7216bbd28e8b9dbc246b1fd61db88b4d2babafa7607b436de1cfc864a21a87ae

Sharing

Copy URL Twitter E-mail

General

Target

7216bbd28e8b9dbc246b1fd61db88b4d2babafa7607b436de1cfc864a21a87ae
Size

140KB
MD5

6666f23c550e2cd7b0e68e7b157e023a
SHA1

df37b73c397f58df3ee6bae4d79cd1c3daa8c992
SHA256

7216bbd28e8b9dbc246b1fd61db88b4d2babafa7607b436de1cfc864a21a87ae
SHA512

07b0914f0d5c5afdde2cc927f6c079fc3bc17b5ec5134322c65c85eb5adb3e6ef0dfc03df6ae0a5e9983fa65a2c844c70ee0df66da86428ab8a4c448863c754c
SSDEEP

3072:LksskDkMF9/HXzqs1rnMOwGtXm4u0TSki2oCAd7Y1UnGkO7ITrb:LX9/3zq2M9r45TSkkdmU3iQrb

Score

N/A

Malware Config

Signatures

Files

7216bbd28e8b9dbc246b1fd61db88b4d2babafa7607b436de1cfc864a21a87ae
.exe windows x86

1b982dbb42658d8bd50cb64c91255a24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsA
WTSOpenServerA
WTSCloseServer

mpr

WNetAddConnection2A
WNetGetUserA
WNetGetUniversalNameA

crypt32

CertFreeCertificateChain
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertCreateCertificateContext
CryptDecodeObject
CertFreeCertificateContext
CertEnumCertificatesInStore
CryptHashPublicKeyInfo
CertFindCertificateInStore

netapi32

NetApiBufferFree
NetWkstaSetInfo
NetUserGetInfo

oleacc

AccessibleObjectFromPoint
GetStateTextA

comdlg32

CommDlgExtendedError
ChooseFontA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

comctl32

ImageList_Remove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_Write
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy

kernel32

GetStringTypeW
GetCPInfo
GetACP
HeapAlloc
GetStringTypeA
MultiByteToWideChar
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetOEMCP
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
WriteConsoleW
VirtualProtect
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b982dbb42658d8bd50cb64c91255a24

Headers

DLL Characteristics

File Characteristics

Imports

ole32

wtsapi32

mpr

crypt32

netapi32

oleacc

comdlg32

comctl32

kernel32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 72KB - Virtual size: 728KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 72KB - Virtual size: 728KB