54d230ee188bbc82ec96cf57163cd32e82e8d6a7d7883dc07a9f9418b980be09

Sharing

Copy URL Twitter E-mail

General

Target

54d230ee188bbc82ec96cf57163cd32e82e8d6a7d7883dc07a9f9418b980be09
Size

1024KB
MD5

cd28b3f7b1da96f4e5ca050f426c87a4
SHA1

d4eb97e32e14c81ad968f9f1698cdf07b077ae08
SHA256

54d230ee188bbc82ec96cf57163cd32e82e8d6a7d7883dc07a9f9418b980be09
SHA512

901f327ac9a273f73fe03d7481a27bb240a611aa5e3b015c8571314578caac6f697b95df5b837853affd3c99587cd038d1f6be3638c06cf93b8dd9746fa6d16c
SSDEEP

24576:q2wn/xSCL8QM05sfD3IDM97QcZr8LZTtQIPg:UZaH9UcZsTqIPg

Score

N/A

Malware Config

Signatures

Files

54d230ee188bbc82ec96cf57163cd32e82e8d6a7d7883dc07a9f9418b980be09
.exe windows x86

b948962c92d2945777269701d6007f0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetFileSecurityW
GetSecurityDescriptorOwner
GetFileSecurityW
SetThreadToken
RevertToSelf
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
ImpersonateLoggedOnUser
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
GetUserNameW
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
GetUserNameA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid

kernel32

GetVersion
SetErrorMode
MultiByteToWideChar
GetWindowsDirectoryA
GetCurrentDirectoryA
GetWindowsDirectoryW
GetCurrentDirectoryW
ResetEvent
SetEvent
GetCurrentThreadId
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
FindCloseChangeNotification
FindNextChangeNotification
GetProcAddress
GetModuleHandleA
ReadFile
WriteFile
FlushFileBuffers
SetFilePointer
SetEndOfFile
LockFileEx
UnlockFileEx
SetProcessWorkingSetSize
GetProcessWorkingSetSize
GetCurrentProcess
DeviceIoControl
SetFileTime
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetModuleFileNameW
CompareStringW
FindNextFileW
CreateFileW
FindFirstChangeNotificationW
DeleteFileW
MoveFileW
RemoveDirectoryW
CreateDirectoryW
GetVolumeInformationW
SetFileAttributesW
FindFirstFileW
GetTempPathW
GetDriveTypeW
GetDiskFreeSpaceW
GetCompressedFileSizeW
GetFileInformationByHandle
MoveFileExW
GetModuleFileNameA
WideCharToMultiByte
CompareStringA
CreateFileA
FindFirstChangeNotificationA
DeleteFileA
MoveFileA
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
GetDiskFreeSpaceA
GetVolumeInformationA
WritePrivateProfileStringA
GetShortPathNameA
FindNextFileA
GetTempPathA
FindFirstFileA
EnumResourceLanguagesW
LockResource
LoadResource
FindResourceExW
ExitThread
LoadLibraryA
GetCurrentThread
GetSystemDefaultLangID
EnumResourceNamesW
SetFileApisToANSI
GetSystemTimeAsFileTime
GetTimeZoneInformation
BackupRead
BackupWrite
GetFileTime
GetFileAttributesW
LocalFree
FormatMessageW
FormatMessageA
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
SetThreadPriority
GetThreadPriority
TerminateThread
InterlockedIncrement
InterlockedDecrement
GetThreadLocale
GetACP
SetCurrentDirectoryW
GetTempFileNameW
GetLogicalDriveStringsW
GetSystemDirectoryW
GetShortPathNameW
CopyFileW
GetFullPathNameW
OutputDebugStringW
LoadLibraryW
LoadLibraryExW
CreateProcessW
GetStartupInfoW
GetComputerNameW
SetComputerNameW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
WriteConsoleW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetSystemInfo
WriteConsoleA
GetConsoleOutputCP
SetCurrentDirectoryA
LocalAlloc
GetTempFileNameA
GetLogicalDriveStringsA
GetSystemDirectoryA
GetFileAttributesA
CopyFileA
GetFullPathNameA
OutputDebugStringA
ExpandEnvironmentStringsA
LoadLibraryExA
CreateProcessA
GetStartupInfoA
GetComputerNameA
SetComputerNameA
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetNumberFormatA
GetEnvironmentVariableA
SetEnvironmentVariableA
GetStdHandle
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
GetLocalTime
GetUserDefaultLangID
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
VirtualProtect
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
IsBadWritePtr
VirtualAlloc
VirtualQuery
InterlockedExchange
HeapSize
SetUnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
CreateThread
RaiseException
RtlUnwind
GetVersionExA
GetCommandLineA
GetLogicalDrives
GetLastError
GetDriveTypeA
FindClose
GetExitCodeProcess
CloseHandle
ExpandEnvironmentStringsW

user32

DispatchMessageA
TranslateMessage
DefWindowProcA
CharUpperBuffW
IsCharAlphaW
DestroyWindow
RegisterClassA
GetMessageA
CreateWindowExA
RegisterClassExA
RegisterClassExW
DefWindowProcW
GetWindowLongW
GetClassInfoA
CharUpperBuffA
SetWindowLongW
SendMessageW
SendNotifyMessageW
PostMessageW
IsCharAlphaNumericW
wsprintfW
VkKeyScanExA
VkKeyScanA
WinHelpA
GetClipboardFormatNameA
SystemParametersInfoA
SetWindowTextA
ModifyMenuA
AppendMenuA
RegisterClipboardFormatA
PeekMessageA
CreateDialogIndirectParamA
PostMessageA
SendNotifyMessageA
SendMessageA
SetWindowLongA
GetWindowLongA
WinHelpW
VkKeyScanExW
VkKeyScanW
SystemParametersInfoW
SetWindowTextW
ModifyMenuW
AppendMenuW
GetClipboardFormatNameW
RegisterClipboardFormatW
DispatchMessageW
PeekMessageW
CreateDialogIndirectParamW

gdi32

CreateFontIndirectW
EnumFontFamiliesExW
GetTextMetricsA
CreateFontIndirectA
EnumFontFamiliesExA
GetTextMetricsW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoA
Shell_NotifyIconA
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder

comdlg32

GetSaveFileNameW
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW

mpr

WNetAddConnection3A
WNetGetUniversalNameA
WNetAddConnection3W
WNetGetUniversalNameW

ole32

CoInitialize
OleInitialize
CoCreateInstance
OleUninitialize
CoUninitialize

rpcrt4

UuidCreate

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 576KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b948962c92d2945777269701d6007f0f

Headers

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

shell32

comdlg32

mpr

ole32

rpcrt4

version

Sections

.text Size: 576KB - Virtual size: 572KB

.rdata Size: 332KB - Virtual size: 328KB

.data Size: 28KB - Virtual size: 39KB

.tls Size: 4KB - Virtual size: 13B

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 60KB - Virtual size: 58KB

.text
Size: 576KB - Virtual size: 572KB

.rdata
Size: 332KB - Virtual size: 328KB

.data
Size: 28KB - Virtual size: 39KB

.tls
Size: 4KB - Virtual size: 13B

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 60KB - Virtual size: 58KB