9a530138dd5c01928ebe39850a5c3ef702e66bb2658772fd3b9beedb40873338

Sharing

Copy URL Twitter E-mail

General

Target

9a530138dd5c01928ebe39850a5c3ef702e66bb2658772fd3b9beedb40873338
Size

58KB
MD5

ba34d4e30dc27a018936dd82cfb5f49d
SHA1

e419152d58f57877c39d892b77de179911ae684b
SHA256

9a530138dd5c01928ebe39850a5c3ef702e66bb2658772fd3b9beedb40873338
SHA512

6fc44807add6831b417f082f39605f41693d32b4b6885c42144484f5ae42ec602459be71fc5bcd920ddb51a19dfe9acd6aac5313dc426507d0b7679784f81670
SSDEEP

1536:GfW2zq0zuG3QTiPzgemW8YknPoAIddv3ajgTUkhhW:ez+GATiPqW8YJ92gNhhW

Score

N/A

Malware Config

Signatures

Files

9a530138dd5c01928ebe39850a5c3ef702e66bb2658772fd3b9beedb40873338
.exe windows x86

93eab6c85a8fd16fc9492d853f624aff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
OleQueryCreateFromData
OleCreateFromData
OleLockRunning
CoGetMarshalSizeMax
CoRegisterMallocSpy
OleGetIconOfClass
CoTaskMemAlloc
OleCreateMenuDescriptor
CoInstall
CoFreeUnusedLibraries
OleCreateLink
OleIsRunning
OleLoadFromStream
OleCreateLinkFromData
CoCreateInstance
OleRegGetMiscStatus
OleTranslateAccelerator

ulib

?Strcmpis@WSTRING@@SGHPAG0@Z
??1SCREEN@@UAE@XZ
?Initialize@WSTRING@@QAEEPBGK@Z
?Log@MESSAGE@@QAAEPBDZZ
??0PATH@@QAE@XZ
??_7FSTRING@@6B@
?AppendDelimiter@PATH@@QAEEXZ
?Strcat@WSTRING@@QAEEPBV1@@Z
?Construct@DSTRING@@AAEXXZ
??0TIMEINFO@@QAE@XZ
?IsInAutoChk@MESSAGE@@UAEEXZ
?AppendString@PATH@@QAEEPBVWSTRING@@@Z
?QueryCodePage@SCREEN@@QAEKXZ
?QueryTimeOut@COMM_DEVICE@@QBEEXZ
??0REST_OF_LINE_ARGUMENT@@QAE@XZ
?SetSize@BITVECTOR@@QAEKKW4BIT@@@Z
?QueryByteCount@WSTRING@@QBEKXZ
?Cast@KEYBOARD@@SGPAV1@PBVOBJECT@@@Z
?Lock@MESSAGE@@QAEXXZ
?UlibRealloc@@YGPAXPAXK@Z
?Strcmp@WSTRING@@SGHPAG0@Z
?Initialize@WSTRING@@QAEEJ@Z
?ReplaceWithChars@WSTRING@@QAEEKKGK@Z
??0COMM_DEVICE@@QAE@XZ
?IsKeyPressed@MESSAGE@@UAEEKK@Z
?QuerySTR@WSTRING@@QBEPADKKPADKE@Z
?Truncate@WSTRING@@QAEKK@Z
?Initialize@TIMEINFO@@QAEEPAU_FILETIME@@@Z

msvcrt

memcmp
_ltoa
_getcwd
_vsnwprintf
__getmainargs
_stricmp
fseek
time
_snwprintf
_except_handler3
_wcsnicmp
_XcptFilter
sprintf
wcsncat
wcschr
wcscmp
_pctype

gdi32

BitBlt
StartPage
SetMapMode
GetObjectW
MoveToEx
CreateRectRgnIndirect
Ellipse
RestoreDC
EndPage
DeleteDC
CreateRectRgn
GetBkColor
GetStockObject
Polyline
SelectObject
CreateCompatibleDC

advapi32

ControlService
AddAccessAllowedAce
RegDeleteKeyW
AllocateAndInitializeSid
RegConnectRegistryW
LookupPrivilegeNameW
CopySid
AddAce
SetKernelObjectSecurity
SetSecurityInfo
LookupAccountNameW
GetSidSubAuthorityCount
LookupPrivilegeValueW
RegSetValueExW
CreateProcessAsUserW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93eab6c85a8fd16fc9492d853f624aff

Headers

File Characteristics

Imports

ole32

ulib

msvcrt

gdi32

advapi32

Sections

.text Size: 53KB - Virtual size: 53KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 85KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 85KB