bedfa42f14e7131031af6858eed7318a0c28bf6a0f9d1f7df1fd592f8bf59180

Sharing

Copy URL

Twitter E-mail

General

Target

bedfa42f14e7131031af6858eed7318a0c28bf6a0f9d1f7df1fd592f8bf59180
Size

228KB
MD5

06f13daa2746b75fa3d94f055ff133c0
SHA1

fb0ca3351ee032d12208eda20924f7b86da1fb0c
SHA256

bedfa42f14e7131031af6858eed7318a0c28bf6a0f9d1f7df1fd592f8bf59180
SHA512

26bb867157214548310dac2b792e9fa08b1ad74b66558360048a4d6966a298127040b3752f20ef9aae67724a53fb0206a2d74546e7f30d7ae70d37d38031e73e
SSDEEP

6144:N6RcIvEECQ3T88MjfmC0zvCsGQWhOKKZ7sZOAHP:k62d3T8XTUzvCsGQWhOKKy

Score

N/A

Malware Config

Signatures

Files

bedfa42f14e7131031af6858eed7318a0c28bf6a0f9d1f7df1fd592f8bf59180
.exe windows x86

6e22befec1a1d17640df76cfab4a4cfc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LockServiceDatabase
AddAccessDeniedAceEx
SystemFunction030
GetAclInformation
RegOpenKeyExA
RegCloseKey
MSChapSrvChangePassword
RegCreateKeyExA
LsaEnumeratePrivileges
RegSetValueExA
SetSecurityDescriptorControl
SystemFunction016
OpenThreadToken
AddUsersToEncryptedFile
LsaICLookupNamesWithCreds
RegDeleteValueA

user32

GetLastActivePopup
TabbedTextOutA
DdeEnableCallback
GetCursorPos
WinHelpA
PostQuitMessage
CharUpperA
EndPaint
SetWindowPos
GetMessagePos
GetDlgCtrlID
ValidateRect
BeginPaint
GetSystemMetrics
RemovePropA
PeekMessageA
GetActiveWindow
UnhookWindowsHookEx
GetMenuItemID
IsWindowEnabled
GetMenuState
DispatchMessageA
GetDC
GetForegroundWindow
PtInRect
ShowWindow
GetPropA
UnregisterClassA
SetWindowLongA
GetMenuCheckMarkDimensions
GetClassInfoA
DrawIcon
GetMessageA
GetSysColorBrush
GetWindowTextLengthA
LoadIconA
CreateWindowExA
GetWindowPlacement
IsIconic
IsWindow
GetFocus
GetClientRect
EndDialog
ClientToScreen
ExitWindowsEx
SendDlgItemMessageA
EnableMenuItem
GetSysColor
CreateDialogIndirectParamA
wsprintfA
GetCapture
CopyRect
SetForegroundWindow
SetPropA
MapWindowPoints
PostMessageA
CallWindowProcA
GetClassNameA
GetSubMenu
RegisterClassA
SystemParametersInfoA
SetWindowTextA
UpdateWindow
GetParent
DefWindowProcA
MessageBoxA
DestroyWindow
LoadCursorA
GetWindowRect
SetMenuItemBitmaps
IsWindowVisible
GetKeyState
TranslateMessage
CallNextHookEx
LoadStringA
GetWindowLongA
ReleaseDC
GetMenuItemCount
EnableWindow
GetTopWindow
LoadBitmapA
DestroyMenu
ModifyMenuA
CheckMenuItem
GetMenu
IsDialogMessageA
SetActiveWindow
GrayStringA
GetWindowTextA
GetWindow
SetWindowsHookExA
SendMessageA
GetDlgItem

kernel32

LCMapStringW
EnterCriticalSection
GlobalFlags
VirtualAlloc
TlsGetValue
UnhandledExceptionFilter
WritePrivateProfileStringA
SetFileAttributesA
ReleaseActCtx
GetWindowsDirectoryA
DeleteFileA
TlsFree
LocalFree
SystemTimeToFileTime
SetEndOfFile
LoadLibraryA
GetCurrentDirectoryA
FindFirstFileA
IsBadReadPtr
SetEnvironmentVariableA
LocalAlloc
LocalReAlloc
FreeEnvironmentStringsW
GetLastError
SetFilePointer
SetConsoleScreenBufferSize
LoadResource
GetVersionExA
IsDebuggerPresent
GetProcessVersion
GlobalDeleteAtom
FreeEnvironmentStringsA
InterlockedIncrement
SetConsoleTextAttribute
LeaveCriticalSection
LCMapStringA
SetHandleCount
RaiseException
LockResource
FileTimeToLocalFileTime
SetStdHandle
GlobalGetAtomNameA
SetCurrentDirectoryA
WideCharToMultiByte
HeapDestroy
TlsAlloc
GetCurrentThreadId
MultiByteToWideChar
SetLastError
GetCommandLineA
Toolhelp32ReadProcessMemory
GlobalHandle
InitializeSListHead
RtlUnwind
MulDiv
GetCurrentThread
FatalExit
GlobalLock
GetACP
FlushInstructionCache
GetDriveTypeA
FindNextFileA
CloseHandle
GetEnvironmentStringsA
CreateFileA
GetOEMCP
GetEnvironmentVariableA
GetThreadLocale
WriteFile
GlobalUnlock
GetFileSize
VirtualFree
GetStringTypeA
CompareStringW
SetUnhandledExceptionFilter
HeapFree
lstrcmpA
UnlockFile
SetErrorMode
SetTimeZoneInformation
FindClose
GetTimeZoneInformation
LockFile
SetConsoleCursorInfo
SetConsoleCursorPosition
lstrcmpiA
GetProcAddress
Beep
GlobalFree
IsBadWritePtr
LocalUnlock
SystemTimeToTzSpecificLocalTime
Sleep
GetFileTime
ReadFile
GlobalAddAtomA
GlobalAlloc
ExitProcess
FlushFileBuffers
GetCPInfo
lstrlenA
GetModuleFileNameA
GetVolumeInformationA
InterlockedDecrement
HeapCreate
GetFileType
GetEnvironmentStringsW
HeapSize
lstrcpynA
DeleteCriticalSection
GlobalFindAtomA
ClearCommError
DuplicateHandle
IsValidLocale
GetFullPathNameA
GetStdHandle
GetVersion
GetSystemDirectoryA
FreeLibrary
FileTimeToSystemTime
TlsSetValue
lstrcatA
LocalFileTimeToFileTime
GetModuleHandleA
HeapReAlloc
CompareStringA
GetFileAttributesA
HeapAlloc
SetSystemTime
IsBadCodePtr
InitializeCriticalSection
GetCurrentProcess
DosDateTimeToFileTime
lstrcpyA
GetStartupInfoA
FindResourceA
GetStringTypeW

winmm

waveOutGetPitch
mixerOpen
timeGetSystemTime
mmioAdvance

gdi32

SaveDC
ScaleViewportExtEx
SetViewportExtEx
CreateDIBitmap
SetMapMode
RestoreDC
ExtTextOutA
SetWindowExtEx
CreateEllipticRgn
PtInRegion
GetDeviceCaps
SelectClipRgn
DeleteObject
GdiPlayDCScript
RoundRect
DeleteDC
CreateBitmap
TextOutA
GetRelAbs
GetClipBox
EnumEnhMetaFile

comdlg32

GetFileTitleA
dwOKSubclass

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e22befec1a1d17640df76cfab4a4cfc

Headers

File Characteristics

Imports

advapi32

user32

kernel32

winmm

gdi32

comdlg32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 10KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 10KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 2KB