a922a112fbcb17d87abfef600a9862087d6a2a121a35c32ede6250e0971a9539

Sharing

Copy URL Twitter E-mail

General

Target

a922a112fbcb17d87abfef600a9862087d6a2a121a35c32ede6250e0971a9539
Size

249KB
MD5

ff79f1541a63d0ac15607037a128e35a
SHA1

cdc51ad7beeb6705109d66d6f8a369f84f1c1115
SHA256

a922a112fbcb17d87abfef600a9862087d6a2a121a35c32ede6250e0971a9539
SHA512

7d3fb35483efe3b12c05841fe82378460d9913a4efd149506ed938623d1e10d6f6d944e1ad1e89420b6ff42e946303596f5f5fc8eb3ada80742e2d3a1b9e83d1
SSDEEP

6144:6O0B+atbcA+9uMUpUz+7TdgPcTfBS4ymsAI/:VpDf9u/UQdgPEJQm

Score

N/A

Malware Config

Signatures

Files

a922a112fbcb17d87abfef600a9862087d6a2a121a35c32ede6250e0971a9539
.exe windows x86

c4e58450a03f6132bf4afec772f514cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersAddresses
GetTcpTable
GetUdpTable
GetAdaptersInfo
NotifyAddrChange
GetIpAddrTable
GetIpForwardTable
SendARP
GetIpNetTable
NotifyRouteChange

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

ws2_32

WSACleanup
ntohs
WSAStartup
inet_addr

rpcrt4

RpcRevertToSelf
UuidCreate
RpcImpersonateClient

advapi32

GetTraceEnableLevel
GetSidSubAuthorityCount
QueryServiceConfigW
RegSetValueExW
GetSidSubAuthority
StartServiceW
QueryServiceStatusEx
OpenProcessToken
GetTraceLoggerHandle
ControlService
CloseServiceHandle
ControlTraceW
RegOpenKeyExW
UnregisterTraceGuids
GetTraceEnableFlags
RegisterTraceGuidsW
TraceMessage
RegCloseKey
GetTokenInformation
OpenServiceW
OpenSCManagerW
RegQueryValueExW

user32

TranslateMessage
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW

oleaut32

SysAllocString
VariantInit
SafeArrayCreate
VariantClear
SafeArrayDestroy
SysFreeString

kernel32

FormatMessageW
RaiseException
SetFileAttributesW
SetLastError
HeapDestroy
DeviceIoControl
SizeofResource
WaitForSingleObject
GetCurrentThreadId
FindResourceExW
CreateSemaphoreW
GetFileSize
lstrlenA
LockResource
IsDebuggerPresent
LoadLibraryExW
FindResourceW
EnterCriticalSection
GetSystemTime
FreeLibrary
HeapReAlloc
LocalAlloc
lstrlenW
WriteFile
GetSystemTimeAsFileTime
HeapFree
SetEndOfFile
LeaveCriticalSection
DeleteFileW
HeapSize
OpenProcess
GetProcessHeap
LoadResource
GetACP
WideCharToMultiByte
CreateFileW
SetFilePointer
CreateEventW
ReleaseSemaphore
HeapAlloc
SetUnhandledExceptionFilter
ReadFile
CloseHandle
FileTimeToSystemTime
DeleteCriticalSection
UnhandledExceptionFilter
HeapCreate
VirtualAllocEx

shlwapi

PathAddBackslashW

esent

JetStopServiceInstance
JetEndSession
JetSetTableSequential
JetReadFile
JetIndexRecordCount
JetAttachDatabase2
JetSetCurrentIndex4
JetDeleteColumn2
JetGetIndexInfo
JetAttachDatabaseWithStreaming
JetEscrowUpdate

htui

HTUI_DeviceColorAdjustmentW
HTUI_DeviceColorAdjustmentA
HTUI_DeviceColorAdjustment

Sections

.ZgMO
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PiMSc
Size: 512B - Virtual size: 399B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sGVoZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DzUhR
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kZOw
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YZPVkVz
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Lciaj
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JwDw
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4e58450a03f6132bf4afec772f514cf

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

ole32

ws2_32

rpcrt4

advapi32

user32

oleaut32

kernel32

shlwapi

esent

htui

Sections

.ZgMO Size: 1024B - Virtual size: 16KB

.text Size: 16KB - Virtual size: 15KB

.PiMSc Size: 512B - Virtual size: 399B

.sGVoZ Size: 3KB - Virtual size: 2KB

.DzUhR Size: 1024B - Virtual size: 516B

.data Size: 7KB - Virtual size: 59KB

.kZOw Size: 2KB - Virtual size: 2KB

.rdata Size: 209KB - Virtual size: 208KB

.YZPVkVz Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.Lciaj Size: 2KB - Virtual size: 2KB

.JwDw Size: 1024B - Virtual size: 518B

.ZgMO
Size: 1024B - Virtual size: 16KB

.text
Size: 16KB - Virtual size: 15KB

.PiMSc
Size: 512B - Virtual size: 399B

.sGVoZ
Size: 3KB - Virtual size: 2KB

.DzUhR
Size: 1024B - Virtual size: 516B

.data
Size: 7KB - Virtual size: 59KB

.kZOw
Size: 2KB - Virtual size: 2KB

.rdata
Size: 209KB - Virtual size: 208KB

.YZPVkVz
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.Lciaj
Size: 2KB - Virtual size: 2KB

.JwDw
Size: 1024B - Virtual size: 518B