4d3725504d70f392da502b019bd152ed9dccd91d12c5e06a7ecdcc771210190c

Sharing

Copy URL Twitter E-mail

General

Target

4d3725504d70f392da502b019bd152ed9dccd91d12c5e06a7ecdcc771210190c
Size

266KB
MD5

f5bd6269961514cd75c54810dc83aa4b
SHA1

cf20b8cb96eadcf31c2a1b01c99e3a6fdefe414e
SHA256

4d3725504d70f392da502b019bd152ed9dccd91d12c5e06a7ecdcc771210190c
SHA512

680e578ec45f1e858cb14fffb7a29b405c901ff9894c2fff34d9417dd480273f13e6574618b34527b9123f846570781ae0b63d016f9c2f9374b0cf0e04ce4faa
SSDEEP

6144:VgEx9BhEuAzKopiBimEv1qgpkQcHKMci9O+9bWXZUavJt0pHzIvNCfk:xmuME0mEtqxQ0KriM+9bkUavOsOk

Score

N/A

Malware Config

Signatures

Files

4d3725504d70f392da502b019bd152ed9dccd91d12c5e06a7ecdcc771210190c
.exe windows x86

1ed5413c9e710e4c570c663e3a7a2cef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

oleacc

LresultFromObject
AccessibleObjectFromPoint

advapi32

ControlService
GetNamedSecurityInfoW
IsValidAcl
RegOpenKeyExW
UnlockServiceDatabase
RegCloseKey
QueryServiceStatus
InitializeAcl
LookupAccountSidW
SetEntriesInAclW
LookupPrivilegeDisplayNameA
SetNamedSecurityInfoW
RegQueryValueExW
FreeInheritedFromArray
SetEntriesInAclA
OpenServiceW
RegGetKeySecurity
LookupPrivilegeNameA
IsValidSecurityDescriptor
OpenSCManagerW
FreeSid
GetInheritanceSourceW
QueryServiceLockStatusW
InitializeSecurityDescriptor
LockServiceDatabase
SetSecurityInfo
AllocateAndInitializeSid
RegCreateKeyExW
EqualSid
CloseServiceHandle
RegRestoreKeyW
GetTokenInformation
GetAce
ChangeServiceConfig2W
LookupPrivilegeValueA
RegDeleteKeyW
GetSecurityInfo
DeleteService
QueryServiceConfigW
GetSecurityDescriptorControl
RegDeleteValueW
CreateServiceW
StartServiceA
RegSaveKeyW
SetSecurityDescriptorDacl
OpenProcessToken
AddAce
RegEnumKeyExW
RegSetValueExW
EnumDependentServicesW
ChangeServiceConfigW
AdjustTokenPrivileges
GetAclInformation
RegEnumValueW

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

GetConsoleOutputCP
LeaveCriticalSection
CompareStringW
GetCurrentProcess
TerminateProcess
SetStdHandle
GetLocaleInfoA
VirtualFree
HeapFree
WriteFile
SetUnhandledExceptionFilter
GetCurrentProcessId
EnterCriticalSection
GetTickCount
LoadLibraryA
HeapSize
FreeLibrary
GetTimeFormatA
RtlUnwind
RaiseException
IsDebuggerPresent
EnumResourceTypesA
GetSystemTimeAsFileTime
SetEnvironmentVariableA
LCMapStringA
HeapCreate
CompareStringA
VirtualAlloc
WriteConsoleA
GetACP
SetEndOfFile
QueryPerformanceCounter
GetDateFormatA
GetOEMCP
ReadFile
LCMapStringW
HeapDestroy
CreateNamedPipeA
GetCPInfo
GetStringTypeW
GetTimeZoneInformation
SetFilePointer
IsValidCodePage
MultiByteToWideChar
HeapReAlloc
UnhandledExceptionFilter
InitializeCriticalSection
GetStringTypeA

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ed5413c9e710e4c570c663e3a7a2cef

Headers

File Characteristics

Imports

mprapi

oleacc

advapi32

newdev

shell32

kernel32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 3KB - Virtual size: 147KB

.data Size: 197KB - Virtual size: 196KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 3KB - Virtual size: 147KB

.data
Size: 197KB - Virtual size: 196KB

.rsrc
Size: 512B - Virtual size: 4KB