af4dc762a4c3dadd7edb7adf9bd5e512956648112ca68cb21274345bf5c2f7d9

Sharing

Copy URL Twitter E-mail

General

Target

af4dc762a4c3dadd7edb7adf9bd5e512956648112ca68cb21274345bf5c2f7d9
Size

1.2MB
MD5

8ef9f385d1187a86f031bd8058f9064a
SHA1

f66ae08bfaf6383b71dab09b912bcd8ee0791ae9
SHA256

af4dc762a4c3dadd7edb7adf9bd5e512956648112ca68cb21274345bf5c2f7d9
SHA512

859211f5967c92608c9fe1a1d7afe8e2e816a96b48451fd0b91f333e2e9237c41d1bbb75f24a9d1f2a282df36141ebf1a177e66c577dae78083301a1a11c82ef
SSDEEP

24576:tY9KZrYxvyycV0aKriWDZhDRYO5mm0AFNF:N0vyZmaKO8L1YOJpF

Score

N/A

Malware Config

Signatures

Files

af4dc762a4c3dadd7edb7adf9bd5e512956648112ca68cb21274345bf5c2f7d9
.exe windows x86

ac40eac5b1713201fc18b8202d53f887

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSetClipboard
CoGetInstanceFromFile
StringFromGUID2
StgCreatePropStg
OleCreateEmbeddingHelper
OleCreateMenuDescriptor
CoIsHandlerConnected
CLSIDFromString
HICON_UserFree

imm32

ImmDestroyContext
ImmUnregisterWordW
ImmSetCompositionFontA
ImmGetDescriptionA
ImmGetConversionStatus
ImmSetCompositionStringA
ImmRegisterWordA
ImmGetConversionListW
ImmEnumRegisterWordA

comdlg32

GetFileTitleW
GetSaveFileNameA
GetFileTitleA

ntdsapi

DsReplicaDelW
DsBindA
DsBindWithSpnW
DsReplicaSyncAllW
DsUnquoteRdnValueA

urlmon

CoInternetGetProtocolFlags
HlinkNavigateMoniker
CoInternetGetSession
HlinkGoBack

pdh

PdhBrowseCountersW
PdhGetDataSourceTimeRangeA
PdhGetLogFileSize

mprapi

MprInfoBlockRemove
MprInfoBlockAdd

clusapi

SetClusterResourceName
ClusterOpenEnum
ClusterRegOpenKey
ClusterRegQueryInfoKey
CloseClusterResource
ClusterResourceTypeCloseEnum

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDriverInfoList
SetupCommitFileQueueA
SetupCopyOEMInfW
SetupInstallServicesFromInfSectionExW
SetupRemoveInstallSectionFromDiskSpaceListA
SetupDiCancelDriverInfoSearch
SetupFindNextMatchLineW
SetupDiCallClassInstaller

shell32

ExtractAssociatedIconW
SHFileOperationW
DuplicateIcon

oleaut32

VarCyFromI1
VarUI2FromR4

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetTimeZoneInformation
ReadFile
SetEndOfFile
FlushFileBuffers
QueryPerformanceCounter
VirtualProtect
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetVersionExA
GetCommandLineA
LoadLibraryA
InterlockedExchange
FreeLibrary
Sleep
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetSystemInfo
SetConsoleOutputCP
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
CloseHandle
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapCreate
HeapDestroy
HeapReAlloc
HeapFree
GetConsoleMode
GetConsoleCP
FatalAppExitA
GetModuleFileNameA
ExitProcess
VirtualAlloc
VirtualFree
lstrcmpiW
LoadLibraryW
lstrlenW
GetModuleHandleW
GetPrivateProfileIntW
GetCurrentProcess
ExitThread
MoveFileExA
GetFullPathNameW
GetFileInformationByHandle
GetLogicalDriveStringsW
SetNamedPipeHandleState
WriteConsoleW
ReadFileScatter
DeleteTimerQueueEx
WritePrivateProfileSectionW
RegisterWaitForSingleObject
SetMailslotInfo
LocalReAlloc
CreateNamedPipeW
SetVolumeMountPointA
GetDiskFreeSpaceW
MoveFileWithProgressW
SetTapeParameters
CreateActCtxA
GetCPInfoExW
InitializeSListHead
SetFilePointer
VirtualQuery
SetProcessWorkingSetSize
SetFirmwareEnvironmentVariableA
TerminateProcess
SetProcessAffinityMask
EnumResourceTypesW
WTSGetActiveConsoleSessionId
SetStdHandle
GetSystemDefaultUILanguage
GetDiskFreeSpaceExW
GetProcessHeap
DisconnectNamedPipe
GetOverlappedResult
WriteFile
WaitForSingleObjectEx
FreeResource
GetModuleFileNameW
lstrcmpiA
CreateWaitableTimerW
DeleteTimerQueue
CreateFileA
SleepEx
ActivateActCtx
WritePrivateProfileStringA
GetBinaryTypeA
SetConsoleTitleW
GlobalFindAtomW
GetCPInfo
SetConsoleCtrlHandler
lstrcpynA
GetDefaultCommConfigA
GetExitCodeThread
GetLongPathNameA
ResetWriteWatch
GetThreadLocale
GetTimeFormatW
GenerateConsoleCtrlEvent
GetUserGeoID
CreatePipe
DeleteVolumeMountPointA
TransactNamedPipe
CreateWaitableTimerA
EnumSystemGeoID
OpenFile
WaitNamedPipeW
GetProcessHandleCount
FindFirstFileW
RaiseException
ReleaseSemaphore
GetSystemDefaultLCID
GetPrivateProfileStringA
GetMailslotInfo
SetDefaultCommConfigA
GetSystemWow64DirectoryW
FlushConsoleInputBuffer
LocalFileTimeToFileTime
EnumResourceNamesA
FindVolumeMountPointClose
ReplaceFileA
DosDateTimeToFileTime
EnumLanguageGroupLocalesW
GetTapeStatus
OpenFileMappingW
CreateSemaphoreW
GetPrivateProfileSectionNamesW
TzSpecificLocalTimeToSystemTime
GlobalCompact
InterlockedPushEntrySList
WaitForSingleObject
SetMessageWaitingIndicator
FreeEnvironmentStringsA
EnumDateFormatsA
GlobalFix
CreateMutexA
LocalUnlock
MapViewOfFileEx
SetLocaleInfoA
GetProcessAffinityMask
GetFileSizeEx
PulseEvent
GetLocaleInfoW
GetHandleInformation
AttachConsole
GetLastError
DeleteFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapAlloc
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
RtlUnwind
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
ExitProcess

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 960KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac40eac5b1713201fc18b8202d53f887

Headers

File Characteristics

Imports

ole32

imm32

comdlg32

ntdsapi

urlmon

pdh

mprapi

clusapi

setupapi

shell32

oleaut32

kernel32

Sections

.text Size: 176KB - Virtual size: 175KB

.data Size: 8KB - Virtual size: 18KB

.flat Size: 960KB - Virtual size: 957KB

.rsrc Size: 84KB - Virtual size: 1.1MB

.text
Size: 176KB - Virtual size: 175KB

.data
Size: 8KB - Virtual size: 18KB

.flat
Size: 960KB - Virtual size: 957KB

.rsrc
Size: 84KB - Virtual size: 1.1MB