1fe1aadfdb68c7222a6f94a0898264fc5f9ac3b23b82ef682bce4e2bb9e890b3

Sharing

Copy URL Twitter E-mail

General

Target

1fe1aadfdb68c7222a6f94a0898264fc5f9ac3b23b82ef682bce4e2bb9e890b3
Size

11KB
MD5

6e5d9f78a17913ca6b7e44376fef859a
SHA1

66c701e67a111d3a5bd0ed54887fe503c75809fd
SHA256

1fe1aadfdb68c7222a6f94a0898264fc5f9ac3b23b82ef682bce4e2bb9e890b3
SHA512

6482eb70e72e49fcf46dab815b61ac4cce7f59a7e92b3a4f092699b0733cdeb84e7bf8238275b207a1350141205a419e30f8e52b8a639355ebc7a961bfb6bacf
SSDEEP

192:zcNuqulkGYS2h2nOBzPjbRJ0d0F1XiapCclZY8DemyC4g6C3NjzHldu0H3+GAwqu:z1qSGSVOlPjbz0d0jiapzl+metg6ClTj

Score

N/A

Malware Config

Signatures

Files

1fe1aadfdb68c7222a6f94a0898264fc5f9ac3b23b82ef682bce4e2bb9e890b3
.exe windows x86

cbb783d93824abbfdb0466be4d702460

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mswsock

sethostname

samlib

SamiEncryptPasswords
SamRemoveMultipleMembersFromAlias
SamTestPrivateFunctionsUser
SamConnectWithCreds

user32

CallMsgFilterW

ddraw

DirectDrawEnumerateA

kernel32

GetTempFileNameA
SetFileTime
GetUserDefaultLCID
CompareStringW
GetSystemDefaultLangID
IsBadReadPtr
GlobalUnlock
GetStringTypeA
GetSystemDefaultLCID
DuplicateHandle
SetHandleCount
lstrcpynA
GetWindowsDirectoryA
SetLocalTime
GetEnvironmentStringsW
WaitForSingleObject
GetLocalTime
LoadLibraryA
LoadLibraryExA
FileTimeToLocalFileTime
GetTimeZoneInformation
DeleteCriticalSection
MultiByteToWideChar
MoveFileA
WideCharToMultiByte
CompareStringA
FindFirstFileA
GetACP
EnterCriticalSection
GetOEMCP
_lwrite
GlobalSize
_llseek
GetDriveTypeA
SetStdHandle
GetCurrentThreadId
lstrcmpiA
GetVersionExA
TlsGetValue
GetDateFormatA
SetEvent
GetSystemTime
GetVolumeInformationA
LCMapStringA
GetStartupInfoA
GetTickCount
FindClose
_lclose
GetProcAddress
SetFilePointer
RaiseException
InterlockedDecrement
GetCurrentProcessId
TlsAlloc
Sleep
ResetEvent
GetModuleFileNameW
RemoveDirectoryA
GetCommandLineA
GlobalLock
SizeofResource
CreateProcessA
FormatMessageW
ExitProcess
GetCurrentDirectoryA
CreateThread
IsBadCodePtr
CreateProcessW
ExitThread
_lread
GetSystemInfo
GlobalHandle
HeapFree
GetFileTime
GetLastError
GetExitCodeProcess
SetCurrentDirectoryA
CreateFileA
GetModuleHandleA
TlsSetValue
IsDBCSLeadByte
InitializeCriticalSection
HeapDestroy
SetEndOfFile
SetErrorMode
GetSystemDirectoryA
FileTimeToSystemTime
lstrlenA
GetFullPathNameA
GetVersion
FlushInstructionCache
VirtualAlloc
CreateMailslotA
GetStringTypeW
CloseHandle
CreateSemaphoreA
FreeEnvironmentStringsA
SystemTimeToFileTime
GetStringTypeExA
VirtualProtect
LockResource
VirtualQuery
TlsFree
ReleaseSemaphore
MulDiv
InterlockedIncrement
SetLastError

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbb783d93824abbfdb0466be4d702460

Headers

DLL Characteristics

File Characteristics

Imports

mswsock

samlib

user32

ddraw

kernel32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 153KB - Virtual size: 1024KB

.reloc Size: 512B - Virtual size: 64B

.rsrc Size: 130KB - Virtual size: 130KB

.rdata Size: 205KB - Virtual size: 204KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 153KB - Virtual size: 1024KB

.reloc
Size: 512B - Virtual size: 64B

.rsrc
Size: 130KB - Virtual size: 130KB

.rdata
Size: 205KB - Virtual size: 204KB