df75c0ddfe95981cc7a6decf3cb20f0a2ca0ffcf59038b884017d312e94e5941

Sharing

Copy URL Twitter E-mail

General

Target

df75c0ddfe95981cc7a6decf3cb20f0a2ca0ffcf59038b884017d312e94e5941
Size

45KB
MD5

3e719747fcd3c30ef405626aea5964d0
SHA1

697c73340b1b84b44451df60ea9eaefd9ccf5247
SHA256

df75c0ddfe95981cc7a6decf3cb20f0a2ca0ffcf59038b884017d312e94e5941
SHA512

364e31fc12f85a7a59bfcf3133be378ab7f1a659856fc051d06fdbb1429d0c1d0e45e06556db074ce46c6b62f4627705412f9e8aaa7f82d029da5cf519f276af
SSDEEP

768:qYESg2z2+QEUpeQBSzvFOSNFEx+8oXlxyM8p/6EzwjVBd6w84kzI7DHCArENf2:9e2z2B3etUSNFF8oVxyMuSVXgakyDzr/

Score

N/A

Malware Config

Signatures

Files

df75c0ddfe95981cc7a6decf3cb20f0a2ca0ffcf59038b884017d312e94e5941
.exe windows x86

550174f5587a8ab79f8847957caf8246

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommBreak
SetConsoleCursorMode
BeginUpdateResourceA
GetConsoleAliasExesLengthW
SetConsoleNumberOfCommandsA
GetACP
GetModuleHandleA
FindResourceExW
SetCurrentDirectoryW
VirtualAlloc
FindFirstFileA
EnumSystemCodePagesA
CreateActCtxW
BaseCheckAppcompatCache
CompareStringW
WriteConsoleInputVDMA
GetOEMCP
GetFullPathNameA
SetThreadContext
DeleteFileA
WritePrivateProfileStringW
GetConsoleTitleA
SetConsoleCursor
GetModuleHandleW
GetSystemDirectoryW
GetTickCount
LoadLibraryA
GetWindowsDirectoryW
GetVolumeInformationA
GetProcessIoCounters
TryEnterCriticalSection
DeleteTimerQueueEx
SetLocalPrimaryComputerNameA
BaseUpdateAppcompatCache
SetProcessWorkingSetSize
SetConsoleMaximumWindowSize
SetPriorityClass

olesvr32

OleRenameServerDoc
OleRevokeObject
TerminateClients
FindItemWnd
EnumForTerminate
OleRegisterServer
WEP
OleRevokeServer
OleRevertServerDoc
OleRevokeServerDoc
OleRegisterServerDoc
ItemCallBack
ItemWndProc
DocWndProc
OleQueryServerVersion
OleUnblockServer
SrvrWndProc
SendDataMsg
SendRenameMsg
DeleteClientInfo
TerminateDocClients
OleBlockServer
OleSavedServerDoc

advapi32

SetEntriesInAuditListA
ChangeServiceConfigA
GetTraceEnableFlags
SetFileSecurityA
LsaEnumerateAccounts
GetTrusteeNameW
AccessCheckByTypeResultListAndAuditAlarmA
OpenBackupEventLogA
CreateProcessAsUserW
LsaSetSystemAccessAccount
MD5Final
FreeEncryptedFileKeyInfo
SystemFunction005
ElfRegisterEventSourceW
GetNamedSecurityInfoW
LsaEnumeratePrivilegesOfAccount
LsaCreateAccount
LogonUserA
ConvertStringSDToSDDomainW
BuildTrusteeWithSidA
SystemFunction028
LsaOpenAccount
RegSetValueA
CredpConvertTargetInfo
WmiNotificationRegistrationW
CryptGenKey
LsaQuerySecurityObject
LsaOpenTrustedDomainByName
StopTraceW
SystemFunction040

msv1_0

LsaApCallPackageUntrusted
Msv1_0SubAuthenticationPresent
SpInitialize
SpLsaModeInitialize
LsaApCallPackagePassthrough
SpUserModeInitialize
SpInstanceInit
LsaApInitializePackage
LsaApLogonTerminated
MsvSamLogoff
LsaApCallPackage
Msv1_0ExportSubAuthenticationRoutine
MsvGetLogonAttemptCount
LsaApLogonUserEx2
MsvSamValidate

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

550174f5587a8ab79f8847957caf8246

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

olesvr32

advapi32

msv1_0

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 190B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 190B

.rsrc
Size: 2KB - Virtual size: 1KB