55c1e9291aa739d068ab91bd8fb875433fd3905439a6551753e1d9ee181e760d

Sharing

Copy URL Twitter E-mail

General

Target

55c1e9291aa739d068ab91bd8fb875433fd3905439a6551753e1d9ee181e760d
Size

224KB
MD5

a2e16fb657d23fee98ae3be4efa42483
SHA1

0e301fda60284fcbda952a2996991408ac7dd696
SHA256

55c1e9291aa739d068ab91bd8fb875433fd3905439a6551753e1d9ee181e760d
SHA512

748f934c1c72db9f2876af84541fcd1fa2dd284d5e0a876e8ff49bf411110073e0fa475edaec5388321488b88fa6fb3726241e9743b627013619ff4d6e113892
SSDEEP

6144:64mpP7kUlB2eIs63TU72BGLLFTIai9CEzhJ8JCY0:64mpP7kUl364qBLnNJQp

Score

N/A

Malware Config

Signatures

Files

55c1e9291aa739d068ab91bd8fb875433fd3905439a6551753e1d9ee181e760d
.exe windows x86

eb1a7e7821835251b6b8b1ac1dee1554

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleInitialize
OleSetContainedObject

ws2_32

connect
accept
closesocket
bind
socket
gethostbyname
sendto
getsockname
shutdown
gethostname
setsockopt

advapi32

GetUserNameA

clusapi

AddClusterResourceDependency
BackupClusterDatabase
ChangeClusterResourceGroup
CloseClusterGroup
CloseClusterNetInterface
CloseClusterNetwork
CloseClusterNotifyPort
ClusterControl
ClusterEnum
ClusterGetEnumCount
ClusterGroupCloseEnum
ClusterGroupControl
ClusterGroupEnum
ClusterGroupGetEnumCount
ClusterGroupOpenEnum
CloseClusterResource
ClusterRegEnumValue
SetClusterServiceAccountPassword
SetClusterQuorumResource
SetClusterNetworkPriorityOrder
SetClusterNetworkName
SetClusterName
SetClusterGroupNodeList
SetClusterGroupName
ResumeClusterNode
RestoreClusterDatabase
RemoveClusterResourceNode
RemoveClusterResourceDependency
RegisterClusterNotify
PauseClusterNode
OpenClusterResource
OpenClusterNode
OpenClusterNetwork
OpenClusterNetInterface
OpenClusterGroup
OfflineClusterResource
OfflineClusterGroup
MoveClusterGroup
GetNodeClusterState
GetClusterResourceTypeKey
GetClusterResourceState
GetClusterResourceNetworkName
GetClusterResourceKey
GetClusterQuorumResource
GetClusterNotify
GetClusterNodeState
GetClusterNodeKey
GetClusterNodeId
GetClusterNetworkState
GetClusterNetworkKey
GetClusterNetworkId
GetClusterNetInterfaceState
GetClusterNetInterfaceKey
GetClusterNetInterface
GetClusterKey
GetClusterInformation
GetClusterFromResource
GetClusterFromNode
GetClusterFromNetwork
GetClusterFromNetInterface
GetClusterFromGroup
FailClusterResource
EvictClusterNodeEx
EvictClusterNode
CreateClusterResourceType
CreateClusterResource
CreateClusterNotifyPort
CreateClusterGroup
ClusterResourceTypeOpenEnum
ClusterResourceTypeEnum
ClusterResourceTypeControl
ClusterResourceTypeCloseEnum
ClusterResourceOpenEnum
ClusterResourceGetEnumCount
ClusterResourceEnum
ClusterResourceControl
ClusterResourceCloseEnum
ClusterRegSetValue
ClusterRegSetKeySecurity
ClusterRegQueryValue
ClusterRegQueryInfoKey
ClusterRegOpenKey
ClusterRegGetKeySecurity
ClusterNetInterfaceControl
ClusterRegEnumKey
ClusterRegDeleteKey
ClusterRegCreateKey
ClusterOpenEnum
ClusterNodeOpenEnum
ClusterNetworkOpenEnum
ClusterNetworkGetEnumCount
ClusterNetworkEnum
ClusterNetworkControl
ClusterNetworkCloseEnum

cryptui

CryptUIWizImport
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIDlgSelectCertificateFromStore
CryptUIWizFreeDigitalSignContext

dciman32

DCISetClipList
DCISetDestination
DCISetSrcDestClip
DCIOpenProvider
WinWatchGetClipList
WinWatchNotify
WinWatchOpen
DCIDestroy
DCICreatePrimary
DCICreateOverlay
DCIBeginAccess
GetDCRegionData

msvcrt

free
malloc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
memset

kernel32

GetStartupInfoA
GetModuleHandleA
CreateEventA
WaitForSingleObject
ResetEvent
PulseEvent
VirtualProtect
SetTapePosition
LoadLibraryA
GetCurrentProcess
SetEvent
InterlockedIncrement
InterlockedCompareExchange
WaitForMultipleObjects
GetEnvironmentVariableA
GetShortPathNameA
CopyFileA
GetFileAttributesA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb1a7e7821835251b6b8b1ac1dee1554

Headers

DLL Characteristics

File Characteristics

Imports

ole32

ws2_32

advapi32

clusapi

cryptui

dciman32

msvcrt

kernel32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 76KB - Virtual size: 611KB

.rsrc Size: 4KB - Virtual size: 448B

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 76KB - Virtual size: 611KB

.rsrc
Size: 4KB - Virtual size: 448B