f58fd000cce029f2725a45964ad35d225d09ad46163e5699f4bd809d1d5ae844

Sharing

Copy URL Twitter E-mail

General

Target

f58fd000cce029f2725a45964ad35d225d09ad46163e5699f4bd809d1d5ae844
Size

125KB
MD5

42e4dab9b588b0d8957cc4540ccf2a85
SHA1

0978dbb77125d1511c5fe11064ffc14dab679a5e
SHA256

f58fd000cce029f2725a45964ad35d225d09ad46163e5699f4bd809d1d5ae844
SHA512

b65844a7ad2774f2f472cf59858ba46ce54da0e5da7d25473625b5473af58f24555da4c41b8cbdd8ef9b63bfe07939bd1f0345798792c521e21a7cb76bb049e6
SSDEEP

1536:feNnNQ+Qh+TWZY8wpQPFaBAcnPY2T6kQScZcVL/fi2U49J/rFZA78Rb9dtaSR:p+epp8BAcDzcZKLni2UMLZA78RE

Score

N/A

Malware Config

Signatures

Files

f58fd000cce029f2725a45964ad35d225d09ad46163e5699f4bd809d1d5ae844
.dll windows x86

d3c141bd9c408c2db1069a743cb1359c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReleaseMutex
GetModuleHandleA
GetSystemInfo
WaitForMultipleObjects
DisconnectNamedPipe
GetStartupInfoA
GlobalUnlock
GlobalAlloc
SetFilePointer
UnmapViewOfFile
HeapAlloc
ExitProcess
lstrlenA
MoveFileA
ReadFile
RemoveDirectoryA
GetProcAddress
LocalFree
FindClose
CreateDirectoryA
GetLastError
GetVersionExA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
lstrcpyA
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc

advapi32

GetLengthSid
GetTokenInformation
LookupAccountSidA
DuplicateTokenEx
CreateProcessAsUserA
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
InitializeSecurityDescriptor
AllocateAndInitializeSid
AddAccessAllowedAce
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LsaFreeMemory
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy

msvcrt

malloc
strcmp
_except_handler3
strncpy
wcscpy
strncat
realloc
strcpy
_beginthreadex
calloc
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
strcat
strchr
memcmp
_CxxThrowException
memmove
strstr
strlen
_ftol
__CxxFrameHandler
wcstombs
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_strnset
_strnicmp
_strcmpi

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1_Winit@std@@QAE@XZ

Exports

Exports

CaseKijj
DweJCed
JassNiee
Longer
Qksixmkd
XjewwKif
main

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3c141bd9c408c2db1069a743cb1359c

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 10KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 10KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 7KB - Virtual size: 6KB