f0106f8b7b0943922701feadbca761fe39b96e0f314b3a0c4c57678e95904884

Sharing

Copy URL Twitter E-mail

General

Target

f0106f8b7b0943922701feadbca761fe39b96e0f314b3a0c4c57678e95904884
Size

437KB
MD5

ea3db194f52e93d7b0628f46ab3d5ab7
SHA1

aa6c597ecf8ffe93ae8361302518bb4248bfc1b7
SHA256

f0106f8b7b0943922701feadbca761fe39b96e0f314b3a0c4c57678e95904884
SHA512

988caf608de86546330f752bcbaab2efdbe677ef3e9912bf81d69b55be67dcd682277a2635bf999fed158d2aac1d43ba32badc21e9ef098857b2ed9f688b9c37
SSDEEP

6144:8MWln2EhvTr5CFcLmA2UvzgPzxyqj+mWIedHU9qr:8MWlnBhXMFcLjNL2yfmWb

Score

N/A

Malware Config

Signatures

Files

f0106f8b7b0943922701feadbca761fe39b96e0f314b3a0c4c57678e95904884
.exe windows x86

bf0d178283e993f949d954e2f5844f40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW

msi

ord178
ord148
ord77
ord179
ord150
ord78
ord8

kernel32

SetEnvironmentVariableW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
CreateFileW
GetVersionExA
lstrcmpA
lstrlenA
GetLastError
CloseHandle
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileSectionA
GetFileAttributesA
GetFullPathNameA
GetSystemDirectoryA
GetExitCodeProcess
CreateProcessA
lstrcmpiA
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA
GetCommandLineA
FindClose
FindNextFileA
FindFirstFileA
GetSystemDefaultLangID
GetUserDefaultLangID
lstrcmpW
lstrlenW
LoadLibraryW
GetPrivateProfileSectionW
GetFileAttributesW
GetFullPathNameW
GetSystemDirectoryW
CreateProcessW
lstrcmpiW
CreateMutexW
CreateFileMappingW
GetModuleFileNameW
GetCommandLineW
FindNextFileW
FindFirstFileW
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
HeapFree
DeleteFileA
DeleteFileW
GetStartupInfoA
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
WideCharToMultiByte
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetHandleCount
GetFileType
ReadFile
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetConsoleCtrlHandler
GetLocaleInfoW
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InitializeCriticalSectionAndSpinCount
InterlockedExchange
CreateFileA
HeapSize

user32

PeekMessageA
LoadStringW
MessageBoxW
CharNextW
PeekMessageW
DispatchMessageW
LoadStringA
MessageBoxA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
CharNextA

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf0d178283e993f949d954e2f5844f40

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msi

kernel32

user32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 222KB - Virtual size: 222KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 222KB - Virtual size: 222KB