af34b48a9ee43b202e4cf0f257ec5e1ff5495a0acc03a7dea3c7a2ff07703dc1

Sharing

Copy URL

Twitter E-mail

General

Target

af34b48a9ee43b202e4cf0f257ec5e1ff5495a0acc03a7dea3c7a2ff07703dc1
Size

1.1MB
MD5

56720f928e7f477bd833fc3e1d950568
SHA1

df32f83bcdecaf9206cee9f31068d4f8ca2aa1f8
SHA256

af34b48a9ee43b202e4cf0f257ec5e1ff5495a0acc03a7dea3c7a2ff07703dc1
SHA512

828abd0520eefda42501e16ee1091790448f46aca25a3cd96e8ff614c53b474c3a4a9de17e51e2938d92f6c29741d392d6397dfe9a8e6de5f726e9d6135f2700
SSDEEP

12288:CnPuNf+YfgPJy1ZiqqExApJ/klAud08GsmfVx8K/avxTGCJvFjsVrF3IBD2:cuYYqJyj1Px8JspmVxaCUFjeF3Ix2

Score

N/A

Malware Config

Signatures

Files

af34b48a9ee43b202e4cf0f257ec5e1ff5495a0acc03a7dea3c7a2ff07703dc1
.exe windows x86

17280211ce9fb9d41faf63acc38afc47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetPrivateProfileSectionW
GetFileAttributesA
DeleteTimerQueueTimer
GetLocaleInfoW
GetCommandLineA
FreeEnvironmentStringsW
GetProcessIoCounters
GetFileSize
SetThreadPriorityBoost
SetHandleCount
InitializeCriticalSectionAndSpinCount
CopyFileExW
GetVolumeInformationA
FreeUserPhysicalPages
RemoveDirectoryA
SetThreadIdealProcessor
GetDateFormatA
SetProcessPriorityBoost
FormatMessageA
TlsAlloc
SetLocaleInfoW
GetExitCodeThread
WideCharToMultiByte
GetDriveTypeA
SetComputerNameExW
QueryPerformanceFrequency
FindFirstFileW
FormatMessageW
lstrcmpA
MapUserPhysicalPages
MulDiv
MoveFileA
SetThreadContext
GetStringTypeExW
GetPrivateProfileStructA
DosDateTimeToFileTime
GetAtomNameA
GetModuleHandleA
GetCompressedFileSizeW
ExpandEnvironmentStringsW
lstrcpyA
SetThreadLocale
GetPrivateProfileStructW
EnumCalendarInfoExW
DeviceIoControl
GetStringTypeW
ProcessIdToSessionId
OpenJobObjectW
GetVolumeNameForVolumeMountPointW
GetLongPathNameA
CreateDirectoryW
GetMailslotInfo
FindVolumeClose
SetEndOfFile
GetLogicalDrives
GetAtomNameW
GetPrivateProfileIntA
VerifyVersionInfoW
SetFileAttributesA
GetTimeFormatA
FoldStringW
GetDiskFreeSpaceW
GetNumberFormatW
GetCurrentConsoleFont
GetLocaleInfoA
LCMapStringA
SetThreadAffinityMask
ConvertDefaultLocale
CreateProcessA
SetProcessWorkingSetSize
GetModuleFileNameA
MoveFileExW
FlushConsoleInputBuffer
GetStringTypeA
GetPrivateProfileIntW
GetEnvironmentStrings
OpenEventW
SetFileTime
LCMapStringW
UnregisterWaitEx
SetCurrentDirectoryW
IsValidLocale
CreateWaitableTimerW
GetUserDefaultLCID
GetVolumePathNameW
CreateJobObjectA
GetCurrentDirectoryA
GetSystemDefaultLCID
ReleaseSemaphore
OpenFileMappingW
GetTimeFormatW
GetPriorityClass
CopyFileA
SwitchToThread
GetEnvironmentVariableW
FreeConsole
SetPriorityClass
PeekNamedPipe
GetProfileStringA
IsSystemResumeAutomatic
GetShortPathNameW
MultiByteToWideChar
HeapReAlloc
HeapAlloc
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
VirtualQuery
Toolhelp32ReadProcessMemory
GetCurrentProcess
GetSystemWindowsDirectoryW
DuplicateHandle
SleepEx
CreateMutexW
SetLocaleInfoA
CreateSemaphoreA
MoveFileWithProgressA
lstrcpynA
LoadResource
DnsHostnameToComputerNameW
FindFirstFileExA
IsBadCodePtr
SetCalendarInfoW
VirtualAlloc
AssignProcessToJobObject
EnumCalendarInfoW
GetBinaryTypeA
EnumCalendarInfoExA
SetUnhandledExceptionFilter
GetShortPathNameA
SetProcessAffinityMask
FindFirstVolumeA
GetNamedPipeInfo
GetSystemWindowsDirectoryA
HeapFree
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
EncodePointer
DeleteCriticalSection
GetStartupInfoW
GetFileType
GetEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
HeapSetInformation
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
IsProcessorFeaturePresent

rpcrt4

RpcBindingServerFromClient
RpcMgmtWaitServerListen
RpcMgmtEpEltInqBegin
NdrGetUserMarshalInfo
NdrMesProcEncodeDecode2

user32

UnregisterClassW
GetAltTabInfoA
SetWindowLongA

advapi32

InitializeSecurityDescriptor
RegQueryValueExA
RegNotifyChangeKeyValue
GetCurrentHwProfileW
GetCurrentHwProfileA
SetKernelObjectSecurity
RegSetValueA
SetTokenInformation
InitializeAcl
AddAccessAllowedAce
AddAuditAccessAce
RegCreateKeyExW
RegSetValueExW
RegSetValueExA
GetSidSubAuthority
GetSidLengthRequired
RegSetKeySecurity
AddAccessDeniedAce
GetKernelObjectSecurity
RegQueryMultipleValuesA
AreAllAccessesGranted
RegQueryMultipleValuesW
RegCreateKeyExA
AreAnyAccessesGranted
RegSetValueW
GetSidIdentifierAuthority

ole32

CoRegisterMessageFilter
CoFreeUnusedLibrariesEx
HWND_UserUnmarshal
HPALETTE_UserSize
OleConvertIStorageToOLESTREAM
OleLoadFromStream
CoFileTimeToDosDateTime
StgCreateDocfile
OleCreateLink
CreateDataAdviseHolder
CreateAntiMoniker
HACCEL_UserUnmarshal
ReadFmtUserTypeStg
PropVariantClear
CoGetMarshalSizeMax
CoReleaseMarshalData
OleInitialize
CoRegisterInitializeSpy
CoGetStandardMarshal
HGLOBAL_UserUnmarshal

oleaut32

SysStringLen
VariantCopy
GetActiveObject
SafeArrayGetLBound
SysAllocStringLen
SysFreeString
SafeArrayCreate
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayPtrOfIndex
VariantCopyInd

Sections

.text
Size: 825KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17280211ce9fb9d41faf63acc38afc47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

user32

advapi32

ole32

oleaut32

Sections

.text Size: 825KB - Virtual size: 824KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 6KB - Virtual size: 86KB

.aspack Size: 11KB - Virtual size: 10KB

.bdata Size: 202KB - Virtual size: 201KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 825KB - Virtual size: 824KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 6KB - Virtual size: 86KB

.aspack
Size: 11KB - Virtual size: 10KB

.bdata
Size: 202KB - Virtual size: 201KB

.rsrc
Size: 44KB - Virtual size: 43KB