74b0b5aa46686ad981c6b1619a4b840b68263e7f4c89570e00d77e9d9bf75630

Sharing

Copy URL Twitter E-mail

General

Target

74b0b5aa46686ad981c6b1619a4b840b68263e7f4c89570e00d77e9d9bf75630
Size

823KB
MD5

1417c1a5b0edbe9c007248a482c4e905
SHA1

69fdfe7a53df6208293b62eb89bd469f6ac15dec
SHA256

74b0b5aa46686ad981c6b1619a4b840b68263e7f4c89570e00d77e9d9bf75630
SHA512

5f556ba6d2324e26f6b0a7aab97da429ad2faa1169f45bed1ff75580ffa83fac0060c3b77bd6548c8e3192ecc8b86603799026394cae12911cba81eddb10a544
SSDEEP

24576:VwuGMexSB+AW27CW14ISVFWkkxzbb4n0CGocsULM8ZAsk:393YsZGfQPzbU0focsoPAs

Score

N/A

Malware Config

Signatures

Files

74b0b5aa46686ad981c6b1619a4b840b68263e7f4c89570e00d77e9d9bf75630
.exe windows x86

d41f31eb9dc69ec1fe89bf6dfd3f3eda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dhcpsapi

DhcpGetMScopeInfo
DhcpRemoveSubnetElement
DhcpModifyClass
DhcpGetAllOptions
DhcpDsInit
DhcpCreateClientInfoV4
DhcpEnumMScopeClients
DhcpDeleteSubnet
DhcpAuditLogGetParams
DhcpGetClientInfoV4
DhcpGetSuperScopeInfoV4
DhcpSetOptionValue
DhcpSetServerBindingInfo
DhcpServerSetConfigV4
DhcpServerSetConfig
DhcpGetMibInfo
DhcpDsClearHostServerEntries
DhcpAddMScopeElement
DhcpAddSubnetElementV5
DhcpScanMDatabase
DhcpGetOptionValue
DhcpScanDatabase
DhcpServerQueryAttribute
DhcpCreateOption
DhcpServerGetConfig
DhcpDeleteServer
DhcpCreateOptionV5
DhcpServerGetConfigV4
DhcpDsCleanup
DhcpEnumOptionValuesV5
DhcpGetOptionInfoV5
DhcpSetMScopeInfo
DhcpDeleteClientInfo
DhcpEnumOptionValues

kernel32

CreateJobObjectW
LocalShrink
ExitProcess
BuildCommDCBAndTimeoutsW
Thread32First
ExpungeConsoleCommandHistoryW
GetCommandLineW
FindFirstVolumeMountPointA
SetThreadPriorityBoost
GetLongPathNameW
GlobalAlloc
CancelWaitableTimer
TryEnterCriticalSection
FindFirstVolumeMountPointW
GetACP
OpenFile
LZCloseFile
GetSystemDefaultLCID
GetThreadTimes
GetConsoleNlsMode
ProcessIdToSessionId
CreateHardLinkA
CallNamedPipeW
Thread32Next
OutputDebugStringW
HeapAlloc
GlobalAddAtomW
IsValidLocale
FoldStringW
GetProcessWorkingSetSize
DebugBreakProcess
GetConsoleInputExeNameW
EnumDateFormatsExW
VirtualAlloc
SetStdHandle
GetComputerNameExA
QueryActCtxW
LoadLibraryA

mscat32

MsCatConstructHashTag
CryptCATStoreFromHandle
CryptCATPutCatAttrInfo
MsCatFreeHashTag
CryptCATEnumerateCatAttr
CryptCATGetCatAttrInfo
CryptCATGetAttrInfo
CryptCATCDFEnumMembersByCDFTagEx
CryptCATEnumerateAttr
CryptCATVerifyMember
CryptCATClose
CryptCATCDFEnumAttributes
CryptCATPersistStore
CryptCATAdminEnumCatalogFromHash
CryptCATGetMemberInfo
CryptCATCDFEnumAttributesWithCDFTag
CatalogCompactHashDatabase
CryptCATCDFEnumCatAttributes
CryptCATCDFEnumMembers
CryptCATCDFClose
CryptCATHandleFromStore
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminAddCatalog
CryptCATPutAttrInfo
CryptCATOpen
CryptCATCatalogInfoFromContext
CryptCATEnumerateMember
IsCatalogFile
CryptCATPutMemberInfo
CryptCATAdminCalcHashFromFileHandle

inetcomm

MimeOleGetRelatedSection
CreateIMAPTransport2
EssSecurityLabelEncodeEx
MimeOleCreateSecurity
MimeEditCreateMimeDocument
MimeOleGetFileExtension
MimeOleGetExtContentType
MimeOleCreateHashTable
HrDoAttachmentVerb
EssContentHintEncodeEx
EssKeyExchPreferenceEncodeEx
HrAttachDataFromBodyPart
MimeOleGenerateFileName
EssSecurityLabelDecodeEx
MimeOleGetDefaultCharset
MimeOleGetCodePageCharset
MimeOleUnEscapeStringInPlace
MimeOleSetPropA
MimeOleGetPropertySchema
MimeOleGetPropW
MimeOleConvertEnrichedToHTML
MimeOleSetBodyPropA
MimeOleGetCertsFromThumbprints
CreateNNTPTransport
MimeOleFindCharset
MimeOleGetFileInfo
MimeOleSetPropW
MimeOleCreatePropertySet
HrGetAttachIconByFile

kbddv

KbdLayerDescriptor

Sections

.text
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d41f31eb9dc69ec1fe89bf6dfd3f3eda

Headers

DLL Characteristics

File Characteristics

Imports

dhcpsapi

kernel32

mscat32

inetcomm

kbddv

Sections

.text Size: 402KB - Virtual size: 402KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 170KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 948B

.text
Size: 402KB - Virtual size: 402KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 170KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 948B