7307b833fb3a98b873ddc3b249521574fd20e7d041cb74a4945aac4dbbf188b1

Sharing

Copy URL

Twitter E-mail

General

Target

7307b833fb3a98b873ddc3b249521574fd20e7d041cb74a4945aac4dbbf188b1
Size

816KB
MD5

750581b9602a29fa601cd4e8bef20236
SHA1

0b562a0775dbcbce5b78437448cb2c92d9dc04c1
SHA256

7307b833fb3a98b873ddc3b249521574fd20e7d041cb74a4945aac4dbbf188b1
SHA512

31717c7477f9c69b2a83c761944ecbf2b40a0e49b8c694341130b16951c7b37bbbb7783441f376a865fd8c7e6013a2480cfcc79e8558a5c5b272920fc3572155
SSDEEP

24576:UOw3rV0JQDe4WyRCMb24mI34186Rt0EpWiAcIXeQp5YIe:UX3ZDxWyRCMxID3X3AcIXeq5YI

Score

N/A

Malware Config

Signatures

Files

7307b833fb3a98b873ddc3b249521574fd20e7d041cb74a4945aac4dbbf188b1
.exe windows x86

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

secur32

LsaFreeReturnBuffer
InitSecurityInterfaceW
DecryptMessage
FreeCredentialsHandle
LsaLogonUser
LsaLookupAuthenticationPackage
LsaConnectUntrusted
LsaUnregisterPolicyChangeNotification
QuerySecurityContextToken
FreeContextBuffer
LsaRegisterPolicyChangeNotification
ApplyControlToken
QuerySecurityPackageInfoW
InitializeSecurityContextW
GetUserNameExW

advapi32

GetSidSubAuthorityCount
AreAnyAccessesGranted
CryptGenKey
AddAccessAllowedObjectAce
IsTokenRestricted
CryptGetUserKey
RegSetValueExW
BuildExplicitAccessWithNameA
InitializeAcl
GetTokenInformation
LsaClose
InitializeSid
RegRestoreKeyW
ConvertStringSidToSidW
SystemFunction031
OpenThreadToken
RegCreateKeyExA
CryptHashSessionKey
EnumServicesStatusW
SetThreadToken
CryptGetHashParam
GetSecurityDescriptorGroup
CloseEncryptedFileRaw
QueryServiceLockStatusA
RegisterTraceGuidsW
CryptSetProvParam
LsaFreeMemory
RegQueryValueExW
GetLengthSid
ChangeServiceConfigW
RegisterServiceCtrlHandlerW
EnumServicesStatusExW
GetTraceLoggerHandle
QueryServiceConfig2W
CopySid

kernel32

VirtualAlloc
GetModuleHandleW
GetModuleHandleA
GetConsoleWindow
GetWriteWatch
GetCurrentThread
FindFirstVolumeW
Process32Next
GetCurrentProcessId
OpenThread
WaitForSingleObjectEx
SystemTimeToTzSpecificLocalTime
ReadConsoleOutputA
MulDiv
ConvertThreadToFiber
WriteConsoleW
GetCurrentThreadId
VirtualFree
EraseTape
ReleaseSemaphore
GetCurrentProcess

uxtheme

GetThemeColor
GetThemeSysFont
CloseThemeData
SetWindowTheme
IsThemePartDefined
GetThemeBool
GetThemeSysColor
GetThemeBackgroundExtent
GetThemeAppProperties
GetThemeSysString
IsThemeBackgroundPartiallyTransparent
IsThemeActive

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 96KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 84KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 124KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 96KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 124KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f1688c75dcc1bb1b1c9b7535e944294

Headers

DLL Characteristics

File Characteristics

Imports

secur32

advapi32

kernel32

uxtheme

Sections

.text Size: 96KB - Virtual size: 94KB

.itext Size: 96KB - Virtual size: 122KB

.data Size: 76KB - Virtual size: 137KB

.bss Size: 84KB - Virtual size: 113KB

.idata Size: 124KB - Virtual size: 156KB

.didata Size: 96KB - Virtual size: 148KB

.tls Size: 124KB - Virtual size: 165KB

.rdata Size: 112KB - Virtual size: 154KB

.reloc Size: 4KB - Virtual size: 748B

.text
Size: 96KB - Virtual size: 94KB

.itext
Size: 96KB - Virtual size: 122KB

.data
Size: 76KB - Virtual size: 137KB

.bss
Size: 84KB - Virtual size: 113KB

.idata
Size: 124KB - Virtual size: 156KB

.didata
Size: 96KB - Virtual size: 148KB

.tls
Size: 124KB - Virtual size: 165KB

.rdata
Size: 112KB - Virtual size: 154KB

.reloc
Size: 4KB - Virtual size: 748B