8a8ea4bdee026749d62f4c40a041052d00d310b4563a93c336ae607e7348f2bc

Sharing

Copy URL Twitter E-mail

General

Target

8a8ea4bdee026749d62f4c40a041052d00d310b4563a93c336ae607e7348f2bc
Size

864KB
MD5

0a13e686d1e051e1d032a0155e803c7b
SHA1

b8e58e93a77ccf8d28d66a6fce4e29ae26ed3fb9
SHA256

8a8ea4bdee026749d62f4c40a041052d00d310b4563a93c336ae607e7348f2bc
SHA512

1e34e5a6298de283c85c9a04f2724cd0856cf2cde64adc25d674932aa7cf92b73bbb6fe91dbeecf5b49c269309346dc0ed86aa6df862c65b3d1d232051572c9b
SSDEEP

24576:mPDJzzYPWkvWknFuUQF0QhthM6HjIQRhYy884Hp:mByWpkFoRS6H+24

Score

N/A

Malware Config

Signatures

Files

8a8ea4bdee026749d62f4c40a041052d00d310b4563a93c336ae607e7348f2bc
.exe windows x86

9543e9256cc00a3835932a115a69cb28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

crypt32

CertSetCRLContextProperty

kernel32

CloseProfileUserMapping
GetSystemDefaultUILanguage
SetThreadIdealProcessor
GlobalCompact
OpenFile
SetThreadExecutionState
GetThreadPriority
ProcessIdToSessionId
VirtualAlloc
GetShortPathNameW
SetProcessAffinityMask
GetConsoleCursorInfo
ConvertDefaultLocale
EnumDateFormatsW
GetCurrentDirectoryA
GetLastError
QueryPerformanceCounter
PostQueuedCompletionStatus
FormatMessageW
EnumSystemLocalesW
CreateEventW
RegisterWaitForSingleObject
IsBadWritePtr
GetWindowsDirectoryW

shell32

ShellExecuteW
ExtractIconExA
SHGetFolderPathW
Shell_NotifyIconW
Shell_NotifyIconA
SHPathPrepareForWriteW
SHFileOperationA
ShellExecuteA
DragFinish
SHBindToParent
SHGetFolderLocation
SHAddToRecentDocs
SHGetFileInfoA
SHGetDesktopFolder

advapi32

InitializeAcl
CloseServiceHandle
SetKernelObjectSecurity
RegCreateKeyExW
IsValidSecurityDescriptor
EncryptFileW
OpenBackupEventLogW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegEnumValueW
BuildExplicitAccessWithNameA
AdjustTokenPrivileges
LogonUserW
SetSecurityDescriptorControl
RegQueryValueExA
EnableTrace
CryptCreateHash
CryptSignHashA
SystemFunction007
RegOverridePredefKey
GetSidSubAuthorityCount
ConvertStringSecurityDescriptorToSecurityDescriptorW
DuplicateTokenEx
CryptDuplicateHash
ReadEventLogW

msvcrt

wcsspn
_CIcos
_getdcwd
mbtowc
_fullpath
srand
_spawnlp
_access
localeconv
_getpid
wcschr
_c_exit
_strdup
_mbsncpy

rtutils

RouterLogRegisterW
RouterLogEventStringA
TraceDeregisterW
MprSetupProtocolFree
TracePutsExA
TraceDeregisterA
RouterLogEventA
RouterLogDeregisterW
TracePrintfA
TraceRegisterExA
TracePrintfExW
LogErrorA
LogEventW
RouterLogEventW
LogEventA
RouterLogEventDataA
RouterLogEventStringW
TraceDeregisterExA
TraceRegisterExW

imagehlp

ImageRvaToSection
CheckSumMappedFile
SymInitialize
SymSetOptions
ImageGetCertificateData
ImageRvaToVa
EnumerateLoadedModules64
ImageLoad
ImageUnload
ImageNtHeader
ImageEnumerateCertificates
ImageDirectoryEntryToData

Sections

.data
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 61KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 84KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 259KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9543e9256cc00a3835932a115a69cb28

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

shell32

advapi32

msvcrt

rtutils

imagehlp

Sections

.data Size: 1024B - Virtual size: 684B

.text Size: 61KB - Virtual size: 456KB

.idata Size: 84KB - Virtual size: 210KB

.bss Size: 259KB - Virtual size: 457KB

.data Size: 362KB - Virtual size: 433KB

.rsrc Size: 93KB - Virtual size: 93KB

.reloc Size: 1024B - Virtual size: 994B

.data
Size: 1024B - Virtual size: 684B

.text
Size: 61KB - Virtual size: 456KB

.idata
Size: 84KB - Virtual size: 210KB

.bss
Size: 259KB - Virtual size: 457KB

.data
Size: 362KB - Virtual size: 433KB

.rsrc
Size: 93KB - Virtual size: 93KB

.reloc
Size: 1024B - Virtual size: 994B