fe8c145c98fc5218a4a8401863402723c2ee7d3a2d90a40543b1d11937ea961d

General

Target

fe8c145c98fc5218a4a8401863402723c2ee7d3a2d90a40543b1d11937ea961d
Size

884KB
MD5

81ac54b3ef1ae5c567e4c51acee0ea28
SHA1

052bd56d3d62b0cd0cfa94a862ec1f3c762fde74
SHA256

fe8c145c98fc5218a4a8401863402723c2ee7d3a2d90a40543b1d11937ea961d
SHA512

0920e87fe8bcd9760e91132f2295e5049d0fd4acd628b100fe932d9c5ffcda87bc0f384ecc97e62331aa25a80d3ab0867988bbe5f12d9eb9e2749af52b5c8eae
SSDEEP

12288:EVK1IwVFVSYyTHgqk0eApi8asDw3sukygh1zQzzBtQGqN3BtnVEzrNudJcKy:ww7VHyTKnRJQ/glq3ZeZO

Score

N/A

Malware Config

Signatures

Files

fe8c145c98fc5218a4a8401863402723c2ee7d3a2d90a40543b1d11937ea961d
.exe windows x86

6ce6ab6a73639c51f8da286abbd4d85d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

LsaSetSecret
CryptAcquireContextW
AreAnyAccessesGranted
WriteEncryptedFileRaw
RegSetValueExA
RegLoadKeyW
SystemFunction029
CryptVerifySignatureA
RegNotifyChangeKeyValue
CryptGetKeyParam
InitializeAcl
LsaEnumerateAccountRights

setupapi

pSetupStringTableEnum
SetupInstallFromInfSectionW
SetupGetSourceInfoW
SetupQueueCopyIndirectW
SetupDiGetWizardPage
pSetupStringTableDestroy
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInfoListDetailA
SetupGetTargetPathW

netapi32

NetLocalGroupGetMembers
NetStatisticsGet
NetUserAdd
NetServiceEnum
NetUseDel
NetGroupAdd
NetWkstaUserEnum
NetConnectionEnum
NetLocalGroupAddMembers
NetShareGetInfo

kernel32

ReleaseSemaphore
SetProcessPriorityBoost
VirtualAlloc
RtlZeroMemory
SuspendThread
CreateProcessA
LoadResource
DeleteFiber
SetEvent
OpenEventA
SetConsoleTextAttribute
Sleep
EnumSystemLanguageGroupsA
HeapWalk
GetSystemDirectoryA
GetFileInformationByHandle
GetFileType
GetCommState

shell32

SHBrowseForFolderW
SHFormatDrive
SHChangeNotify
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteA
SHBindToParent
SheChangeDirExW
SHGetFolderLocation
ShellExecuteW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Sgzf
Size: 737KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ce6ab6a73639c51f8da286abbd4d85d

Headers

File Characteristics

Imports

advapi32

setupapi

netapi32

kernel32

shell32

Sections

.text Size: 25KB - Virtual size: 24KB

.Sgzf Size: 737KB - Virtual size: 1.2MB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 512B - Virtual size: 206B

.text
Size: 25KB - Virtual size: 24KB

.Sgzf
Size: 737KB - Virtual size: 1.2MB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 512B - Virtual size: 206B