2f1fddcad157ff886106ff2205a3b82291ae2fedd52526da8d0c19684f727021

Sharing

Copy URL

Twitter E-mail

General

Target

2f1fddcad157ff886106ff2205a3b82291ae2fedd52526da8d0c19684f727021
Size

39KB
MD5

6ca72f4a8882bf012916dee92b634e6b
SHA1

b57cd4e9e641640b84fbeec42f8272b09b46b834
SHA256

2f1fddcad157ff886106ff2205a3b82291ae2fedd52526da8d0c19684f727021
SHA512

795e6cc2c03fe0a29f430bee4de243f38507a97f7d1b1b0ec1ae72e5ebab2d49b5f24f8152d034c46e890f5c55351d5a21cecb0411c5402c012c4bd8d6dbb381
SSDEEP

768:Tn56gczw2q5nSH3ax5rdToj+yjhThp5qRWWptlr1uBVEjjbnpn5z:dt4nKSKRdT9yHEWsqVcjb1t

Score

1^/10

Malware Config

Signatures

Files

2f1fddcad157ff886106ff2205a3b82291ae2fedd52526da8d0c19684f727021
.gz
sample
.exe windows x64

58373ffd0758633945b3da12825958c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysAllocString
SysFreeString

mpr

WNetCancelConnection2W
WNetCloseEnum
WNetOpenEnumW
WNetEnumResourceW
WNetAddConnection2W

msvcrt

_wfopen
_vsnwprintf
memset
fgetws
feof
fclose
_getch

shlwapi

StrChrW
StrStrIW
StrCmpNIW
StrCmpIW
StrStrIA
SHRegSetUSValueW

advapi32

LookupAccountSidW
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
StartServiceW
QueryServiceStatusEx
GetUserNameW
OpenServiceA
OpenSCManagerW
OpenSCManagerA
EnumServicesStatusA
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW

netapi32

NetGetJoinInformation
NetShareEnum
NetApiBufferFree
NetGetDCName

kernel32

CopyFileW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcpyA
AllocConsole
WriteConsoleW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
SetFileAttributesW
DeviceIoControl
lstrcmpiW
OpenProcess
lstrcmpiA
GetModuleFileNameW
GetTempPathW
CreateProcessW
GetSystemInfo
GlobalMemoryStatus
GetComputerNameW
GetStdHandle
GetCurrentProcessId
TerminateProcess
GetComputerNameA
lstrlenA
TlsAlloc
SetErrorMode
ExitProcess
GetCommandLineW
RtlVirtualUnwind
HeapAlloc
GetProcessHeap
lstrcpyW
lstrcatW
lstrlenW
FindClose
FindFirstFileW
FindNextFileW
GetVolumeInformationW
GetLastError
HeapFree
CreateFileW
WriteFile
CloseHandle
SetLastError
HeapReAlloc
GetDriveTypeW
WideCharToMultiByte
Sleep
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
SetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
CreateThread
GetTickCount64
CreateSemaphoreA
ResetEvent
TerminateThread
GetFileSizeEx
ReadFile
SetEndOfFile
SetFileInformationByHandle
SetFilePointerEx
TlsGetValue
TlsSetValue
DeleteFileW

activeds

ord9

user32

wsprintfW

ole32

CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx

ntdll

RtlGetVersion
ZwQuerySystemInformation
RtlGetNativeSystemInformation

shell32

CommandLineToArgvW
ord680

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58373ffd0758633945b3da12825958c0

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

mpr

msvcrt

shlwapi

advapi32

netapi32

kernel32

activeds

user32

ole32

ntdll

shell32

Sections

.text Size: 6KB - Virtual size: 6KB

.c Size: 25KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.r Size: 17KB - Virtual size: 17KB

.d Size: 16KB - Virtual size: 16KB

.text
Size: 6KB - Virtual size: 6KB

.c
Size: 25KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.r
Size: 17KB - Virtual size: 17KB

.d
Size: 16KB - Virtual size: 16KB