5458ad3482247991af6d8f6bd740db6d570c18d6d8c558a72bdac4ad93bc652f

Sharing

Copy URL Twitter E-mail

General

Target

5458ad3482247991af6d8f6bd740db6d570c18d6d8c558a72bdac4ad93bc652f
Size

495KB
MD5

f24f4989c85a580a073f243611cf7670
SHA1

7eeb7e5382ac8992184befaf57d2d87d39c9e534
SHA256

5458ad3482247991af6d8f6bd740db6d570c18d6d8c558a72bdac4ad93bc652f
SHA512

51b6b1b9729db93beef7d4b11b0713b6b3cf4849640ac6098892ce2dd630c7e9583f733a7c162d900d0d40b8f507b8f3cfd0ef6108e92b1fb89bb77491a09af6
SSDEEP

12288:afecPRrFMIAKXqvoahyvMdZ8zDgmmVZASZqG/M:afBPRrlXqvDhymuzEmmvASH/

Score

N/A

Malware Config

Signatures

Files

5458ad3482247991af6d8f6bd740db6d570c18d6d8c558a72bdac4ad93bc652f
.dll windows x86

e102330c5eb803e85c5942ffb24e40e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ElfRegisterEventSourceW
LsaClose
ObjectDeleteAuditAlarmW
QueryRecoveryAgentsOnEncryptedFile
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegReplaceKeyA
ElfOpenEventLogW
GetAccessPermissionsForObjectW
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryValueExA
RegisterEventSourceA
ReportEventA
SetFileSecurityA
SetServiceStatus
CryptContextAddRef
CryptDeriveKey
ElfChangeNotify
GetUserNameA
OpenTraceW
PrivilegedServiceAuditAlarmA
RegFlushKey
AdjustTokenPrivileges
CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptReleaseContext
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
RegLoadKeyW
RegSetValueExW
RegUnLoadKeyW
RevertToSelf
SetSecurityInfo
SetThreadToken
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
AllocateAndInitializeSid
CheckTokenMembership
CryptAcquireContextA
CryptEnumProvidersW
FreeSid
GetSidSubAuthority
ImpersonateLoggedOnUser
LogonUserW
LsaDelete
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
OpenSCManagerW
OpenServiceW
OpenThreadToken
QueryServiceConfigW
RegEnumValueW

kernel32

VirtualAlloc
GetCurrentProcess
InterlockedExchange
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
CancelWaitableTimer
CloseHandle
CreateEventW
CreateIoCompletionPort
DisableThreadLibraryCalls
FormatMessageW
FreeLibrary
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetModuleHandleW
GetProcAddress
GetStdHandle
GetVersionExW
GlobalReAlloc
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
LoadLibraryW
LocalAlloc
MultiByteToWideChar
PeekConsoleInputW
ReadConsoleW
ReplaceFileW
SetConsoleMode
SetEvent
SetThreadPriority
VerLanguageNameA
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcpyW
lstrcpynW
lstrlenW
CreateDirectoryA
CreateEventA
CreateFileA
CreateThread
DnsHostnameToComputerNameA
FormatMessageA
GetCurrentThreadId
GetTempFileNameA
GetThreadSelectorEntry
GetVersion
LoadLibraryA
LocalFree
LocalReAlloc
ReadFile
SetFilePointer
SetTapePosition
FoldStringW
GetComputerNameExW
GetEnvironmentStringsA
GetFileSize
HeapLock
GetModuleFileNameA
CopyFileW
GenerateConsoleCtrlEvent
GetDiskFreeSpaceExW
GetFileAttributesW
GetSystemWindowsDirectoryW
GetWindowsDirectoryW
InterlockedIncrement
IsValidLocale
OutputDebugStringA
SetFileAttributesW
TlsGetValue
GetConsoleTitleA
GetFullPathNameW
GetModuleFileNameW
GetProcessHeap
QueryDosDeviceW
SwitchToThread
CreateFileW
DeleteFileA
DeleteFileW
DuplicateHandle
EnumLanguageGroupLocalesW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
GetCPInfoExA
GetCurrentProcessId
GetCurrentThread
GetDateFormatA
GetLocalTime
GetProcessVersion
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTempFileNameW
GetTickCount
GetTimeFormatA
GetVersionExA
InterlockedDecrement
LocalSize
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RegisterWaitForSingleObject
SetCommTimeouts
SetEndOfFile
SetTimeZoneInformation
SystemTimeToFileTime
UnmapViewOfFile
UnregisterWaitEx
WriteConsoleInputA
ExitProcess
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
VirtualFree
VirtualProtect
GetSystemInfo
VirtualQuery
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
CompareStringA
GetCPInfo
CompareStringW
HeapSize
GetCommandLineA
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
GetConsoleCP
ReadConsoleInputW
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
GetTimeZoneInformation
TlsAlloc
TlsSetValue
TlsFree
SetLastError
IsDebuggerPresent
SetConsoleCtrlHandler
HeapCreate
HeapDestroy
RaiseException
GetModuleHandleA
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
GetCurrentDirectoryA
SetCurrentDirectoryA
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetDriveTypeA
FindFirstFileA
GetUserDefaultLCID
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
WriteConsoleA
GetLocaleInfoW
GetFullPathNameA
GetExitCodeProcess
CreateProcessW
FlushFileBuffers
CreateProcessA
GetFileAttributesA
SetEnvironmentVariableA
SetEnvironmentVariableW

ole32

HENHMETAFILE_UserSize
CoRegisterMessageFilter
CoGetMalloc
UpdateDCOMSettings
OleSetContainedObject
HMENU_UserFree
CreateAntiMoniker
CoRegisterClassObject
CoGetObject
FmtIdToPropStgName
CreateStreamOnHGlobal

oleaut32

VarUI2FromI1
VarDateFromI2
SysAllocStringByteLen
VarCyMulI4
VarUI1FromI1
VarSu
VarI4FromUI2
VarBoolFromUI1
SafeArrayCreate
OleCreatePropertyFrameIndirect
VarDecNeg
OACreateTypeLib2

shell32

DragQueryFileAorW
SHGetFolderPathA
ShellHookProc
ShellExecuteW
CommandLineToArgvW

Exports

Exports

apgg

Sections

.text
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e102330c5eb803e85c5942ffb24e40e6

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 382KB - Virtual size: 381KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 26KB - Virtual size: 39KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 382KB - Virtual size: 381KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 26KB - Virtual size: 39KB

.reloc
Size: 17KB - Virtual size: 17KB