3248ed80d464d017134b152c76addea4623ba1e66a93552af8217e357ef31ea2

General

Target

3248ed80d464d017134b152c76addea4623ba1e66a93552af8217e357ef31ea2
Size

550KB
MD5

52a1b847b3fbc005a69bad612bdafc07
SHA1

add3d2197eba8689ddf2a1e3dce75820625dea83
SHA256

3248ed80d464d017134b152c76addea4623ba1e66a93552af8217e357ef31ea2
SHA512

16c80fd2fcd25e67f06262f0853cab0e9e5b700fbec7a5a3868b3079183036615ea0f4fd39f8451035f19dbdc197a1019fc4aa3773553955c57f097cb69cf8f1
SSDEEP

12288:+arsDDuz5OvaKfuNpFrNUNG1iOtL6o8SGI/BbOqDeAi/G/k3Eu:hsDyt0alxUNGdJ6/SGI5bOqq7m8E

Score

N/A

Malware Config

Signatures

Files

3248ed80d464d017134b152c76addea4623ba1e66a93552af8217e357ef31ea2
.exe windows x86

bd1d52638abea94dd7fb535ac56d586e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

MakeSelfRelativeSD
CryptGenRandom
UnlockServiceDatabase
RegOpenUserClassesRoot
GetSidLengthRequired
RegConnectRegistryW
AddAuditAccessObjectAce
RegSetValueExA
GetKernelObjectSecurity
GetSidSubAuthorityCount
RegQueryValueExA
CryptGetProvParam
CopySid

tapi32

lineInitializeExW
lineGetDevCaps
lineGetLineDevStatusA
lineGetDevCapsW
lineInitializeExA
lineConfigDialog

rpcrt4

I_RpcMapWin32Status
RpcBindingSetAuthInfoExW
NdrClientCall2
NdrCStdStubBuffer2_Release
RpcBindingSetAuthInfoA
NdrMesTypeDecode2

kernel32

LoadLibraryA
VirtualAlloc
CancelIo
GetThreadPriority
GetNamedPipeHandleStateW
BeginUpdateResourceW
ReadConsoleOutputW

Sections

.BSS
Size: 512B - Virtual size: 219B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 474KB - Virtual size: 817KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd1d52638abea94dd7fb535ac56d586e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

tapi32

rpcrt4

kernel32

Sections

.BSS Size: 512B - Virtual size: 219B

.text Size: 14KB - Virtual size: 13KB

.data Size: 474KB - Virtual size: 817KB

.rsrc Size: 59KB - Virtual size: 59KB

.reloc Size: 512B - Virtual size: 124B

.BSS
Size: 512B - Virtual size: 219B

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 474KB - Virtual size: 817KB

.rsrc
Size: 59KB - Virtual size: 59KB

.reloc
Size: 512B - Virtual size: 124B