b9c9f34dae491397dbc5d867bb2ca6c46d2fd922aab0b1d993e23b48b3b466d9

Sharing

Copy URL Twitter E-mail

General

Target

b9c9f34dae491397dbc5d867bb2ca6c46d2fd922aab0b1d993e23b48b3b466d9
Size

284KB
MD5

69399190937e1eea1a7893a5e4248b10
SHA1

5a34365a49f17f997cb8879b3b4f07c94b4d3398
SHA256

b9c9f34dae491397dbc5d867bb2ca6c46d2fd922aab0b1d993e23b48b3b466d9
SHA512

0a07e15aaa2458fbcbf212c49dbdedd25a176189d471bd2b2a1cf9c7901dab81069dbd0888b415a138d92d7a75cfb6433a42c9cf1f3bed5e16bee28af4f009d3
SSDEEP

6144:OcJtO61uXuay3FfcveSqjtsgPxLKNvT0VpTjAGdmzBVkvsEkmJGqxmygIqnBvfGZ:NJtO61u+poctFLKBT0fwGvdksGqxKSzd

Score

N/A

Malware Config

Signatures

Files

b9c9f34dae491397dbc5d867bb2ca6c46d2fd922aab0b1d993e23b48b3b466d9
.exe windows x86

92b0f1b5b4d8f6d7891c110ece44af08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
FreeEnvironmentStringsW
ReplaceFileW
WritePrivateProfileStringW
FindFirstFileExW
SetConsoleWindowInfo
GlobalAlloc
GetVersionExA
GetStartupInfoW
WriteConsoleA
LoadLibraryW
GetOverlappedResult
CreateTimerQueue
ReadConsoleW
ReadConsoleOutputW
NlsGetCacheUpdateCount
HeapQueryInformation
lstrcpynA
EnumResourceNamesW
ReadConsoleInputExW
GetComputerNameExA
SetClientTimeZoneInformation
GetVolumePathNameA
ReadConsoleInputW
BuildCommDCBA
GetCalendarInfoA
ReadConsoleInputExA
SetTimerQueueTimer
EnumDateFormatsA
SetCommBreak
HeapReAlloc
FindNextVolumeMountPointW
RegisterWowExec
ContinueDebugEvent
GetConsoleScreenBufferInfo
GetModuleHandleW
GlobalCompact
ScrollConsoleScreenBufferW
FlushInstructionCache
GetVolumeInformationW

linkinfo

CompareLinkInfoReferents
CompareLinkInfoVolumes
IsValidLinkInfo
GetCanonicalPathInfoA
GetLinkInfoData
GetCanonicalPathInfo
CreateLinkInfo
CreateLinkInfoW
ResolveLinkInfo
CreateLinkInfoA
ResolveLinkInfoW
ResolveLinkInfoA
DestroyLinkInfo
GetCanonicalPathInfoW
DisconnectLinkInfo

crtdll

_ismbcl1
_vsnwprintf
_spawnl
_clearfp
iswcntrl
tan
_strerror
_flsbuf
_lfind
vfwprintf
iswalpha
_CIasin

certcli

CAGetCAFlags
CARemoveCACertificateType
CAGetCACertificate
CAOIDCreateNew
CAGetCertTypePropertyEx
CAIsCertTypeCurrent
CAOIDFreeLdapURL
CAGetCASecurity
CASetCACertificate
CAAccessCheckEx
CAGetCAExpiration

clusapi

ClusterNodeControl
SetClusterQuorumResource
MoveClusterGroup
CreateClusterResourceType
RemoveClusterResourceNode
ClusterResourceCloseEnum
ClusterResourceTypeOpenEnum
ClusterCloseEnum
GetClusterNodeId
DeleteClusterResource
ClusterRegQueryInfoKey
SetClusterNetworkPriorityOrder
GetClusterNetworkId
CreateClusterGroup
OpenClusterNode
ClusterNetworkOpenEnum
AddClusterResourceDependency
RestoreClusterDatabase

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92b0f1b5b4d8f6d7891c110ece44af08

Headers

File Characteristics

Imports

kernel32

linkinfo

crtdll

certcli

clusapi

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 73KB - Virtual size: 72KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 73KB - Virtual size: 72KB

.rsrc
Size: 1KB - Virtual size: 1KB