ce07767234a78ef738ccc73f441a2af3c67a006e7b96c19d54f55d3788aaee90

Sharing

Copy URL

Twitter E-mail

General

Target

ce07767234a78ef738ccc73f441a2af3c67a006e7b96c19d54f55d3788aaee90
Size

150KB
MD5

d203b406f497161eeaa6431038b3273d
SHA1

0b07719f4657d31132b8ba80c3dca864a8c2e784
SHA256

ce07767234a78ef738ccc73f441a2af3c67a006e7b96c19d54f55d3788aaee90
SHA512

060a13d1507cbb1adbf700d9f081cd961adeb27be26c9a187b8b59f5a88a0389ab2b401b966496daad953edb8619675a98fd577dd0e87962162d40fbc0369760
SSDEEP

3072:Xs7c2VFa1bHk8vdIYJxgqLWcUJlx+SPeOQbj6uOTEDqYO/aamofo6z:87c8kzBvdIoxLW1mSsbbOT5/aamD2

Score

N/A

Malware Config

Signatures

Files

ce07767234a78ef738ccc73f441a2af3c67a006e7b96c19d54f55d3788aaee90
.exe windows x86

3ee621f86bd119700d7aa12cba17936b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_amsg_exit
_ftol
_commit
_isatty
wcschr
srand
_rotl
_write
_vsnprintf
_access
_rotr
__p__iob
_CIacos
tolower
__p__osver
malloc
fread
ctime

user32

IsIconic
ExitWindowsEx
CheckRadioButton
InvalidateRect
CharLowerW
SetFocus
EqualRect
DialogBoxParamW
GetWindow
PostQuitMessage
SetWindowLongW
GetWindowTextW
GetWindowTextLengthW
DrawTextW
PostMessageW
GetWindowLongW
CallNextHookEx
GetFocus
GetClassNameW
SetWindowTextA
GetDlgItemTextW
EnumChildWindows
CharNextA
EnableMenuItem
SendDlgItemMessageW
GetParent
GetClassNameA
CallWindowProcW

kernel32

GetFileSize
ExpandEnvironmentStringsW
GetVersionExA
IsBadReadPtr
GetEnvironmentStringsW
SetFileAttributesA
ResetEvent
FileTimeToLocalFileTime
IsBadWritePtr
CreateDirectoryW
VirtualAlloc
InitializeCriticalSection
WaitForMultipleObjects
GetCommandLineA
GetWindowsDirectoryW
GetModuleHandleW
GetVersionExW
GlobalUnlock
GetVersion
GetCurrentProcessId
QueryPerformanceCounter
GetSystemTimeAsFileTime
lstrcmpiA
lstrcatW
GetTickCount
GetConsoleMode
CompareStringA
HeapReAlloc
GetFileAttributesA
GetProcessHeap
VirtualQuery
FindFirstFileW
FindNextFileA
DeleteFileW
FindResourceA
CreateProcessW
UnhandledExceptionFilter
CreateFileMappingW
OutputDebugStringA
DeleteCriticalSection
LoadLibraryExW
MapViewOfFile
WriteConsoleW
LockResource
GetLastError
FindNextFileW
ExitProcess

advapi32

GetSecurityDescriptorLength
AdjustTokenPrivileges
GetSecurityDescriptorOwner
RegSetValueExA
QueryServiceStatus
MakeSelfRelativeSD
GetSecurityDescriptorDacl
SetServiceStatus
GetAclInformation
GetTraceEnableLevel
CryptAcquireContextA
RegQueryValueA
RegEnumValueW
IsValidSecurityDescriptor
RegCreateKeyA
InitializeSecurityDescriptor
GetSidSubAuthorityCount
RegEnumKeyExW
GetSecurityDescriptorControl
RegQueryValueExW
RegOpenKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegSetValueExW
RegQueryValueW
CryptGenRandom
AddAce
OpenSCManagerW
GetUserNameW
QueryServiceConfigW
RegQueryInfoKeyW
GetTraceEnableFlags
CryptCreateHash
DuplicateTokenEx
StartServiceW
UnlockServiceDatabase
LsaQueryInformationPolicy
LsaClose

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 137B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbss
Size: 512B - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ee621f86bd119700d7aa12cba17936b

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

Sections

.text Size: 136KB - Virtual size: 135KB

.tls Size: 512B - Virtual size: 137B

.textbss Size: 512B - Virtual size: 126KB

BSS Size: 512B - Virtual size: 76B

.bss Size: 512B - Virtual size: 109B

.bss Size: 512B - Virtual size: 97B

.tls Size: 512B - Virtual size: 37KB

.tls Size: 512B - Virtual size: 77B

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 136KB - Virtual size: 135KB

.tls
Size: 512B - Virtual size: 137B

.textbss
Size: 512B - Virtual size: 126KB

BSS
Size: 512B - Virtual size: 76B

.bss
Size: 512B - Virtual size: 109B

.bss
Size: 512B - Virtual size: 97B

.tls
Size: 512B - Virtual size: 37KB

.tls
Size: 512B - Virtual size: 77B

.rsrc
Size: 9KB - Virtual size: 9KB