c32582381387ced908f3f8fd49946ade8a7ec7e70d47952f3dd156990ae2b543

Sharing

Copy URL Twitter E-mail

General

Target

c32582381387ced908f3f8fd49946ade8a7ec7e70d47952f3dd156990ae2b543
Size

1.0MB
MD5

1207c0637ef0a0fa00b4c22ef003a4c0
SHA1

3975e963bcc37899fe4ca0c5899e450e67638dd5
SHA256

c32582381387ced908f3f8fd49946ade8a7ec7e70d47952f3dd156990ae2b543
SHA512

fcb5f9f816d6f937a20cb67a59b3d497c410676433793c4c6f752d08c99682393c14c34e41b33994fbb53c0e69e611b088f265d39ad16c01cab994daaf6786e5
SSDEEP

24576:Cb5bBGipJ3GjXfxpdIMRXGcBckT39iNoqIdoFd:CNbBGUZgfndP1GHW9iNom

Score

N/A

Malware Config

Signatures

Files

c32582381387ced908f3f8fd49946ade8a7ec7e70d47952f3dd156990ae2b543
.exe windows x86

e2c83c8b9fba2e8aaf6676281408b92e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WaitForMultipleObjects
GetConsoleMode
CreateSemaphoreA
CreateFileMappingW
GetFileSize
AddAtomW
WaitForSingleObject
GetSystemDefaultLangID
CreateHardLinkW
GetPrivateProfileSectionA
BeginUpdateResourceW
GetUserDefaultUILanguage
FlushFileBuffers
VirtualAlloc

secur32

LsaDeregisterLogonProcess
LsaCallAuthenticationPackage
LsaFreeReturnBuffer
LsaUnregisterPolicyChangeNotification
LsaRegisterPolicyChangeNotification
GetUserNameExW
QuerySecurityContextToken
DecryptMessage
LsaLogonUser
LsaRegisterLogonProcess
LsaGetLogonSessionData
InitializeSecurityContextW
QueryContextAttributesW
LsaConnectUntrusted
AcquireCredentialsHandleW
GetComputerObjectNameW

netapi32

NetGroupAdd
NetShareCheck
NetWkstaUserGetInfo
NetShareGetInfo
NetUseEnum
NetpwNameValidate
NetShareAdd
NetSessionEnum
DsGetDcNameW
NetQueryDisplayInformation
NetLocalGroupDel
NetRegisterDomainNameChangeNotification
DsGetSiteNameW
NetLocalGroupDelMembers
DsGetDcNameWithAccountW
NetpwPathType

comctl32

PropertySheetW
InitCommonControlsEx
DestroyPropertySheetPage
CreateStatusWindowW
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Create
_TrackMouseEvent
PropertySheetA
ImageList_DragMove
ImageList_GetIconSize
ImageList_DragLeave
CreateStatusWindowA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Oh
Size: 459KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsh
Size: 406KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2c83c8b9fba2e8aaf6676281408b92e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

secur32

netapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 43KB

.Oh Size: 459KB - Virtual size: 715KB

.lsh Size: 406KB - Virtual size: 642KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 512B - Virtual size: 30B

.text
Size: 44KB - Virtual size: 43KB

.Oh
Size: 459KB - Virtual size: 715KB

.lsh
Size: 406KB - Virtual size: 642KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 512B - Virtual size: 30B