224d557f089bb6556e35f556ad57cd17107e626bfcf9b2fa19a9a8eaaad19590

Sharing

Copy URL Twitter E-mail

General

Target

224d557f089bb6556e35f556ad57cd17107e626bfcf9b2fa19a9a8eaaad19590
Size

174KB
MD5

5aa52e8dc11d6805464b1e2ec845b460
SHA1

022b0a562a6e875185fb741fbfed8551495810df
SHA256

224d557f089bb6556e35f556ad57cd17107e626bfcf9b2fa19a9a8eaaad19590
SHA512

adbc9447ffa2d0049e37f7ca3e771e6ce2d64a28b52531470b1a1e408293169baa3ef07878f5681aac6c40a41f8927979cbb782babb5e9d7c94beb01594d07fe
SSDEEP

3072:yxtqNMn5gy9psxMHSA9UtV/v+bQQfQXfwcMyU5A9nFRi3WPB:yTqq5gyPsxMyA9Unm6fw3n5A93nJ

Score

N/A

Malware Config

Signatures

Files

224d557f089bb6556e35f556ad57cd17107e626bfcf9b2fa19a9a8eaaad19590
.dll windows x86

11e0ce1be130e74800309c765a9f5be6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
CreateFileW
GetSystemTime
LoadLibraryA
GetProcAddress

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

EnumServiceGroupW
WriteEncryptedFileRaw
UnlockServiceDatabase
TrusteeAccessToObjectW
SystemFunction020
SystemFunction013
SystemFunction011
SystemFunction002
SetUserFileEncryptionKey
SetSecurityInfoExA
SetSecurityDescriptorGroup
SetNamedSecurityInfoA
SetFileSecurityA
RegisterTraceGuidsW
RegisterEventSourceW
RegSetValueW
RegQueryValueA
RegNotifyChangeKeyValue
RegEnumKeyA
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyW
AbortSystemShutdownA
AddUsersToEncryptedFile
AreAnyAccessesGranted
BackupEventLogA
BackupEventLogW
BuildImpersonateTrusteeA
BuildSecurityDescriptorW
BuildTrusteeWithObjectsAndNameW
BuildTrusteeWithSidA
BuildTrusteeWithSidW
ChangeServiceConfig2A
ControlTraceW
ConvertSecurityDescriptorToAccessA
ConvertSecurityDescriptorToAccessNamedA
ConvertSecurityDescriptorToAccessNamedW
ConvertSidToStringSidW
CopySid
CreatePrivateObjectSecurityEx
CryptDuplicateKey
CryptGetHashParam
CryptSetProviderA
CryptSetProviderExW
CryptSignHashA
CryptSignHashW
CryptVerifySignatureA
CryptVerifySignatureW
DeleteAce
DestroyPrivateObjectSecurity
DuplicateTokenEx
ElfOpenBackupEventLogW
ElfOpenEventLogA
ElfRegisterEventSourceW
EncryptionDisable
RegCloseKey
FileEncryptionStatusW
GetAccessPermissionsForObjectW
GetCurrentHwProfileA
GetEffectiveRightsFromAclW
GetFileSecurityW
GetLengthSid
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetServiceDisplayNameA
GetSidSubAuthorityCount
GetTraceEnableFlags
GetTrusteeTypeW
InitiateSystemShutdownExA
LookupPrivilegeNameW
LsaAddAccountRights
LsaAddPrivilegesToAccount
LsaClose
LsaCreateTrustedDomain
LsaEnumerateAccountsWithUserRight
LsaGetQuotasForAccount
LsaGetRemoteUserName
LsaLookupPrivilegeName
LsaOpenAccount
LsaOpenSecret
LsaRemoveAccountRights
LsaSetSecret
ObjectCloseAuditAlarmW
ObjectDeleteAuditAlarmW
OpenEncryptedFileRawW
QueryRecoveryAgentsOnEncryptedFile

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11e0ce1be130e74800309c765a9f5be6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

advapi32

ole32

Sections

.text Size: 3KB - Virtual size: 3KB

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 196B

.rsrc Size: 1024B - Virtual size: 632B

.reloc Size: 1024B - Virtual size: 998B

.text
Size: 3KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 196B

.rsrc
Size: 1024B - Virtual size: 632B

.reloc
Size: 1024B - Virtual size: 998B