f7c8021a54b2893bb832d405ae520e22033e498085618cdeeae274a50900c0a8

Sharing

Copy URL Twitter E-mail

General

Target

f7c8021a54b2893bb832d405ae520e22033e498085618cdeeae274a50900c0a8
Size

45KB
MD5

078977e70802a2b7f1dae450f61a16e1
SHA1

92131c244d546229c78f5f269486ac8b1d5b896e
SHA256

f7c8021a54b2893bb832d405ae520e22033e498085618cdeeae274a50900c0a8
SHA512

f000f77c10cf731972824dd48852ef9ac61daa4eb21edf9ba4971114127b701b9057a3342713a24bc28b2e22daae703639d80fa5946e2ca381b0ce9ffaf2adbf
SSDEEP

768:odCwu5OB6c0t0fmKCeMDykZGMpIbVKVmbWSDLrHNf2:oHu5OrY8wDyQG9kVLMlf2

Score

N/A

Malware Config

Signatures

Files

f7c8021a54b2893bb832d405ae520e22033e498085618cdeeae274a50900c0a8
.exe windows x86

95572abb8026184d10dafbd756aa7ece

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
GetCommandLineW
WriteFileGather
GetHandleInformation
GlobalAddAtomA
GetConsoleSelectionInfo
GetSystemDefaultUILanguage
DosPathToSessionPathA
UnlockFile
RegisterConsoleIME
CommConfigDialogW
UnregisterWaitEx
MapViewOfFileEx
LoadLibraryExA
CloseConsoleHandle
GlobalFlags
LocalFree
GetVersion
GetModuleHandleW
IsBadHugeWritePtr
SetConsoleCursor
FileTimeToSystemTime
GetProfileSectionA
DuplicateHandle
LoadLibraryA
GetPrivateProfileSectionW
GetModuleFileNameA
PrivCopyFileExW
FindResourceA
CreateMutexA
GetProcessIoCounters
GetFileSize
AllocateUserPhysicalPages
AttachConsole
GetProcessVersion
lstrcpyA
DefineDosDeviceA
GetFileType
GetDiskFreeSpaceExA
InterlockedIncrement
VirtualAlloc
SetCalendarInfoW
SetEndOfFile
InterlockedExchange
GetModuleHandleA
MapUserPhysicalPagesScatter
IsBadHugeReadPtr
AddAtomW
GetConsoleCharType
OpenProfileUserMapping
CreateJobSet
lstrlenW
GetSystemWow64DirectoryW
GetNextVDMCommand
GetLogicalDrives
ReadFileScatter
GetTickCount
LZOpenFileA
GetPrivateProfileStructW
GetEnvironmentVariableA
QueueUserWorkItem
OpenSemaphoreW
GetConsoleCP
LCMapStringA

ntdll

NtNotifyChangeKey
NtDeleteValueKey
ZwUnlockVirtualMemory
RtlUpcaseUnicodeStringToAnsiString
NtCreateProfile
RtlFindActivationContextSectionString
strncpy
RtlZeroMemory
NtShutdownSystem
toupper
RtlConvertToAutoInheritSecurityObject
RtlExpandEnvironmentStrings_U
RtlCreateHeap
RtlCompareString
ZwOpenEventPair
RtlRemoveVectoredExceptionHandler
towupper
ZwWaitForSingleObject
RtlSetSecurityObject
RtlMakeSelfRelativeSD
ZwIsProcessInJob
NtStartProfile
ZwSetSystemEnvironmentValueEx
ZwSetInformationToken
RtlUniform
NtOpenThreadToken
RtlpUnWaitCriticalSection
RtlRunDecodeUnicodeString
RtlFindClearRuns
NtRequestWaitReplyPort
KiUserApcDispatcher
ZwLockRegistryKey
RtlDllShutdownInProgress

msi

MsiConfigureFeatureFromDescriptorA
MsiGetFeatureStateA
MsiSetComponentStateA
MsiRecordDataSize
MsiDatabaseGenerateTransformW
MsiRecordSetStringA
MsiQueryProductStateA
MsiGetProductInfoA
MsiDatabaseGenerateTransformA
MsiProcessAdvertiseScriptA
MsiProvideComponentFromDescriptorA
MsiGetProductCodeFromPackageCodeW
MsiSequenceW
MsiGetLastErrorRecord
MsiSetTargetPathW
MsiInstallMissingComponentA
MsiViewClose
MsiSetInstallLevel
MsiGetPropertyA
MsiQueryFeatureStateW
MsiViewGetErrorW
MsiVerifyPackageW
MsiDatabaseExportA
MsiInstallProductW
MsiIsProductElevatedW
MsiSetFeatureStateA
MsiGetComponentPathW
MsiDatabaseMergeW
MsiGetFeatureUsageW
MsiLocateComponentA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rhcrfoj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95572abb8026184d10dafbd756aa7ece

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

msi

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 260B

.rsrc Size: 2KB - Virtual size: 30KB

rhcrfoj Size: - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 260B

.rsrc
Size: 2KB - Virtual size: 30KB

rhcrfoj
Size: - Virtual size: 4KB