d9ed14754359e93d6404757ae6b10c72269d84efaf0f4456dd58bded7ece1067

Sharing

Copy URL Twitter E-mail

General

Target

d9ed14754359e93d6404757ae6b10c72269d84efaf0f4456dd58bded7ece1067
Size

67KB
MD5

b2f0e088a8bcb84113f9cb6ed76afcdc
SHA1

003ac31fca1261bc4f2a5fc6cd494264bf9632ae
SHA256

d9ed14754359e93d6404757ae6b10c72269d84efaf0f4456dd58bded7ece1067
SHA512

f1196f52869d20f306210163fd6f18dea3a5754d23eca3b6f16727139eb0f0e482d3a978f00236322cab120d62fe18996d8b2803d6ac559a4cfe182511a0a91e
SSDEEP

1536:+zkhFdmkU7lk5OVmzNZR60XvwQrfAtQdQPRY:+AzUx6qmzN76EwQrff6PRY

Score

N/A

Malware Config

Signatures

Files

d9ed14754359e93d6404757ae6b10c72269d84efaf0f4456dd58bded7ece1067
.exe windows x86

4879af568caae522a33030ad67b637fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceW
VirtualAllocEx
GetModuleHandleA
SetCalendarInfoW
GetSystemTimeAsFileTime
ConnectNamedPipe
TlsAlloc
GetUserDefaultLCID
GetSystemDirectoryA
DuplicateHandle
FatalAppExitW
GetThreadPriority
FindAtomW
IsBadStringPtrA
EnumCalendarInfoA
WaitForMultipleObjects
FileTimeToDosDateTime
lstrcpyn

advapi32

GetLengthSid
GetMultipleTrusteeA
CreateServiceW
IsTextUnicode
SystemFunction003
CredGetSessionTypes
LookupPrivilegeNameW
ElfOpenEventLogW
LsaQueryInfoTrustedDomain
CredWriteA
ConvertAccessToSecurityDescriptorW
RegQueryValueW
ImpersonateLoggedOnUser
CredpConvertCredential
ProcessIdleTasks
SystemFunction017
RegQueryInfoKeyW
GetAuditedPermissionsFromAclW
RegQueryMultipleValuesW
CredpConvertTargetInfo
LsaOpenTrustedDomainByName
ElfRegisterEventSourceW
LsaEnumerateAccounts
WriteEncryptedFileRaw
ElfCloseEventLog
LsaCreateAccount
LsaClearAuditLog
WmiQueryAllDataMultipleW
CommandLineFromMsiDescriptor
RegOpenKeyW
LsaGetSystemAccessAccount
OpenTraceW
ControlTraceW
ObjectOpenAuditAlarmW
RegCreateKeyExW
RegNotifyChangeKeyValue
RegCreateKeyW
SetSecurityDescriptorControl
AreAnyAccessesGranted
ReportEventA
RegLoadKeyW
CryptEnumProvidersW
LsaQueryTrustedDomainInfoByName
RegSetValueExW
WmiSetSingleInstanceA
SaferSetPolicyInformation
CreateTraceInstanceId
LsaFreeMemory
CryptEnumProvidersA
GetTrusteeTypeW
GetExplicitEntriesFromAclW
BuildExplicitAccessWithNameW
CloseCodeAuthzLevel
DeleteService
RegOverridePredefKey
A_SHAFinal
CryptSetProviderA
GetNamedSecurityInfoExW
RegSetValueA
LsaGetQuotasForAccount

user32

MonitorFromWindow
SetWindowPos
GetMenuItemID
EnumClipboardFormats
GetKeyboardType
GetSystemMetrics
SetWindowLongW
EndDialog
CreateDialogIndirectParamW
GetDesktopWindow
GetMenuItemRect
GetActiveWindow
GetMenuStringA
UnregisterClassA
FindWindowW
ActivateKeyboardLayout
GetFocus
GetScrollPos
IsWindow
SendDlgItemMessageA

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 627B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4879af568caae522a33030ad67b637fb

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 46KB - Virtual size: 46KB

.tls Size: 512B - Virtual size: 627B

.data Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 6KB

.idata Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 24B

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 46KB - Virtual size: 46KB

.tls
Size: 512B - Virtual size: 627B

.data
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 6KB

.idata
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 6KB - Virtual size: 6KB