43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d

General

Target

43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d
Size

97KB
MD5

3be315046348568a36b8976f64ce7297
SHA1

96f95f161f01926928dec5560a5a1c5094e4e6a2
SHA256

43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d
SHA512

d5857f4aa8ddf34334de82f182065a1cb80fc0f17d75620a3677aa6225b3024cf1472fab23ac8f88b0096336dd0845bdfe36270c49ade99d124585a133b5f74a
SSDEEP

3072:7y+EGGxgfhI/5KOEwvDRRVkT6KsFDfTG:7JhyuhIBpRRVgsFH

Score

N/A

Malware Config

Signatures

Files

43509f678cd6d6f3ea2d6a8fb86ffbd7b7bca5ee8d4a14be763770769417de5d
.exe windows x86

b6fb15fe502613a6c7f02bd1bdfea8a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSEnumerateSessionsA
WTSWaitSystemEvent
WTSFreeMemory
WTSVirtualChannelPurgeInput
WTSEnumerateProcessesA
WTSLogoffSession
WTSSendMessageA
WTSOpenServerA
WTSCloseServer
WTSEnumerateServersA
WTSQuerySessionInformationA
WTSRegisterSessionNotification
WTSQueryUserToken

kernel32

CopyFileA
IsBadStringPtrA
OpenJobObjectA
GetDiskFreeSpaceA
Heap32First
GetNumberFormatA
WriteFile
GetFileSize
QueryDosDeviceA
CreateMutexW
GetProcAddress
FileTimeToSystemTime
GetStartupInfoA
CloseHandle
CreateFileA
ReplaceFileA
ReadFile
WaitForSingleObjectEx
OpenMutexA
CreateHardLinkA
GetProcessHeap
GetExpandedNameW
InterlockedDecrement
GetTickCount
DeleteFileW
MoveFileExA
GetLogicalDriveStringsA
OpenEventW
GetLocaleInfoA
TlsGetValue
SetEnvironmentVariableA
GetSystemDirectoryA
GetModuleHandleA
CompareStringW
CreateDirectoryA

eappcfg

EapHostPeerConfigBlob2Xml
EapHostPeerConfigXml2Blob

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6fb15fe502613a6c7f02bd1bdfea8a6

Headers

File Characteristics

Imports

wtsapi32

kernel32

eappcfg

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 432B

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 432B