242d545d4310455089b6385484a07a4cd0e0b6ecdec5f9e7fa2f848abc5d9f67

Sharing

Copy URL Twitter E-mail

General

Target

242d545d4310455089b6385484a07a4cd0e0b6ecdec5f9e7fa2f848abc5d9f67
Size

173KB
MD5

784c354c178347f2f0e6af996cf8382c
SHA1

3e4188bb99d28f28b03f65091cb6338146b947b8
SHA256

242d545d4310455089b6385484a07a4cd0e0b6ecdec5f9e7fa2f848abc5d9f67
SHA512

8dc3647c530acf7adddb1c5520f151ef243ceb2e3ecd378b0bcf545fe8bebff5d4cf28b408ab537a83659beb017b2fee1c3fbac9e17eab5a21641cdf5eaa9508
SSDEEP

3072:8xf9LPvLUuIhumVSTcsuGXA/+bpKB3ufj+wgbL8du5fhFB/Wico1D8jzvwCnOjfp:8x1rFIhuDcGw/+1KBSj+xnXrWVO5Cnsp

Score

N/A

Malware Config

Signatures

Files

242d545d4310455089b6385484a07a4cd0e0b6ecdec5f9e7fa2f848abc5d9f67
.exe windows x86

5fe47a0c11080653008e68c1ebde91dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoGetInterfaceAndReleaseStream
StringFromCLSID
ReleaseStgMedium
CoGetApartmentID
CoCreateInstance
CoMarshalInterThreadInterfaceInStream
CoTaskMemAlloc

kernel32

VirtualAlloc
GetLastError

shell32

SHGetFolderPathW

shlwapi

PathIsUNCServerShareW
PathAppendW

advapi32

EqualSid
ImpersonateAnonymousToken
GetSecurityDescriptorLength
FreeSid
GetSidIdentifierAuthority
AllocateAndInitializeSid
InitializeAcl
LsaSetForestTrustInformation
LsaQueryTrustedDomainInfoByName
SetEntriesInAclW
InitializeSecurityDescriptor
SetNamedSecurityInfoW
LsaQueryInformationPolicy
CloseServiceHandle
RevertToSelf
RegQueryValueExW
IsValidSid
SystemFunction041
LsaClose
OpenSCManagerW
LsaFreeMemory
CryptReleaseContext
LsaDelete
LsaOpenTrustedDomainByName
LsaRetrievePrivateData
LsaCreateTrustedDomainEx
SystemFunction040
OpenServiceW
LogonUserW
GetNamedSecurityInfoW
RegDeleteKeyW
LsaQueryTrustedDomainInfo
GetSidLengthRequired
GetSecurityDescriptorControl
LsaLookupSids
LsaOpenPolicy
BuildTrusteeWithObjectsAndSidW
MakeSelfRelativeSD
GetSecurityDescriptorDacl
GetSidSubAuthorityCount
LsaNtStatusToWinError
QueryServiceStatus
LsaQueryForestTrustInformation
EqualPrefixSid
RegCloseKey
RegOpenKeyExW
LsaOpenTrustedDomain
CryptGenRandom
CryptAcquireContextW
GetSidSubAuthority
GetExplicitEntriesFromAclW
GetLengthSid
RegCreateKeyExW
ImpersonateLoggedOnUser
LsaSetTrustedDomainInfoByName
RegSetValueExW
BuildTrusteeWithSidW

version

GetFileVersionInfoW

cryptui

CryptUIDlgSelectCertificateW
CryptUIDlgViewCertificateW

gdi32

SetTextColor
DeleteObject
CreatePatternBrush
CreateFontIndirectW
SetBkColor
CreateBitmap
GetTextExtentPoint32W
GetDeviceCaps

dnsapi

DnsNameCompareEx_W

ntdll

NtQuerySystemTime
RtlInitUnicodeString
RtlSubAuthorityCountSid
RtlNtStatusToDosError
RtlIdentifierAuthoritySid
RtlSubAuthoritySid

ntdsapi

DsCrackSpn3W
DsIsMangledDnW
DsFreeNameResultW
DsBindW
DsUnBindW
DsCrackNamesW

apphelp

GetPermLayers

crypt32

CertEnumSystemStore
CertDuplicateStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertControlStore
CertDeleteCertificateFromStore
CertGetNameStringW
CertAddCertificateContextToStore
CertFreeCertificateContext
CertOpenStore
CryptFindOIDInfo
CryptDecodeObject
CertDuplicateCertificateContext
CryptQueryObject
CertSaveStore
CertCloseStore
CertGetEnhancedKeyUsage

dsprop

ADsPropGetInitInfo
ADsPropSetHwndWithTitle
ADsPropCreateNotifyObj
ADsPropSendErrorMessage
ADsPropSetHwnd
FindSheet
ADsPropShowErrorDialog

user32

SetScrollInfo
BeginPaint
SetDlgItemTextW
LoadIconW
wsprintfW
ScreenToClient
LoadStringW
ScrollWindow
ReleaseDC
GetSysColor
GetWindowTextLengthW
RegisterClassW
GetSysColorBrush
RegisterWindowMessageW
EndPaint
SetScrollPos
GetDC
CheckRadioButton
GetWindow
FrameRect
LoadCursorW
GetWindowTextW
MapWindowPoints
InflateRect
SetFocus
SendMessageW
SetWindowContextHelpId
GetParent
FindWindowExW
DialogBoxParamW
ShowWindow
DestroyIcon
MoveWindow
MessageBoxA
CheckDlgButton
SetWindowLongW
IsWindowEnabled
GetWindowLongW
LoadBitmapW
GetDlgCtrlID
MessageBoxW
PostMessageW
GetWindowRect
RegisterClipboardFormatW
IsWindow
UpdateWindow
EndDialog
WinHelpW
GetWindowThreadProcessId
DestroyWindow
SystemParametersInfoW
OffsetRect
MapDialogRect
SetCursor
GetDlgItemTextW
DrawFocusRect
SetWindowTextW
GetClientRect
GetSystemMetrics
SetWindowPos
CallWindowProcW
DrawIcon
GetDlgItem
EnableWindow
SendDlgItemMessageW
DefWindowProcW
GetScrollInfo
SetForegroundWindow
IsDlgButtonChecked
CreateWindowExW
MessageBeep
SetScrollRange
GetDesktopWindow

credui

CredUIParseUserNameW
CredUIInitControls

Sections

.text
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5fe47a0c11080653008e68c1ebde91dd

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

shell32

shlwapi

advapi32

version

cryptui

gdi32

dnsapi

ntdll

ntdsapi

apphelp

crypt32

dsprop

user32

credui

Sections

.text Size: 512B - Virtual size: 396B

.rsrc Size: 78KB - Virtual size: 77KB

.idata Size: 6KB - Virtual size: 5KB

.rdata Size: 12KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 28B

.data Size: 75KB - Virtual size: 848KB

.text
Size: 512B - Virtual size: 396B

.rsrc
Size: 78KB - Virtual size: 77KB

.idata
Size: 6KB - Virtual size: 5KB

.rdata
Size: 12KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 28B

.data
Size: 75KB - Virtual size: 848KB