c29d6110f0f176066edda9bfe271d4eef108991be5de7107815aacca59bf5c70

Sharing

Copy URL Twitter E-mail

General

Target

c29d6110f0f176066edda9bfe271d4eef108991be5de7107815aacca59bf5c70
Size

358KB
MD5

312cfbfa46ee45123c9796b1df4025d2
SHA1

1bc7c1a80c755d65b1373debb31ac39c81dfb306
SHA256

c29d6110f0f176066edda9bfe271d4eef108991be5de7107815aacca59bf5c70
SHA512

b4dee02ab58dab67946642e854e9f0b21cddf5f8a975a3424b6543b7869a94c412b298e010b60df96f0dbe557ecd2c372649f7be13efad5270d571a8c96aae8d
SSDEEP

6144:8SxEpvyN/EikIH6j55b4KZzVTeGgvbX49JC7380HyHLfe6TsI9gvNJL:1EUNH3k55EAVT5rJoiLmusI9gvNF

Score

N/A

Malware Config

Signatures

Files

c29d6110f0f176066edda9bfe271d4eef108991be5de7107815aacca59bf5c70
.exe windows x86

8138f70c1ac35bd8f82c35cfb67c4124

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetServiceKeyNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
FreeEncryptionCertificateHashList
RegDeleteValueA
SystemFunction022
GetSecurityDescriptorSacl
CloseTrace
CloseCodeAuthzLevel
LookupPrivilegeDisplayNameW
CreatePrivateObjectSecurity
RegSaveKeyExA
DeregisterEventSource
AddAccessAllowedAceEx
LsaSetSecurityObject
RegDeleteValueW
QueryServiceConfig2A
FileEncryptionStatusA
GetAccessPermissionsForObjectW
SystemFunction025
CryptCreateHash
AddAccessAllowedObjectAce
QueryServiceConfigA
LsaCreateTrustedDomainEx
LookupPrivilegeDisplayNameA
SetServiceStatus
CryptDecrypt
ObjectPrivilegeAuditAlarmA
LsaEnumerateTrustedDomainsEx
SetTraceCallback
IsValidAcl

certcli

CAGetCertTypeKeySpec
CAGetCertTypeExtensionsEx
CAOIDGetLdapURL
CADeleteCA
CAUpdateCertType
CAAccessCheck
CAOIDAdd
CASetCertTypeProperty
CACreateCertType
CAAddCACertificateType
CAGetCAExpiration
CAAccessCheckEx
CAOIDDelete
CACertTypeGetSecurity
CAOIDCreateNew
CARemoveCACertificateType
CADeleteCertType
CAGetCAProperty
CAEnumFirstCA
CACertTypeRegisterQuery
CADeleteLocalAutoEnrollmentObject
CAGetCertTypeProperty
CACertTypeSetSecurity
CAGetCertTypePropertyEx
CASetCAFlags
CACertTypeUnregisterQuery
DllInstall
CAOIDFreeProperty
CACloseCertType
CACreateNewCA
CACountCAs
CAEnumCertTypesEx
CASetCACertificate

opengl32

glDrawPixels
glPointSize
glEvalCoord2f
glTexCoord2f
glVertex3sv
glTranslatef
glVertex3iv
glRasterPos3s
glIndexubv
glNormal3f
glPopAttrib
glGetIntegerv
wglGetPixelFormat
glMapGrid1d
glColor4ubv
glTexParameteriv
glGetMapfv
glGetFloatv
glFogi
glBindTexture
glFogfv
glMaterialiv
glTexSubImage1D
glFinish
glClearIndex
glMap2f
glFrustum
glGetLightiv
glRasterPos3dv
glReadBuffer
glGetClipPlane
glTexCoord1s
glEvalMesh2
glClearDepth
glLightiv
glPixelMapfv
glColor3f
glVertex2dv

msvcirt

??0stdiobuf@@QAE@PAU_iobuf@@@Z
?open@ofstream@@QAEXPBDHH@Z
?unbuffered@streambuf@@IAEXH@Z
?pword@ios@@QBEAAPAXH@Z
??0ios@@IAE@ABV0@@Z
?sh_write@filebuf@@2HB
??1istrstream@@UAE@XZ
?blen@streambuf@@IBEHXZ
?flags@ios@@QBEJXZ
?lock@ios@@QAAXXZ
??0ostream_withassign@@QAE@ABV0@@Z
??0strstream@@QAE@XZ
?unlock@streambuf@@QAEXXZ
?x_maxbit@ios@@0JA
??_Dofstream@@QAEXXZ
??1stdiostream@@UAE@XZ
??_Gistrstream@@UAEPAXI@Z
??5istream@@QAEAAV0@AAH@Z
?is_open@ofstream@@QBEHXZ
??0istream_withassign@@QAE@PAVstreambuf@@@Z
??0iostream@@QAE@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBC@Z
??_Estrstream@@UAEPAXI@Z
??0ostrstream@@QAE@ABV0@@Z
??6ostream@@QAEAAV0@D@Z
?open@ifstream@@QAEXPBDHH@Z
??Bios@@QBEPAXXZ
??_Eistream_withassign@@UAEPAXI@Z
??0istrstream@@QAE@PAD@Z
?rdstate@ios@@QBEHXZ
?sh_none@filebuf@@2HB
??4logic_error@@QAEAAV0@ABV0@@Z
??6ostream@@QAEAAV0@PAVstreambuf@@@Z

kernel32

GetSystemWow64DirectoryA
WriteProfileStringA
GetFileAttributesExA
RaiseException
WaitForSingleObjectEx
GetWindowsDirectoryW
UnlockFile
FillConsoleOutputCharacterW
LocalSize
IsDBCSLeadByte
DnsHostnameToComputerNameW
GetConsoleCursorMode
EnumSystemCodePagesW
RemoveDirectoryA
GetDefaultCommConfigA
LoadLibraryA
GetCommConfig
LZDone
GetStartupInfoW
GetSystemDefaultUILanguage
IsBadStringPtrW
GetCurrentProcessId
GetModuleHandleW
EnumCalendarInfoW
QueryPerformanceCounter
TlsAlloc
LZCreateFileW
lstrcpyW
VirtualAlloc
VerifyVersionInfoW
HeapCompact
GetConsoleTitleA
UnlockFileEx
SetTimeZoneInformation
SetConsoleInputExeNameA
OutputDebugStringA
SetConsoleTitleW
SetErrorMode
Heap32ListFirst
CreateRemoteThread
InvalidateConsoleDIBits
GlobalFindAtomW

gdi32

GdiEntry13
SetMetaFileBitsEx
EnumEnhMetaFile
GetBoundsRect
GetGlyphOutlineA
EngPaint
EngStretchBlt
GetWindowOrgEx
GetDeviceCaps
BRUSHOBJ_pvGetRbrush
GdiQueryFonts
GetLogColorSpaceA
CreateEnhMetaFileW
DeleteObject
GetTextExtentExPointW
CreatePatternBrush
GetRandomRgn
EngCheckAbort
GetETM
GetKerningPairsA
SelectFontLocal
EngBitBlt
SetBkColor
DdEntry12
GetTextColor
GdiConvertEnhMetaFile
DdEntry47
FONTOBJ_cGetAllGlyphHandles
SetICMProfileA
BeginPath
GetCharABCWidthsW
FONTOBJ_vGetInfo

wiashext

MakeFullPidlForDevice
AddDeviceWasChosenA
DoDeleteAllItems
DllGetClassObject
AddDeviceWasChosenW
AddDeviceWasChosen

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8138f70c1ac35bd8f82c35cfb67c4124

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

certcli

opengl32

msvcirt

kernel32

gdi32

wiashext

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 141KB - Virtual size: 596KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 141KB - Virtual size: 596KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 1024B