c38032b58b58c6f7305d5cc05972d89eab4eb5954e18b713ef753409617db8d2

Sharing

Copy URL Twitter E-mail

General

Target

c38032b58b58c6f7305d5cc05972d89eab4eb5954e18b713ef753409617db8d2
Size

43KB
MD5

89b3b3e38a2f899382b16a691b672a7c
SHA1

59bc7145e06a32407d7403a0e872cde2b616b179
SHA256

c38032b58b58c6f7305d5cc05972d89eab4eb5954e18b713ef753409617db8d2
SHA512

314b5019e8fd6bc49b8c0e98785d5e6523b2f3c229bc22bba6fce75ea3a46702078fda916a942b5f0c154d7e0e47c207c46ea976cc227adf86571198bb608ad5
SSDEEP

768:8k9UTIMstCa2OEFjj24aXJi8St6gsBkNTr1nPb4/z9mp4gfOaSFASFASFgaG:ja8MGOrjj2XZi8K4yr1P4zk3fsbbHG

Score

N/A

Malware Config

Signatures

Files

c38032b58b58c6f7305d5cc05972d89eab4eb5954e18b713ef753409617db8d2
.exe windows x86

3c6bfc37d23babefa9b0356fd75b38eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_allshl
RtlDumpResource
RtlIsTextUnicode
NtImpersonateClientOfPort
_CIcos
ZwReleaseMutant
NtQueryInstallUILanguage
ZwOpenJobObject
RtlAddAuditAccessObjectAce
RtlFindActivationContextSectionString
RtlIsDosDeviceName_U
NtSetSystemEnvironmentValue
NtLoadDriver
NtSetBootEntryOrder
NtSetHighEventPair
RtlCreateUnicodeString
_vsnprintf
ZwUnloadKey
ZwIsSystemResumeAutomatic
NtPrivilegeObjectAuditAlarm
ZwOpenSymbolicLinkObject
RtlCaptureStackContext
RtlQueueWorkItem
NtAlertThread
ZwOpenProcess

advapi32

SetPrivateObjectSecurity
GetManagedApplications
GetNamedSecurityInfoExA
AreAnyAccessesGranted
GetTrusteeFormW
BuildTrusteeWithSidW
SaferiSearchMatchingHashRules
GetEffectiveRightsFromAclA
GetSidLengthRequired
WmiExecuteMethodW
CryptGenKey
SetEntriesInAccessListW
OpenEventLogA
InitiateSystemShutdownExW
GetNamedSecurityInfoW
WmiMofEnumerateResourcesW
MakeAbsoluteSD2
DuplicateTokenEx
AddAccessDeniedObjectAce
CryptVerifySignatureA
BuildImpersonateTrusteeW
ImpersonateLoggedOnUser
SaferiPopulateDefaultsInRegistry
FreeSid
ElfOldestRecord
CheckTokenMembership
CryptVerifySignatureW
RegSetValueExW
I_ScSendTSMessage
CreateProcessWithLogonW

olecli32

LeSaveToStream
LeQueryType
OleLoadFromStream
PbQueryBounds
OleQueryName
DibDraw
ErrQueryProtocol
LeShow
LeCreateInvisible
ErrSetTargetDevice
ErrSetBounds
BmChangeData
OleSetHostNames
SetNetName
DibGetData
OleQueryProtocol
SetNextNetDrive
ErrObjectLong
LeReconnect
ErrQueryOpen
PbCopyToClipboard
CheckNetDrive
DibCopy
LeQueryOutOfDate
OleReconnect
LeSetBounds
DefCreate
PbCreateFromTemplate
ErrClose
OleQueryReleaseMethod

gdi32

ExtCreateRegion
GetEnhMetaFilePaletteEntries
CreateHatchBrush
EngGetDriverName
EngCreateClip
PolyBezierTo
ExcludeClipRect
GdiSetPixelFormat
EnumFontsW
GetSystemPaletteEntries
SetBkMode
GetTextAlign
GetTextColor
SetMetaFileBitsEx
SetEnhMetaFileBits
DdEntry22
LPtoDP
GetViewportExtEx
GetCharWidthFloatA
GetClipRgn
GetTextExtentExPointW
SetMagicColors
AddFontResourceA
AddFontResourceExA
SetRelAbs
SelectFontLocal
DeleteColorSpace
DdEntry52
GdiGetPageHandle
SwapBuffers
AddFontResourceW

kernel32

SetFileApisToOEM
GetACP
UpdateResourceA
SetConsoleActiveScreenBuffer
FillConsoleOutputCharacterA
RemoveDirectoryA
BuildCommDCBW
LZCreateFileW
SetComputerNameW
SetTimeZoneInformation
DeleteAtom
GetMailslotInfo
InterlockedExchange
FindAtomA
GetModuleHandleA
LZSeek
GlobalAlloc
GetStringTypeExW
SetConsoleCursor
AddConsoleAliasA
IsValidLocale
CreateTimerQueueTimer
RegisterWaitForSingleObjectEx
SetConsoleNumberOfCommandsW
GetProcessId
ClearCommBreak
FindClose
VirtualAlloc
GetEnvironmentStrings
LoadLibraryA
FreeLibraryAndExitThread
GetAtomNameA
FillConsoleOutputAttribute
VerLanguageNameW
DeactivateActCtx
PeekConsoleInputW
DebugActiveProcessStop

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c6bfc37d23babefa9b0356fd75b38eb

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

advapi32

olecli32

gdi32

kernel32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 446B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 446B

.rsrc
Size: 2KB - Virtual size: 2KB