83791e8d27edcfce84fde89e5ab163d61a8b07b1e0602a0e32f24ab66a21e18e

Sharing

Copy URL Twitter E-mail

General

Target

83791e8d27edcfce84fde89e5ab163d61a8b07b1e0602a0e32f24ab66a21e18e
Size

86KB
MD5

4d592f466f256e32967e56e5611a309e
SHA1

704ddb2edab2c217998ba4a0d87ed4a2d84c0bd5
SHA256

83791e8d27edcfce84fde89e5ab163d61a8b07b1e0602a0e32f24ab66a21e18e
SHA512

189a26a8a8401d86388b0a3003a4089bc2a21576aa9a855e81e2d0f01b778c27a6075794ce195a759ea79c68305174874eb89fdade351bd1f8281f57125722d0
SSDEEP

1536:WzcO60cIa+Bfesx9o8PSJ4O+ZML/s1a5pExWpHRh0W+8YlsOUbxsyldufd:W4jnAesx9BaJ1+ZMz5pNtQLPl5Ubx3du

Score

N/A

Malware Config

Signatures

Files

83791e8d27edcfce84fde89e5ab163d61a8b07b1e0602a0e32f24ab66a21e18e
.exe windows x86

15d45012bee30ed663b4a44af191a042

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsSystemResumeAutomatic
GetFileAttributesExW
CreatePipe
WriteProfileSectionA
lstrcatA
GetCPInfoExA
MultiByteToWideChar
GetThreadContext
WaitForSingleObjectEx
VirtualProtect
EnumTimeFormatsW
GetModuleFileNameA
GetEnvironmentStringsA
VirtualAlloc
SetSystemTime
GetQueuedCompletionStatus
GetAtomNameA
IsDBCSLeadByteEx
GetBinaryType
WriteConsoleW
GlobalDeleteAtom
LoadResource
SetHandleInformation
SetConsoleActiveScreenBuffer
OpenFileMappingA
GetOverlappedResult
WritePrivateProfileSectionW
SwitchToThread
GlobalFlags
TransmitCommChar
CreateNamedPipeA
GlobalWire
Process32First
PrepareTape
MoveFileW
GetCurrentThreadId
SetTapeParameters
GetAtomNameW
ExitProcess
ReadConsoleInputW
LocalLock
LocalHandle
GetThreadSelectorEntry
EnumSystemLocalesA
LCMapStringW
GetTimeFormatW
WriteConsoleInputW
GetEnvironmentVariableW
FindFirstFileExW
GetBinaryTypeA
GetCurrencyFormatW
VirtualFree
lstrlenW
GetSystemDirectoryA
CreateDirectoryExW
ConvertDefaultLocale
GetStringTypeA
ClearCommError
HeapCompact
GetTempFileNameA
GetDateFormatW
SetVolumeLabelA
EnumResourceLanguagesW
GlobalFindAtomA
SetFileAttributesW
FlushFileBuffers
SetComputerNameA
GetCommandLineW
FindAtomW
GetFileTime
SetHandleCount
BuildCommDCBAndTimeoutsW
WaitForMultipleObjects
PostQueuedCompletionStatus
GetNumberOfConsoleMouseButtons
OpenMutexW
ReleaseMutex
OpenWaitableTimerW
GetDiskFreeSpaceW
EnumDateFormatsExA
GetCompressedFileSizeW
EnumDateFormatsA
RequestDeviceWakeup
SetCommBreak
HeapWalk
CreateDirectoryA
OpenMutexA
CreateEventA
EnumResourceNamesW
lstrcmpiA
CancelWaitableTimer
CreateMailslotA
SleepEx
GetCurrentDirectoryA
GetProcAddress
GetWindowsDirectoryA
GetPrivateProfileIntW
GetTempFileNameW
SetErrorMode
LocalAlloc
SetFileTime
GetFileSize
SetFilePointer
GetCurrencyFormatA
ResumeThread
RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
lstrlenA
EnumDateFormatsExW
Sleep
GetVersionExW
WriteFile
QueryPerformanceCounter
GetPrivateProfileStringW
GetCommConfig
Thread32Next
GetShortPathNameA
SetConsoleCtrlHandler
GetPrivateProfileStructA
GlobalUnfix
SetCommTimeouts
GetCommTimeouts
GetStartupInfoA
GetComputerNameW
SetNamedPipeHandleState
EnumCalendarInfoA
GetShortPathNameW
GetDiskFreeSpaceExA
SetFileApisToOEM
CompareStringW
SearchPathW
SetThreadExecutionState
BeginUpdateResourceW

advapi32

GetSecurityInfo
RegConnectRegistryA
SetSecurityInfo
RegUnLoadKeyW
LookupPrivilegeDisplayNameW
RegisterEventSourceW
CreateProcessAsUserA
RegOpenKeyExW
IsValidSecurityDescriptor
BuildTrusteeWithSidA
CryptSetProviderA
LookupSecurityDescriptorPartsW
CreateServiceA
CryptExportKey
GetAccessPermissionsForObjectA
GetAuditedPermissionsFromAclA
CryptGetProvParam
ClearEventLogA
GetSidSubAuthorityCount
DuplicateToken
RegSaveKeyA
RegQueryValueExA
CreateServiceW
GetTrusteeNameA
LookupAccountNameW
RegQueryMultipleValuesW
RegGetKeySecurity
LogonUserW
BuildExplicitAccessWithNameA
RegDeleteValueW
RegCreateKeyW
ObjectPrivilegeAuditAlarmA
LookupPrivilegeNameW
GetSecurityDescriptorSacl
GetSecurityDescriptorControl
RegReplaceKeyA
AddAce
CancelOverlappedAccess
ConvertSecurityDescriptorToAccessNamedW
GetMultipleTrusteeOperationW
SetPrivateObjectSecurity
GetSecurityDescriptorOwner
RegRestoreKeyW
CryptSetProviderExA
GetMultipleTrusteeA
ObjectCloseAuditAlarmA
RegisterServiceCtrlHandlerW
GetNamedSecurityInfoA
GetTokenInformation
ImpersonateLoggedOnUser
ChangeServiceConfigA
RegEnumKeyW
BuildSecurityDescriptorA
RegDeleteValueA
QueryServiceConfigW
CryptSetProvParam
SetNamedSecurityInfoExA
RegOpenKeyA
CryptGenKey
CryptContextAddRef
GetServiceKeyNameW
GetTrusteeNameW
RegSetKeySecurity
GetTrusteeTypeA
GetKernelObjectSecurity
LockServiceDatabase
RegLoadKeyA
GetCurrentHwProfileW
SetSecurityInfoExA
MakeAbsoluteSD
DeleteService
CryptSignHashA
SetNamedSecurityInfoW
SetEntriesInAccessListW
BuildExplicitAccessWithNameW
ObjectOpenAuditAlarmW
SetThreadToken
CryptVerifySignatureW
EnumDependentServicesA
RegSetValueExA
RegQueryInfoKeyA
SetSecurityDescriptorOwner
SetFileSecurityW
RegConnectRegistryW
QueryServiceLockStatusW
GetSidSubAuthority
GetPrivateObjectSecurity
AddAccessAllowedAce
NotifyBootConfigStatus
CryptEncrypt
RegOpenKeyW
RegOpenKeyExA
LookupAccountSidA
RegQueryValueExW
SetEntriesInAclW
CryptReleaseContext
RevertToSelf
LookupAccountSidW
CryptSetKeyParam
SetEntriesInAuditListW
RegCreateKeyA
RegCreateKeyExW
RegSetValueW
BuildTrusteeWithNameW
EqualSid
ConvertSecurityDescriptorToAccessNamedA
UnlockServiceDatabase
RegNotifyChangeKeyValue
RegSaveKeyW
LogonUserA
PrivilegedServiceAuditAlarmW
GetAce
ObjectDeleteAuditAlarmW
AddAuditAccessAce
OpenServiceW
DuplicateTokenEx
FreeSid
CryptHashData
EnumServicesStatusW
SetSecurityDescriptorGroup
TrusteeAccessToObjectW

user32

SetWindowPlacement
DdePostAdvise
ExitWindowsEx
PostMessageW
CountClipboardFormats
GetPropW
SendDlgItemMessageA
SetClipboardViewer
SetThreadDesktop
ChangeMenuA
OemToCharA
GetKeyboardLayoutNameW
CreateAcceleratorTableA
SwitchDesktop
MonitorFromPoint
DrawCaption
GetActiveWindow
MessageBoxExA
DlgDirSelectComboBoxExW
GetMonitorInfoA
GetKeyboardType
SetDoubleClickTime
GetKeyNameTextW
MessageBoxW
ShowWindow
IsCharAlphaW
SetWindowLongW
EnumDisplaySettingsW
DdeAccessData
GetKeyboardLayoutList
ClipCursor
SendDlgItemMessageW
RegisterClassA
GetMenuItemInfoA
GetMessageW
GetMenuInfo
DeferWindowPos
ImpersonateDdeClientWindow
SetWinEventHook
DdeImpersonateClient
DdeFreeStringHandle
EnumDesktopsA
DdeKeepStringHandle
EnableScrollBar
DdeNameService
ExcludeUpdateRgn
LoadBitmapW
DialogBoxIndirectParamA
GetFocus
GetWindowLongA
IsCharUpperA
DragDetect
IsWindowEnabled
CloseWindow
GetDoubleClickTime
CopyImage
OpenClipboard
TranslateAccelerator
CascadeWindows
OffsetRect
GetGUIThreadInfo
WindowFromDC
AttachThreadInput
PaintDesktop
GetWindowRect
SetWindowContextHelpId
IsDialogMessageW
DdeUnaccessData
SetUserObjectInformationA
CreateIcon
GetDesktopWindow
MessageBoxIndirectW
SetDlgItemTextA
MapWindowPoints
InvalidateRect
GetClassNameA
GetMenuDefaultItem
MapVirtualKeyA
GetListBoxInfo
FreeDDElParam
GetProcessDefaultLayout
LoadCursorFromFileW
TranslateMessage
DlgDirSelectExW
PeekMessageW
GetSystemMetrics
GetMenuState
DeleteMenu
GetWindowTextA
GetThreadDesktop
DestroyWindow
GetWindowThreadProcessId
GetOpenClipboardWindow
DrawTextA
DefWindowProcA
DdeGetLastError
GetKeyState
GetWindowLongW
ScrollWindowEx
IsCharLowerW
OpenDesktopW
GetMenuItemID
ChangeMenuW
SwitchToThisWindow
LoadImageW
InflateRect
BlockInput
EnumDisplaySettingsExA
GetClientRect
CharToOemBuffA
SendMessageTimeoutA
InvalidateRgn
UnpackDDElParam
GetWindowWord
SetMenuItemBitmaps
DialogBoxParamA
LoadStringW
CreateAcceleratorTableW
AppendMenuW
SetLastErrorEx
RegisterDeviceNotificationA
SendMessageCallbackW
CharUpperBuffA
MsgWaitForMultipleObjectsEx
WaitForInputIdle
GetCursorPos
CallMsgFilterA
IsCharAlphaA
GetMenuItemInfoW

shlwapi

PathCommonPrefixA
PathCanonicalizeW
PathBuildRootA
wnsprintfA
PathUndecorateA
PathGetArgsA
PathIsSameRootW
StrCmpW
PathUnquoteSpacesA
SHRegDeleteUSValueW
SHSkipJunction
SHOpenRegStream2A
SHRegEnumUSValueW
StrTrimW
SHRegCreateUSKeyW
PathFindFileNameW
PathFindExtensionW
PathFindSuffixArrayA
SHRegCloseUSKey
StrRetToBufW
StrFormatKBSizeA
SHStrDupW
SHRegGetUSValueW
PathMatchSpecA
StrSpnW
SHRegQueryUSValueW
PathRemoveFileSpecA
StrChrA
PathRemoveExtensionW
PathSkipRootA
PathIsURLA
StrRStrIA
PathFindOnPathA
StrFormatByteSizeA
PathIsRootA
SHGetInverseCMAP
PathAppendW
StrCmpIW
SHStrDupA
StrFormatKBSizeW
PathRelativePathToW
PathRelativePathToA
StrRChrA
PathFileExistsA
SHOpenRegStreamW
PathMakeSystemFolderW
PathBuildRootW
PathAppendA
PathIsContentTypeA
StrCatBuffW
SHRegQueryInfoUSKeyW
PathIsDirectoryEmptyA
StrCpyNW
PathUndecorateW
PathRenameExtensionA
StrRetToStrW
StrRStrIW
PathFindOnPathW
StrRChrIW
SHOpenRegStreamA
AssocQueryStringW
StrTrimA
UrlGetLocationA
PathGetCharTypeW
StrDupW
StrRChrIA
PathIsDirectoryEmptyW
PathFileExistsW
PathIsURLW
SHRegOpenUSKeyW
StrToIntExW
StrCpyW
PathGetCharTypeA
SHCopyKeyW
PathRemoveBlanksA
StrStrA
SHRegDuplicateHKey
SHEnumKeyExW
PathIsSameRootA
SHEnumKeyExA
PathRemoveExtensionA
UrlHashA
SHCreateStreamOnFileA
SHDeleteKeyW
UrlCreateFromPathA
UrlHashW
SHQueryInfoKeyW
StrNCatW
PathIsLFNFileSpecW
PathIsDirectoryW
PathSkipRootW
UrlEscapeA
PathCompactPathExA
StrCSpnW
SHRegEnumUSValueA
UrlIsOpaqueW
StrChrIW
SHDeleteKeyA
StrPBrkW
PathFindSuffixArrayW
ChrCmpIW
StrFormatByteSize64A
PathFindExtensionA
PathIsRelativeW
StrFromTimeIntervalA
PathUnquoteSpacesW

ole32

OleLoad
OleQueryLinkFromData
OleGetAutoConvert
CoGetStandardMarshal
WriteOleStg
CoReleaseServerProcess
CoFreeAllLibraries
CoCreateFreeThreadedMarshaler
OleRegEnumFormatEtc
CoInitializeSecurity
CoRevokeClassObject
OleConvertOLESTREAMToIStorageEx
StgGetIFillLockBytesOnFile
OleSetContainedObject
UtConvertDvtd16toDvtd32
StgGetIFillLockBytesOnILockBytes
CoMarshalHresult
ReadFmtUserTypeStg
ReadOleStg
OleCreateDefaultHandler
CoSuspendClassObjects
ProgIDFromCLSID
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleCreateLinkToFile
CreateClassMoniker
StgCreateDocfileOnILockBytes
GetRunningObjectTable
CoIsOle1Class
CoCopyProxy
DllDebugObjectRPCHook
CoGetCurrentLogicalThreadId
SetConvertStg
CoTaskMemAlloc
OleConvertIStorageToOLESTREAMEx
CoGetObject
OleCreateEmbeddingHelper
CreateBindCtx
OleDoAutoConvert
OleSetAutoConvert
ReadClassStg
CreateFileMoniker
WriteClassStg
CLSIDFromString
OleCreateStaticFromData
CreateItemMoniker
CreatePointerMoniker
CoReleaseMarshalData
EnableHookObject
OleDestroyMenuDescriptor
CoFileTimeNow
OleRegEnumVerbs
UtConvertDvtd32toDvtd16
IIDFromString
OleCreate
CoRegisterMallocSpy
FreePropVariantArray
PropVariantClear
CoResumeClassObjects
CoQueryProxyBlanket
OleSaveToStream
CoGetMalloc
StringFromGUID2
CoGetCallContext
CoMarshalInterThreadInterfaceInStream
CreateDataAdviseHolder
CoUnmarshalInterface
StgSetTimes
MonikerCommonPrefixWith
StgIsStorageILockBytes
StgOpenStorage
CoIsHandlerConnected
OleDuplicateData
StgCreateStorageEx
SetDocumentBitStg
OleDraw
CoInitializeEx
MkParseDisplayName
ReadClassStm
OleSetMenuDescriptor
PropVariantCopy
OleCreateLinkFromData
CoDisconnectObject
OleQueryCreateFromData
WriteClassStm
CoCreateGuid
RevokeDragDrop
OleIsRunning
OleGetClipboard
StgOpenStorageEx
OleCreateFromData
CoGetPSClsid
OleCreateFromFileEx
CoGetCallerTID
CoLoadLibrary
CoRegisterPSClsid
CoRevertToSelf
OleConvertOLESTREAMToIStorage
OleCreateLinkToFileEx
CoDosDateTimeToFileTime
OleGetIconOfFile

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15d45012bee30ed663b4a44af191a042

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

shlwapi

ole32

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 512B - Virtual size: 4KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 4KB