c023721602191888a6dbdc89a2d53cc1a88c616abd2356279adbf6ede996c1db

Sharing

Copy URL

Twitter E-mail

General

Target

c023721602191888a6dbdc89a2d53cc1a88c616abd2356279adbf6ede996c1db
Size

128KB
MD5

085fdd7f73cf1b11e0cfa33c5be32420
SHA1

9142fc223f53c67a335eb05dbd021877cfa903ca
SHA256

c023721602191888a6dbdc89a2d53cc1a88c616abd2356279adbf6ede996c1db
SHA512

1dad6a66d1e3a6b42a9979931de5d77cfb0dc1b15cb6023d94ed1e2fcf8f812e8f597ab351f7eb9025f54ec700635fc23114bafa7bfd1d954a885140ffa6b992
SSDEEP

1536:8VIqy6FS4PS+xuv3pgSIXVTVYs7O8WAJOGc6qkZPnaS4TxKPkPZ0dX/gPqDUmq4q:14LSIXPO8WAsGnqkZP7CxqoPqDUhiS0

Score

N/A

Malware Config

Signatures

Files

c023721602191888a6dbdc89a2d53cc1a88c616abd2356279adbf6ede996c1db
.exe windows x86

7a5731a2adf88117270f5f85abc084f9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mssws

LsaNtStatusToWinError
LookupAccountNameW
IsValidSid
InitializeSid
GetSidLengthRequired
AddAce
GetAce
AddAccessDeniedAce
AddAccessAllowedAce
LsaEnumerateAccountRights
IsValidAcl
GetCommandLineW
RegQueryValueExW
lstrcatW
lstrcpyW
LoadLibraryW
LsaClose
LsaAddAccountRights
LsaRemoveAccountRights
LsaOpenPolicy
GetAclInformation
GetSidSubAuthority
ReportEventW
RegisterEventSourceW
DeregisterEventSource
InterlockedCompareExchange
GetEnvironmentVariableW
SetEnvironmentVariableW
GetModuleHandleW
GetVersionExW
CreateEventW
PeekMessageW
DispatchMessageW
OpenThreadToken
OpenProcessToken
LoadStringW
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
CreateMutexW
GetModuleFileNameW
GetShortPathNameW
LoadLibraryExW
FindResourceW
RegEnumKeyExW
InitializeAcl
lstrcpynW
RegEnumValueW
RegQueryInfoKeyW
CharNextW
lstrcmpiW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
GetTokenInformation
lstrlenW

msvcrt

_controlfp
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_EH_prolog
??3@YAXPAX@Z
malloc
free
realloc
??2@YAPAXI@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_except_handler3
_CxxThrowException
printf
_wcsicmp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
wcsncpy
wcscmp
iswspace
wcschr
wcslen
__CxxFrameHandler
__set_app_type

advapi32

InitializeSecurityDescriptor
RegCloseKey
StartServiceCtrlDispatcherW
SetServiceStatus
CloseServiceHandle
DeleteService
QueryServiceStatus
ControlService
OpenServiceW
OpenSCManagerW
RegisterServiceCtrlHandlerW
ChangeServiceConfigW
CreateServiceW
SetTokenInformation

kernel32

GetProcAddress
SetEvent
GetCurrentProcess
GetCurrentThread
WaitForSingleObject
SetLastError
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
VirtualFree
GetStartupInfoA
LoadLibraryA
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
HeapDestroy
GetLastError
WideCharToMultiByte
CloseHandle
FreeLibrary
lstrlenA
SizeofResource
LoadResource
Sleep
GetModuleHandleA

ole32

CoInitializeSecurity
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

LoadRegTypeLi
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
VariantClear
SysFreeString
SysStringLen

netapi32

NetGetDCName
NetApiBufferFree
I_NetLogonControl
NetServerGetInfo

user32

DefWindowProcA
DestroyWindow
MsgWaitForMultipleObjects
CreateWindowExA
PostQuitMessage
RegisterClassExA

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a5731a2adf88117270f5f85abc084f9

Headers

DLL Characteristics

File Characteristics

Imports

mssws

msvcrt

advapi32

kernel32

ole32

oleaut32

netapi32

user32

Sections

.text Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.rmnet
Size: 60KB - Virtual size: 60KB