71a126a9af77ed63cd3f85707b65a7c7b42315b6704ffc97e9e83cfc30764e9a

Sharing

Copy URL Twitter E-mail

General

Target

71a126a9af77ed63cd3f85707b65a7c7b42315b6704ffc97e9e83cfc30764e9a
Size

634KB
MD5

311c8f123dfe019a96c189ad1e6a5f4b
SHA1

f3ff5bd81d488b15528767079b20757ad1db97f8
SHA256

71a126a9af77ed63cd3f85707b65a7c7b42315b6704ffc97e9e83cfc30764e9a
SHA512

8b14d59857bef2bc8fb230a47976cbf772f9dcc6c18f7dd2ae177d7824e712609b12812b670eb27d27543e4febf547d2f73934cc6485c698af023ceef3abab0b
SSDEEP

12288:7/yJJBosqftmK7J4t5U6UjGa10ECsNU/6OS/vaI75zxk00qIisNB:7Mosqfx7J4t9brECsNU/aNzxk0Q

Score

N/A

Malware Config

Signatures

Files

71a126a9af77ed63cd3f85707b65a7c7b42315b6704ffc97e9e83cfc30764e9a
.exe windows x86

f9176fd3e8c17581e4e518376e334b74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetUserSetInfo
DsGetSiteNameW
DsRoleGetPrimaryDomainInformation
NetFileClose
NetUserModalsSet
NetGroupEnum
NetLocalGroupGetInfo

uxtheme

SetWindowTheme
CloseThemeData
GetThemeTextExtent
GetThemeMargins
OpenThemeData
GetThemeFont
GetThemePartSize
EnableThemeDialogTexture
GetThemeMetric
DrawThemeBackground
GetThemeSysColor
GetThemeBool
DrawThemeIcon
GetThemeSysString
GetThemeSysFont
IsAppThemed
GetThemeBackgroundRegion

winmm

waveOutGetVolume
midiInMessage
waveOutGetPitch
mciGetErrorStringW
waveOutGetID
waveInGetDevCapsW
waveOutUnprepareHeader
mixerClose
midiOutReset
waveInStop

kernel32

FlushViewOfFile
FindResourceW
GetCurrentProcessId
TransmitCommChar
GetCurrentThread
ReleaseSemaphore
LCMapStringA
GetThreadSelectorEntry
IsDBCSLeadByteEx
CreateProcessW
GetDiskFreeSpaceExW
GetModuleHandleA
VirtualAlloc
FileTimeToSystemTime
GetCurrentThreadId
UpdateResourceA
GetModuleHandleW
VirtualFree
SetEvent
DisconnectNamedPipe
DebugBreak
CreateHardLinkW
FreeConsole
SetSystemPowerState
GetConsoleCP
SetStdHandle
EscapeCommFunction
GetFullPathNameA
GetProfileStringW
GetCurrentProcess
SetConsolePalette
GetWriteWatch
FreeLibrary
VerSetConditionMask
GetCalendarInfoA

advapi32

GetCurrentHwProfileW
QueryServiceObjectSecurity
EnumDependentServicesW
CryptGetHashParam
StartServiceCtrlDispatcherW
AreAnyAccessesGranted
SystemFunction027
BackupEventLogW
GetSidIdentifierAuthority
QueryServiceStatusEx
RevertToSelf
RegCreateKeyExA
RegSetValueExA
QueryServiceConfigA
ConvertStringSecurityDescriptorToSecurityDescriptorW
WmiQuerySingleInstanceW
SystemFunction004
RegEnumValueW
LsaQueryInformationPolicy
InitializeAcl
LsaFreeMemory
WmiFileHandleToInstanceNameW
AddAuditAccessAce

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 149KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 178KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 63KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 130KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9176fd3e8c17581e4e518376e334b74

Headers

File Characteristics

Imports

netapi32

uxtheme

winmm

kernel32

advapi32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 94KB - Virtual size: 122KB

.rdata Size: 149KB - Virtual size: 214KB

.bss Size: 178KB - Virtual size: 229KB

.edata Size: 63KB - Virtual size: 104KB

.idata Size: 130KB - Virtual size: 197KB

.reloc Size: 512B - Virtual size: 170B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 94KB - Virtual size: 122KB

.rdata
Size: 149KB - Virtual size: 214KB

.bss
Size: 178KB - Virtual size: 229KB

.edata
Size: 63KB - Virtual size: 104KB

.idata
Size: 130KB - Virtual size: 197KB

.reloc
Size: 512B - Virtual size: 170B