708b235324a03019d4ad9f4cef2cf01f201b49ddfda07a8f626a9778bb8a4807

Sharing

Copy URL Twitter E-mail

General

Target

708b235324a03019d4ad9f4cef2cf01f201b49ddfda07a8f626a9778bb8a4807
Size

600KB
MD5

6d6f34ee9b70a76bb7d5442b2cc30e50
SHA1

188855d4e050ac9c38e77c12b7daf4ab49a48f7c
SHA256

708b235324a03019d4ad9f4cef2cf01f201b49ddfda07a8f626a9778bb8a4807
SHA512

48e6bee964996c0a5525d7f4919679e62106db21bc9eb0f2e77287516b979af646a4613d912cac60541ace46644deb6e57339802248238ad4d779db69a97f354
SSDEEP

12288:v968Tty1W4nu62ru2TcuQFCeCqC2TGZKdVOeAKeh08+z3KEiqW:vZ2uZTTcpKNZwOvyne

Score

N/A

Malware Config

Signatures

Files

708b235324a03019d4ad9f4cef2cf01f201b49ddfda07a8f626a9778bb8a4807
.exe windows x86

df6534e51eaa21168425c91d0214ff80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSSendMessageA
WTSSetUserConfigA
WTSSetSessionInformationA
WTSOpenServerA
WTSCloseServer
WTSVirtualChannelRead
WTSEnumerateSessionsA
WTSVirtualChannelClose
WTSVirtualChannelOpen
WTSVirtualChannelPurgeInput

msimg32

AlphaBlend
vSetDdrawflag
GradientFill
TransparentBlt

azroles

AzFreeMemory
AzGetProperty
AzCloseHandle
AzGroupCreate

kernel32

CreateEventW
lstrcpynA
CompareStringA
lstrcmpiA
GetStringTypeA
GetComputerNameW
GetAtomNameW
CreateMutexA
InterlockedExchange
GetShortPathNameA
GetLocalTime
DeviceIoControl
lstrcmpiA
DeleteFileA
lstrcmpiA
GetProcAddress
InterlockedDecrement
GetConsoleTitleW
lstrcmpA
GetModuleHandleA
GetBinaryTypeW
GetLogicalDrives
FindResourceA
TlsGetValue
GetStdHandle

authz

AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzAddSidsToContext

user32

GetMessageW
DrawIcon
IsDialogMessageA
wsprintfA
GetCaretPos
LoadImageA
CharToOemA
PeekMessageA
DispatchMessageA
CreateWindowExA
GetWindowTextA
GetWindowLongA

shlwapi

PathCompactPathA
PathCommonPrefixA
UrlHashA
UrlCreateFromPathA
UrlGetPartA
UrlCombineA
UrlEscapeA
UrlGetLocationA
UrlIsA
UrlCanonicalizeA
UrlIsNoHistoryA
UrlIsOpaqueA
UrlUnescapeA
PathCombineA

certcli

CAEnumNextCA
CACloseCA

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 565KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df6534e51eaa21168425c91d0214ff80

Headers

File Characteristics

Imports

wtsapi32

msimg32

azroles

kernel32

authz

user32

shlwapi

certcli

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 565KB - Virtual size: 788KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 565KB - Virtual size: 788KB

.reloc
Size: 2KB - Virtual size: 2KB