5b115ea109dbf8e544900233d6147a179b4909be5bcf1159abb594ad3e272ce6

Sharing

Copy URL

Twitter E-mail

General

Target

5b115ea109dbf8e544900233d6147a179b4909be5bcf1159abb594ad3e272ce6
Size

113KB
MD5

45b3273f12bc83726743d90f4d62e100
SHA1

85da9c8630b48fca68849323eb469857fb93829a
SHA256

5b115ea109dbf8e544900233d6147a179b4909be5bcf1159abb594ad3e272ce6
SHA512

e19aca6b4095b18b8d734b8ee4ad39b6a574689d59726f63db28b20be52a2815091ef0b87c64fdaa37c14c0818e93ed5cfe0f333b646347e9eef1d72c768be4d
SSDEEP

3072:aQoWLRFBEZq5rCKUEKZ/KpLIZz4y58Uw:aQoSpEZqcRZ/iLIay

Score

N/A

Malware Config

Signatures

Files

5b115ea109dbf8e544900233d6147a179b4909be5bcf1159abb594ad3e272ce6
.exe windows x86

6d97c9d8e6c644de2fea347ac16ff155

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

authz

AuthzInitializeContextFromSid
AuthzAddSidsToContext

kernel32

OpenSemaphoreW
GetVolumeNameForVolumeMountPointW
InterlockedIncrement
WriteConsoleA
LoadLibraryExA
ReadFile
QueryDosDeviceA
CreateMailslotW
GetCurrentDirectoryW
VirtualQueryEx
CreateJobObjectA
FindResourceW
LoadLibraryA
SetCurrentDirectoryW
VirtualProtect
VirtualAlloc
DeleteFileW
FindAtomA
FindClose
WaitForSingleObject
DeleteFileA
FreeConsole
GetCurrentThread
TlsGetValue
OpenFileMappingA

certcli

CAEnumFirstCA
CACloseCA
CAEnumNextCA

cmutil

CmMalloc
CmRealloc
CmFree
CmMoveMemory

user32

PeekMessageW
FindWindowA
GetPropW
DrawStateW
GetClassLongA
DialogBoxParamW
LoadCursorW
LoadMenuW
CreateWindowExA
IsCharLowerA
InsertMenuA
PostMessageA
CharToOemA
LoadBitmapA
GetMessageW

advapi32

RegOpenKeyW
InitializeAcl
RegLoadKeyA
CryptSignHashA
RegCreateKeyExW
RegDeleteValueA
RegRestoreKeyA
RegSaveKeyA
RegUnLoadKeyW
GetUserNameW
RegCloseKey

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rlo�
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d97c9d8e6c644de2fea347ac16ff155

Headers

DLL Characteristics

File Characteristics

Imports

authz

kernel32

certcli

cmutil

user32

advapi32

Sections

.text Size: 26KB - Virtual size: 26KB

.kdata Size: 2KB - Virtual size: 2KB

.adata Size: 75KB - Virtual size: 74KB

.rsrc Size: 5KB - Virtual size: 4KB

.rlo� Size: 3KB - Virtual size: 3KB

.text
Size: 26KB - Virtual size: 26KB

.kdata
Size: 2KB - Virtual size: 2KB

.adata
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 5KB - Virtual size: 4KB

.rlo�
Size: 3KB - Virtual size: 3KB