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
GetObjectW
SetTextColor
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
LineTo
DeleteDC
LineTo
GetStockObject
PatBlt
CreateCompatibleBitmap
GetDeviceCaps
LineTo
BitBlt
GetStockObject
GetStockObject
SetBkColor
DeleteDC
GetDeviceCaps
GetStockObject
GetObjectW
DeleteObject
GetStockObject
SetBkMode
MoveToEx
SetTextColor
CreateCompatibleDC
DeleteDC
DeleteObject
CreateCompatibleBitmap
SetTextColor
CreateCompatibleBitmap
GetDeviceCaps
PatBlt
GetTextMetricsW
GetStockObject
MoveToEx
SetBkMode
SetBkColor
SelectObject
BitBlt
DeleteDC
DeleteDC
GetDeviceCaps
MoveToEx
SelectObject
PatBlt
DeleteDC
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC
PatBlt
SetBkColor
DeleteDC
SetTextColor
SelectObject
SelectObject
DeleteObject
MoveToEx
DeleteObject
GetTextMetricsW
GetObjectW
SetBkMode
CreateCompatibleBitmap
SetTextColor
SetBkMode
BitBlt
SetBkColor
SetBkColor
PatBlt
GetDeviceCaps
LineTo
PatBlt
MoveToEx
SetBkMode
DeleteDC

user32

LoadIconW
DefWindowProcW
EndPaint
LoadIconW
SendMessageW
GetSystemMetrics
DefWindowProcW
PostMessageW
GetWindowRect
CreateWindowExW
ReleaseDC
PostMessageW
SendMessageW
CreateWindowExW
DestroyWindow
GetMessageW
LoadIconW
GetDC
DefWindowProcW
GetWindowRect
DestroyWindow
GetMessageW
SetTimer
ShowWindow
GetSystemMetrics
DefWindowProcW
GetDC
LoadIconW
SetTimer
GetWindowRect
ReleaseDC
DestroyWindow
PostMessageW
ReleaseDC
LoadIconW
LoadIconW
GetSystemMetrics
ReleaseDC
SetTimer
DestroyWindow
GetMessageW
LoadIconW
DefWindowProcW
SetTimer
LoadIconW
DestroyWindow
GetWindowRect
CreateWindowExW
SendMessageW
CreateWindowExW
ShowWindow
DefWindowProcW
SendMessageW
ReleaseDC
GetDC
LoadIconW
GetWindowRect
GetWindowRect
GetMessageW
GetSystemMetrics
CreateWindowExW
SendMessageW
LoadIconW
ReleaseDC
DefWindowProcW
GetDC
LoadIconW
SetTimer
GetSystemMetrics
GetMessageW
SetTimer
GetDC
GetMessageW
GetMessageW
CreateWindowExW
DefWindowProcW
LoadIconW
GetWindowRect
PostMessageW
GetDC
ShowWindow
GetMessageW
GetDlgItem
ReleaseDC
DestroyWindow
DefWindowProcW
ReleaseDC
ShowWindow
GetSystemMetrics
PostMessageW
GetDC
LoadIconW
GetWindowRect
GetMessageW
ShowWindow
ShowWindow
ShowWindow
LoadIconW
PostMessageW
DestroyWindow
GetMessageW
GetDlgItem
GetMessageW
DefWindowProcW
ReleaseDC
GetMessageW

kernel32

GetCurrentThreadId
GetModuleHandleW
GetCurrentProcess
VirtualFree
GetACP
LocalFree
MultiByteToWideChar
GetModuleFileNameA
VirtualFree
VirtualFree
GetModuleHandleA
GetACP
LocalFree
GetModuleHandleW
GetModuleHandleA
GetProcessHeap
GetProcessHeap
MultiByteToWideChar
GetCommandLineA
SetUnhandledExceptionFilter
MultiByteToWideChar
GetTickCount
GetCurrentProcessId
VirtualFree
GetACP
GetProcessHeap
LocalAlloc
GetCurrentThreadId
GetCurrentThreadId
HeapAlloc
GetCommandLineA
MultiByteToWideChar
GetCommandLineW
WaitForSingleObject
GetModuleHandleW
GetModuleHandleW
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetEvent
QueryPerformanceCounter
GetCurrentThreadId
QueryPerformanceCounter
LocalFree
GetProcessHeap
GetProcessHeap
GetCurrentThreadId
SetEvent
SetEvent
GetCommandLineW
WaitForSingleObject
QueryPerformanceCounter
SetEvent
MultiByteToWideChar
SetEvent
LocalAlloc
FormatMessageW
GetCommandLineW
GetModuleHandleW
GetProcessHeap
GetCommandLineA
LocalFree
GetCurrentProcessId
VirtualFree
GetCurrentProcess
FormatMessageW
GetACP
GetTickCount
GetModuleHandleA
GetModuleHandleA
GetModuleFileNameA
GetProcessHeap
GetModuleHandleA
GetCurrentProcess
GetTickCount
GetCurrentThreadId
GetCommandLineA
GetCurrentProcessId
GetProcessHeap
QueryPerformanceCounter
GetProcessHeap
FormatMessageW
GetCommandLineW
WaitForSingleObject
VirtualFree
GetCurrentThreadId
GetACP
GetCurrentProcess
GetModuleHandleA
LocalAlloc
MultiByteToWideChar
SetEvent
GetTickCount
WaitForSingleObject
GetTickCount
FormatMessageW
FormatMessageW
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
GetModuleFileNameA
GetTickCount
FormatMessageW
GetCurrentThreadId
GetCommandLineA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74ac8f98c0ef45fe6bc190b79306dd83

Headers

File Characteristics

Imports

advapi32

shell32

gdi32

user32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 10KB - Virtual size: 152KB

.data Size: 71KB - Virtual size: 72KB

.pdata Size: 512B - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 10KB - Virtual size: 152KB

.data
Size: 71KB - Virtual size: 72KB

.pdata
Size: 512B - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB