5ef6b7590cce97f1f1586546942673fd44a70587a728723e8aa0d8e376d43f3a

Sharing

Copy URL Twitter E-mail

General

Target

5ef6b7590cce97f1f1586546942673fd44a70587a728723e8aa0d8e376d43f3a
Size

634KB
MD5

6bc172bbd4be1d1f145f7c534ffc50ab
SHA1

cc3a24aaa1359d9da8b031c348605c8b30e5fb46
SHA256

5ef6b7590cce97f1f1586546942673fd44a70587a728723e8aa0d8e376d43f3a
SHA512

62ac671ebca85aaa83a317d3a93b0978f62ce9a0d5c39489ec053c3c0a39ae9ebda7d646f0c6a635e1a493effe110b2033500a7a2dc9964b2d9d41a2fb09cde0
SSDEEP

12288:z/yJJBosqftmK7J4t5U6UjGa10ECsNU/6OS/vaI75zxk00qIisNB:zMosqfx7J4t9brECsNU/aNzxk0Q

Score

N/A

Malware Config

Signatures

Files

5ef6b7590cce97f1f1586546942673fd44a70587a728723e8aa0d8e376d43f3a
.exe windows x86

f9176fd3e8c17581e4e518376e334b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetUserSetInfo
DsGetSiteNameW
DsRoleGetPrimaryDomainInformation
NetFileClose
NetUserModalsSet
NetGroupEnum
NetLocalGroupGetInfo

uxtheme

SetWindowTheme
CloseThemeData
GetThemeTextExtent
GetThemeMargins
OpenThemeData
GetThemeFont
GetThemePartSize
EnableThemeDialogTexture
GetThemeMetric
DrawThemeBackground
GetThemeSysColor
GetThemeBool
DrawThemeIcon
GetThemeSysString
GetThemeSysFont
IsAppThemed
GetThemeBackgroundRegion

winmm

waveOutGetVolume
midiInMessage
waveOutGetPitch
mciGetErrorStringW
waveOutGetID
waveInGetDevCapsW
waveOutUnprepareHeader
mixerClose
midiOutReset
waveInStop

kernel32

FlushViewOfFile
FindResourceW
GetCurrentProcessId
TransmitCommChar
GetCurrentThread
ReleaseSemaphore
LCMapStringA
GetThreadSelectorEntry
IsDBCSLeadByteEx
CreateProcessW
GetDiskFreeSpaceExW
GetModuleHandleA
VirtualAlloc
FileTimeToSystemTime
GetCurrentThreadId
UpdateResourceA
GetModuleHandleW
VirtualFree
SetEvent
DisconnectNamedPipe
DebugBreak
CreateHardLinkW
FreeConsole
SetSystemPowerState
GetConsoleCP
SetStdHandle
EscapeCommFunction
GetFullPathNameA
GetProfileStringW
GetCurrentProcess
SetConsolePalette
GetWriteWatch
FreeLibrary
VerSetConditionMask
GetCalendarInfoA

advapi32

GetCurrentHwProfileW
QueryServiceObjectSecurity
EnumDependentServicesW
CryptGetHashParam
StartServiceCtrlDispatcherW
AreAnyAccessesGranted
SystemFunction027
BackupEventLogW
GetSidIdentifierAuthority
QueryServiceStatusEx
RevertToSelf
RegCreateKeyExA
RegSetValueExA
QueryServiceConfigA
ConvertStringSecurityDescriptorToSecurityDescriptorW
WmiQuerySingleInstanceW
SystemFunction004
RegEnumValueW
LsaQueryInformationPolicy
InitializeAcl
LsaFreeMemory
WmiFileHandleToInstanceNameW
AddAuditAccessAce

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 149KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 178KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 63KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 130KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9176fd3e8c17581e4e518376e334b74

Headers

File Characteristics

Imports

netapi32

uxtheme

winmm

kernel32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 94KB - Virtual size: 122KB

.rdata Size: 149KB - Virtual size: 214KB

.bss Size: 178KB - Virtual size: 229KB

.edata Size: 63KB - Virtual size: 104KB

.idata Size: 130KB - Virtual size: 197KB

.reloc Size: 512B - Virtual size: 170B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 94KB - Virtual size: 122KB

.rdata
Size: 149KB - Virtual size: 214KB

.bss
Size: 178KB - Virtual size: 229KB

.edata
Size: 63KB - Virtual size: 104KB

.idata
Size: 130KB - Virtual size: 197KB

.reloc
Size: 512B - Virtual size: 170B