d7197a4650dc8f8c84ce4b2fae7945eea41fced67d16bedb3d2375f23f4e5b8c

General

Target

d7197a4650dc8f8c84ce4b2fae7945eea41fced67d16bedb3d2375f23f4e5b8c
Size

116KB
MD5

27e612f7aa5b38c4fc66fbaf4ff0c3b9
SHA1

e13a89a55391fc3f0ac22f4ce65c77945c258af2
SHA256

d7197a4650dc8f8c84ce4b2fae7945eea41fced67d16bedb3d2375f23f4e5b8c
SHA512

52812cc70633e86668a8627f6fd4e2e866c7db6b45fb03dbcb9f1794af4cf933db610a7ef6c9ad5938c90aafe9b12010dce40044f0d65e9c51414ffa970a1c4b
SSDEEP

3072:3GMTVHPSYXozqEXtbynFCQGvPKahuEewg:3GAZPvXozq4tb+FC/nIZ

Score

N/A

Malware Config

Signatures

Files

d7197a4650dc8f8c84ce4b2fae7945eea41fced67d16bedb3d2375f23f4e5b8c
.exe windows x86

d9f7d60e89b90d42fafffa7ad9ba8db2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryInfoKeyA
InitializeSecurityDescriptor
AreAllAccessesGranted
RegQueryMultipleValuesA
AddAuditAccessAce
RegCreateKeyExW
GetSidIdentifierAuthority
RegQueryInfoKeyW
AreAnyAccessesGranted
AdjustTokenPrivileges
GetTokenInformation
AccessCheck
GetCurrentHwProfileA
GetCurrentHwProfileW
OpenThreadToken

gdi32

GdiSetAttrs
ArcTo
GetGlyphOutlineA
GetTextFaceW
CreateDIBPatternBrush
Polygon
GdiConvertRegion
GdiGetCodePage
GetTextCharset
GetCharABCWidthsW
GetCharWidth32W
OffsetRgn
OffsetWindowOrgEx
GetViewportExtEx
AnimatePalette
GetTextAlign
StartDocW
SetColorAdjustment
GdiCleanCacheDC
GetTextCharsetInfo
PtVisible
GdiSwapBuffers
MoveToEx
GetROP2
ExcludeClipRect
CreatePen

kernel32

DisableThreadLibraryCalls
RemoveDirectoryA
WaitForSingleObject
SetTermsrvAppInstallMode
SetConsoleInputExeNameA
FreeConsole
GlobalAddAtomW
CreateDirectoryExA
ClearCommBreak
CreateHardLinkW
OpenFileMappingA
GetEnvironmentStringsA
CreateFileA
GetProcAddress
lstrcatW
GetWriteWatch
GetCalendarInfoA
GetStringTypeA
GetNumberFormatA
GetUserDefaultUILanguage
CreateDirectoryA
EnumSystemCodePagesW
GlobalLock
VirtualAlloc
EnumSystemLocalesA
GlobalUnlock
WritePrivateProfileSectionW

Sections

.bss
Size: 104KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9f7d60e89b90d42fafffa7ad9ba8db2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

Sections

.bss Size: 104KB - Virtual size: 146KB

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 9KB - Virtual size: 8KB

.bss
Size: 104KB - Virtual size: 146KB

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 9KB - Virtual size: 8KB