bd6ab07f6e1d813d30d685f0f79dd29b95d360d869f6368a389f5f3aadca0fa7

Sharing

Copy URL

Twitter E-mail

General

Target

bd6ab07f6e1d813d30d685f0f79dd29b95d360d869f6368a389f5f3aadca0fa7
Size

177KB
MD5

3edc965b4753542fa2655a384ea33f27
SHA1

d92fabbcaf6c2c9d59873f2b22e853afada691c3
SHA256

bd6ab07f6e1d813d30d685f0f79dd29b95d360d869f6368a389f5f3aadca0fa7
SHA512

07fd4115ea7909ebe27ee1be447ce2f5f494bb8927a41cf1394dde86cca08f912d9eb6341f4153837f7b324f61c84c4c2ae65ea09481788c0a3f4e616cc577d1
SSDEEP

3072:ncoA0Ej/cQqgE/c+xT50IL9EncFwQaSp0Risbd1VZqLIz50qkGDQ4Y9:caEj1qq+r0ILycF+Spkb5Zq0KVGDQ4

Score

N/A

Malware Config

Signatures

Files

bd6ab07f6e1d813d30d685f0f79dd29b95d360d869f6368a389f5f3aadca0fa7
.exe windows x86

1290965ee1989002c2ccea4fee545cf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

oleacc

LresultFromObject
AccessibleObjectFromPoint

kernel32

WriteFile
SetUnhandledExceptionFilter
IsValidCodePage
VirtualAlloc
InitializeCriticalSection
HeapFree
HeapSize
FreeLibrary
LeaveCriticalSection
GetTimeZoneInformation
GetCPInfo
GetCurrentProcess
GetOEMCP
LoadLibraryA
CompareStringA
GetDateFormatA
UnhandledExceptionFilter
GetConsoleOutputCP
SetEnvironmentVariableA
GetCurrentProcessId
EnterCriticalSection
HeapDestroy
SetFilePointer
LCMapStringA
EnumResourceTypesA
SetStdHandle
SetEndOfFile
HeapReAlloc
QueryPerformanceCounter
CreateNamedPipeA
HeapCreate
WriteConsoleA
VirtualFree
GetTickCount
GetACP
GetTimeFormatA
ReadFile
GetLocaleInfoA
RaiseException
GetSystemTimeAsFileTime
TerminateProcess
LCMapStringW
RtlUnwind
MultiByteToWideChar
CompareStringW
GetStringTypeW
IsDebuggerPresent
GetStringTypeA

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

advapi32

GetNamedSecurityInfoW
FreeSid
EqualSid
LookupPrivilegeValueA
AdjustTokenPrivileges
IsValidSecurityDescriptor
CreateServiceW
LookupAccountSidW
OpenSCManagerW
QueryServiceConfigW
SetEntriesInAclW
ChangeServiceConfig2W
LookupPrivilegeDisplayNameA
LookupPrivilegeNameA
RegRestoreKeyW
InitializeSecurityDescriptor
IsValidAcl
GetSecurityDescriptorControl
GetInheritanceSourceW
ControlService
AllocateAndInitializeSid
QueryServiceLockStatusW
DeleteService
SetNamedSecurityInfoW
RegQueryValueExW
GetAclInformation
RegEnumKeyExW
RegCreateKeyExW
UnlockServiceDatabase
RegGetKeySecurity
RegDeleteKeyW
QueryServiceStatus
RegOpenKeyExW
EnumDependentServicesW
SetSecurityDescriptorDacl
ChangeServiceConfigW
RegCloseKey
LockServiceDatabase
FreeInheritedFromArray
GetSecurityInfo
SetSecurityInfo
OpenProcessToken
AddAce
CloseServiceHandle
RegDeleteValueW
InitializeAcl
GetTokenInformation
SetEntriesInAclA
StartServiceA
RegSetValueExW
OpenServiceW
GetAce
RegSaveKeyW
RegEnumValueW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1290965ee1989002c2ccea4fee545cf6

Headers

File Characteristics

Imports

mprapi

oleacc

kernel32

shell32

newdev

advapi32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 3KB - Virtual size: 151KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 3KB - Virtual size: 151KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 512B - Virtual size: 4KB