7949be1acd26810335397df8acb97b359b889de153432ae7c629ef02e30cfc2d

Sharing

Copy URL Twitter E-mail

General

Target

7949be1acd26810335397df8acb97b359b889de153432ae7c629ef02e30cfc2d
Size

340KB
MD5

07146934e618aa8daa179c9292a67930
SHA1

11d831d0ef0c0e318f9d085162390bfa9d087c8f
SHA256

7949be1acd26810335397df8acb97b359b889de153432ae7c629ef02e30cfc2d
SHA512

04d88893a0c0dfc6f6f216f134da28e9f86fca805b3ac328ece31c3afd8e3d9866c81dc9b8a79645b62723689eecaa3c01a4fc46ee4c09ca8430810ecc913e49
SSDEEP

6144:j+eO1wuOtjE9aC1n6Dohnhdi80pv3q7i2betmZHmRESG:jBFuOtA9aC1nsgY/q7tesHm2

Score

N/A

Malware Config

Signatures

Files

7949be1acd26810335397df8acb97b359b889de153432ae7c629ef02e30cfc2d
.exe windows x86

43ba16e3eb243dd395055efb130538c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFolderPathA
SHGetMalloc

user32

MessageBoxA
FindWindowExA
CharUpperW
FindWindowA
LoadStringA
wsprintfA
CharLowerA
GetSystemMetrics
CharUpperA
CharLowerW
PostMessageA
RegisterWindowMessageA
UnregisterClassA
CharToOemA

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

setupapi

SetupOpenInfFileA
SetupInstallServicesFromInfSectionA
SetupInstallFromInfSectionA

advapi32

QueryServiceStatus
RegFlushKey
RegEnumValueA
OpenSCManagerA
RegCreateKeyExA
RegQueryValueExA
ImpersonateSelf
CloseServiceHandle
StartServiceA
DeleteService
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RevertToSelf
OpenServiceA
RegCloseKey
RegQueryInfoKeyA
RegSetValueExA
ControlService
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

LoadLibraryExA
GetFileType
FreeEnvironmentStringsW
GetSystemInfo
GetACP
SetStdHandle
lstrlenW
CreateFileA
FindClose
FreeResource
FreeLibrary
VirtualFree
WideCharToMultiByte
FlushFileBuffers
ReadFile
FatalAppExitA
GetCurrentThreadId
GetSystemTimeAsFileTime
VirtualProtect
FindNextFileA
LoadResource
CompareStringW
RaiseException
FindFirstFileA
IsValidCodePage
HeapFree
GetModuleHandleA
RtlUnwind
IsBadCodePtr
GetLocalTime
VirtualAlloc
GetTimeZoneInformation
GetThreadLocale
lstrcmpiW
SetEnvironmentVariableA
DeleteFileA
TlsGetValue
OpenProcess
ReleaseMutex
RemoveDirectoryA
CompareStringA
CreateProcessA
SetConsoleCtrlHandler
SetHandleCount
SetUnhandledExceptionFilter
lstrlenA
LoadLibraryExW
TlsFree
SetPriorityClass
SetThreadPriority
HeapDestroy
HeapSize
CloseHandle
lstrcmpiA
HeapAlloc
HeapReAlloc
FindResourceExA
GetStringTypeExW
DeleteCriticalSection
WaitForSingleObject
OpenEventA
GetOEMCP
EnumSystemLocalesA
VirtualQuery
WriteFile
FormatMessageA
GetTimeFormatA
TlsAlloc
SetFilePointer
EnterCriticalSection
CreateMutexA
SetLastError
UnhandledExceptionFilter
LCMapStringW
SetFileAttributesA
GetDateFormatA
SizeofResource
ResumeThread
GetTempPathA
GetCommandLineA
TlsSetValue
GetStdHandle
GetUserDefaultLCID
MoveFileExA
LocalFree
GetCurrentDirectoryA
LockResource
GetSystemDirectoryA
LCMapStringA
GetPrivateProfileStringA
GetWindowsDirectoryA
SetEndOfFile
IsValidLocale
FreeEnvironmentStringsA
GetProcessHeap
GetStringTypeExA
LeaveCriticalSection
GetCurrentProcess
VirtualAllocEx

atmlib

ATMFinish
ATMGetNtmFields
ATMRemoveFontA
ATMGetNtmFieldsW
ATMRemoveSubstFontA
ATMGetFontInfoA
ATMGetOutlineA

gpedit

CreateGPOLink

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43ba16e3eb243dd395055efb130538c9

Headers

File Characteristics

Imports

shell32

user32

psapi

setupapi

advapi32

ole32

kernel32

atmlib

gpedit

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 312KB - Virtual size: 1.2MB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 312KB - Virtual size: 1.2MB

.rsrc
Size: 5KB - Virtual size: 4KB