af5b9aea6f30ad244e5ff11b0b97c832a8fe45e6d57ba64afac7cb0970c97513

Sharing

Copy URL Twitter E-mail

General

Target

af5b9aea6f30ad244e5ff11b0b97c832a8fe45e6d57ba64afac7cb0970c97513
Size

108KB
MD5

3f6dfc7b334151361603d4ed4904f18f
SHA1

9334183f0893ca1033f070fc78c00960ba922dad
SHA256

af5b9aea6f30ad244e5ff11b0b97c832a8fe45e6d57ba64afac7cb0970c97513
SHA512

b0deffe2e44b901c5a87216738bc057b870cdfd57e9a36e5767270525131e915c4e5979aa4e1517405c0015530dfc0ce797c9802b492bedc65fb06e548a1388b
SSDEEP

1536:aGBs4QBip3sCXOlywLkiVXGKniwJxxxP1zC4Ha5Oh+w87ui2uCcEuWHeN:aL4Q8JsCedLXLrJ7x9zn/87TTCNuWHo

Score

N/A

Malware Config

Signatures

Files

af5b9aea6f30ad244e5ff11b0b97c832a8fe45e6d57ba64afac7cb0970c97513
.exe windows x86

e2f1000d31e7cde9a46e9f5b1a56321c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommState
GetStringTypeExW
_lopen
GetGeoInfoA

gdi32

Ellipse
SetWorldTransform
SetPixel
GetTextFaceA
CopyEnhMetaFileW
GetTextCharsetInfo
Polygon
GetEnhMetaFileHeader
CloseEnhMetaFile
SaveDC
PatBlt
PlayEnhMetaFile
CreatePen
CreateFontA
GetEnhMetaFileBits
ExtFloodFill
ExtCreateRegion
GetTextMetricsA
EndPage
CreateBitmap
SetTextCharacterExtra
GetTextExtentPoint32W
GetClipBox
GdiFlush
StartPage
GetObjectA
CreateRoundRectRgn
LPtoDP
CreateDCA
SelectClipRgn
GetObjectW
SetRectRgn
RestoreDC

advapi32

LsaFreeMemory
InitializeSid
RegUnLoadKeyW
CopySid
RevertToSelf
GetAce
RegCreateKeyW
AddAce
GetKernelObjectSecurity
RegCreateKeyA
SetSecurityDescriptorSacl
RegisterEventSourceA
RegSetValueExA
RegQueryValueW
AllocateAndInitializeSid
RegDeleteKeyA
RegOpenKeyExA
SetEntriesInAclW
LookupAccountNameW
QueryServiceConfigW
CreateProcessAsUserW
SetSecurityDescriptorOwner
CloseServiceHandle
RegSetValueExW
GetSidSubAuthorityCount
StartServiceCtrlDispatcherW
StartServiceA
RegCreateKeyExW
RegQueryValueA
OpenSCManagerA
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegConnectRegistryA
LsaQueryInformationPolicy
RegOpenKeyExW

urlmon

HlinkGoForward
URLOpenPullStreamW
MkParseDisplayNameEx
HlinkSimpleNavigateToString
IsLoggingEnabledA
URLDownloadToCacheFileW
HlinkNavigateString
WriteHitLogging
CreateAsyncBindCtxEx
RegisterFormatEnumerator
CoInternetCreateSecurityManager
CreateAsyncBindCtx
RegisterMediaTypeClass
CoInternetCreateZoneManager
CoInternetGetSecurityUrl
HlinkNavigateMoniker
RegisterMediaTypes
CoInternetParseUrl
URLOpenBlockingStreamW
RevokeBindStatusCallback
GetClassFileOrMime
ReleaseBindInfo
IsAsyncMoniker
CoInternetQueryInfo
IsValidURL
CoInternetGetSession

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2f1000d31e7cde9a46e9f5b1a56321c

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

urlmon

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 42KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 42KB

.rsrc
Size: 16KB - Virtual size: 15KB