ac71bb261b81656392a8776c10519401f22e37028b1205ad5f42e562e6f202b4

Sharing

Copy URL

Twitter E-mail

General

Target

ac71bb261b81656392a8776c10519401f22e37028b1205ad5f42e562e6f202b4
Size

936KB
MD5

745c70253d281b8168b23502f7575b30
SHA1

27158af789f59384ee40d6e348f380d05ccb854e
SHA256

ac71bb261b81656392a8776c10519401f22e37028b1205ad5f42e562e6f202b4
SHA512

33d48e33ac0f81b91b07deabd99ea3749460d2ac4b36393819530f9298916f80c70eb81e4b9ce0944ed67d4812175c66a897da40e082cfae6fe04ca49cc1e574
SSDEEP

12288:oXdOdDw+HlUGrcHx925hQVMbk2jgLI80TnzzEe+lZFl80eLtNycYt:oK/Hlf4EhQVMXjgLG/zEe+lZFS0epZY

Score

N/A

Malware Config

Signatures

Files

ac71bb261b81656392a8776c10519401f22e37028b1205ad5f42e562e6f202b4
.exe windows x86

d10689d514eda0f306ba8bc8afbaa3b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

mciDriverNotify
PlaySoundW
mixerGetLineControlsA
waveInOpen
timeGetTime
waveInGetPosition
waveOutUnprepareHeader
midiOutGetNumDevs
midiStreamClose
mixerGetLineControlsW
waveInGetID

netapi32

NetUserGetLocalGroups
NetServerGetInfo
NetFileEnum
NetGetDCName
NetApiBufferAllocate
NetQueryDisplayInformation
NetWkstaUserGetInfo
I_NetServerAuthenticate
NetShareAdd
NetUseAdd
NetUnjoinDomain
NetLocalGroupDel
NetGroupDelUser
NetGroupAddUser

advapi32

AreAnyAccessesGranted
IsWellKnownSid
GetCurrentHwProfileA
GetNumberOfEventLogRecords
RegSetKeySecurity
GetSecurityInfo
AddAccessAllowedAce
CloseTrace
GetKernelObjectSecurity
EnumServicesStatusA
LsaOpenPolicy
RegEnumKeyExW

setupapi

CM_Locate_DevNode_ExW
SetupQueueCopyIndirectW
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInterfaceDetailW
CM_Enumerate_Classes
SetupDiSetDeviceInstallParamsA
SetupDiCreateDeviceInfoA

kernel32

SetConsoleDisplayMode
VirtualAlloc
GetVersionExA
GetVolumeNameForVolumeMountPointA
InitAtomTable
VerSetConditionMask
IsBadCodePtr
SetCurrentDirectoryW
GetCommTimeouts
GetPrivateProfileSectionW
SetFilePointerEx
IsBadStringPtrA
GetStringTypeW
Process32First
GetVolumeInformationW
GetLargestConsoleWindowSize
SetupComm
OpenSemaphoreW

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 720KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d10689d514eda0f306ba8bc8afbaa3b7

Headers

DLL Characteristics

File Characteristics

Imports

winmm

netapi32

advapi32

setupapi

kernel32

Sections

.text Size: 64KB - Virtual size: 62KB

.sdata Size: 720KB - Virtual size: 1.1MB

.rsrc Size: 144KB - Virtual size: 141KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 64KB - Virtual size: 62KB

.sdata
Size: 720KB - Virtual size: 1.1MB

.rsrc
Size: 144KB - Virtual size: 141KB

.reloc
Size: 4KB - Virtual size: 1KB