a40d7a2b2b85503e075ace6b9580a5e859c30f95cad2353a21bc8910b34f1a8a

Sharing

Copy URL Twitter E-mail

General

Target

a40d7a2b2b85503e075ace6b9580a5e859c30f95cad2353a21bc8910b34f1a8a
Size

261KB
MD5

ac0461df75becfd2057b45207c550c72
SHA1

0a0db2ff4eefd7396ef5f450f2f297456bba58e4
SHA256

a40d7a2b2b85503e075ace6b9580a5e859c30f95cad2353a21bc8910b34f1a8a
SHA512

752b471ea5ccbf1aa86836862ba50f0cbd8b128ff7f69ac2b7cd29e4718f8ca307efe9200dfb4689abd43a9bd63398f91a15c54abd01d59dd7109d5a13f9dbd9
SSDEEP

6144:1UEbgdvpw/cy2XG7QD9BT+8eL0bMg3IP9qhayF:1FbgdBHy2nDX+L2MChay

Score

N/A

Malware Config

Signatures

Files

a40d7a2b2b85503e075ace6b9580a5e859c30f95cad2353a21bc8910b34f1a8a
.exe windows x86

50626e8664119804eee75464633cff2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperW
GetSystemMetrics
CharLowerW
wsprintfA
CharToOemBuffA
CharUpperA
ExitWindowsEx
OemToCharBuffA
CharLowerA

shlwapi

PathUnExpandEnvStringsW
PathUnExpandEnvStringsA
PathIsRootW
StrCatW
SHRegGetUSValueW
StrRetToBufW
PathFindNextComponentA
PathIsRootA
PathSetDlgItemPathW
DllGetVersion
StrTrimA
SHLoadIndirectString
PathSkipRootA
StrStrA
SHRegGetPathW
StrToIntA
PathSearchAndQualifyW
PathIsUNCServerA
StrToIntExW
SHRegDeleteUSValueA
SHGetValueW
StrChrIA
ColorAdjustLuma
PathCommonPrefixW
PathFindFileNameW
wnsprintfA
UrlIsOpaqueA
PathCreateFromUrlA
PathIsLFNFileSpecA
SHEnumValueW
StrCSpnIW
PathRemoveExtensionW
PathIsContentTypeW
UrlCombineW
PathGetDriveNumberA
UrlCombineA
StrChrA
PathIsFileSpecA
SHRegQueryInfoUSKeyW
StrSpnW
PathRemoveBlanksA
UrlApplySchemeA
PathMakeSystemFolderA
PathStripToRootW
HashData

kernel32

VirtualAlloc
lstrcpyA
OpenEventA
HeapAlloc
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapSize
VirtualUnlock
OpenMutexA
VirtualFree
CreateMutexA
GetTempFileNameA
QueryPerformanceFrequency
GetSystemDirectoryA
GetProcessHeap
GetModuleHandleA
lstrcpyW
EnterCriticalSection
OutputDebugStringA
ReleaseMutex
ReleaseSemaphore
VirtualProtect
LeaveCriticalSection
GetCurrentThreadId
GetTempPathA
GetSystemInfo
ResetEvent
CreateSemaphoreW
CloseHandle
FreeLibrary
GetModuleHandleW
UnhandledExceptionFilter
CreateEventA
GlobalMemoryStatusEx
HeapReAlloc
HeapDestroy
PulseEvent
DeleteCriticalSection
OpenProcess
VirtualLock
SetUnhandledExceptionFilter
ExpandEnvironmentStringsW
HeapFree
WideCharToMultiByte
GetWindowsDirectoryA
WaitForSingleObject
ExpandEnvironmentStringsA
HeapValidate
SleepEx
CreateSemaphoreA
OpenSemaphoreA
GlobalMemoryStatus
SetErrorMode
WaitForSingleObjectEx
GetStartupInfoW
VirtualAllocEx

advapi32

SetSecurityDescriptorDacl
SetThreadToken
GetTokenInformation
AdjustTokenPrivileges
LookupAccountSidA
AddAccessAllowedAce
EqualSid
SetSecurityDescriptorSacl
FreeSid
InitializeSecurityDescriptor
ImpersonateLoggedOnUser
GetUserNameA
CopySid
DuplicateTokenEx
DuplicateToken
InitializeAcl
GetLengthSid
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
RevertToSelf
LookupPrivilegeValueA

iassvcs

IASGetLocalDictionary
IASAdler32

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WDpJ
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DMky
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DtKwa
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rKlm
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EzVx
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.focYZls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.POhCm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VjpHGn
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dqdWq
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qLii
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50626e8664119804eee75464633cff2a

Headers

DLL Characteristics

File Characteristics

Imports

user32

shlwapi

kernel32

advapi32

iassvcs

Sections

.text Size: 20KB - Virtual size: 20KB

.WDpJ Size: 2KB - Virtual size: 2KB

.DMky Size: 1KB - Virtual size: 1KB

.DtKwa Size: 2KB - Virtual size: 1KB

.rKlm Size: 512B - Virtual size: 161B

.rdata Size: 4KB - Virtual size: 3KB

.EzVx Size: 1KB - Virtual size: 1KB

.data Size: 213KB - Virtual size: 1.4MB

.focYZls Size: 1KB - Virtual size: 1KB

.POhCm Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.VjpHGn Size: 1024B - Virtual size: 951B

.dqdWq Size: 3KB - Virtual size: 2KB

.qLii Size: 3KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.WDpJ
Size: 2KB - Virtual size: 2KB

.DMky
Size: 1KB - Virtual size: 1KB

.DtKwa
Size: 2KB - Virtual size: 1KB

.rKlm
Size: 512B - Virtual size: 161B

.rdata
Size: 4KB - Virtual size: 3KB

.EzVx
Size: 1KB - Virtual size: 1KB

.data
Size: 213KB - Virtual size: 1.4MB

.focYZls
Size: 1KB - Virtual size: 1KB

.POhCm
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.VjpHGn
Size: 1024B - Virtual size: 951B

.dqdWq
Size: 3KB - Virtual size: 2KB

.qLii
Size: 3KB - Virtual size: 2KB