3e086103124c48d408f13906760a8a96fc4691c1da3047371b8a12f9711500f7

General

Target

3e086103124c48d408f13906760a8a96fc4691c1da3047371b8a12f9711500f7
Size

100KB
MD5

6ac2b0076be2cbcf9a0ac5ef4f2dfb10
SHA1

5a4804abf17eb1977cf5a969de676ed99af8e9b5
SHA256

3e086103124c48d408f13906760a8a96fc4691c1da3047371b8a12f9711500f7
SHA512

e0ef2d957dc6e8e03a89039cc685dc1b97f36c6da82cbc201e52f500652dc1f35a2dc785e5c4fe3676175bab7a518b35fe5bf94b87157a74b541cd22f62d1e42
SSDEEP

384:dGbzjvr3hIi5E/EstIDQ2QfOi3FcCrvpOgJkvr3hIi5RzidGzqU6+Jl:k7G2EzVJvpOLG2R+Kn

Score

N/A

Malware Config

Signatures

Files

3e086103124c48d408f13906760a8a96fc4691c1da3047371b8a12f9711500f7
.exe windows x86

5238b79aa5b561b19ffe8af82628a89a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSSendMessageA
WTSVirtualChannelRead
WTSSetUserConfigW
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSUnRegisterSessionNotification
WTSCloseServer
WTSVirtualChannelOpen
WTSEnumerateServersA
WTSRegisterSessionNotification
WTSEnumerateSessionsA

authz

AuthzFreeAuditEvent
AuthzAddSidsToContext

crypt32

CryptFindOIDInfo
CertFindExtension
CertFreeCRLContext
CryptEncodeObject
CertGetNameStringA
CertDuplicateCRLContext
CertFindCRLInStore
CryptEnumOIDInfo
CertCompareCertificate
CertOpenStore

untfs

FormatEx
Recover
Format

kernel32

GetPrivateProfileIntA
GetDiskFreeSpaceA
WriteProcessMemory
GetConsoleAliasW
GetTimeFormatA
GetDateFormatW
SetEnvironmentVariableA
ExpandEnvironmentStringsA
GetCurrentProcess
LoadLibraryA
GetAtomNameA
SetLastError
SleepEx
FindResourceExA
CreateDirectoryA
FoldStringW
GetNumberFormatA
FormatMessageA
CreateEventA
GetProcessHeap
GetCurrentDirectoryA
WriteFile
HeapCreate
GetComputerNameA
QueryDosDeviceA

user32

IsDialogMessageA
DispatchMessageA
GetCaretPos
SetFocus
CreateWindowExW
CharToOemA
PostMessageA
SetCursorPos
IsCharLowerA
wsprintfA
IsWindow
LoadCursorA
GetWindowTextA
PeekMessageA
DialogBoxParamW
LoadImageW
DrawIcon

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5238b79aa5b561b19ffe8af82628a89a

Headers

File Characteristics

Imports

wtsapi32

authz

crypt32

untfs

kernel32

user32

Sections

.text Size: 52KB - Virtual size: 48KB

.data Size: 24KB - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 52KB - Virtual size: 48KB

.data
Size: 24KB - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 18KB