61c107d555ec1ca8a537d1860f2287a268a0bb1b30ec658ffab8ec109b594f14

General

Target

61c107d555ec1ca8a537d1860f2287a268a0bb1b30ec658ffab8ec109b594f14
Size

284KB
MD5

820d1c53dfaaa79f661c690e42463a80
SHA1

10f2d0d41c4c36e2f755aeeb8afa5bdaca806c4a
SHA256

61c107d555ec1ca8a537d1860f2287a268a0bb1b30ec658ffab8ec109b594f14
SHA512

7cf2a1d297593c807ad6479a5d97d876df346dd1d08ab771b9e07d954922facf7d8c7ee5198727b95175b9f2c96f3224db414a9ea5831a1624092cc492d3b0db
SSDEEP

6144:lppTkyO9uZnjeIhMu5F/74fI6CNPkHx2khm+QNPR3Z+IZCh+ZwwxHCsKQ8b:lppTkZ9uZi8M6/74AzNPkHx2kDQNBZXy

Score

N/A

Malware Config

Signatures

Files

61c107d555ec1ca8a537d1860f2287a268a0bb1b30ec658ffab8ec109b594f14
.exe windows x86

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetSecurityDescriptorOwner
RegOpenKeyExW
RegQueryValueExW
GetTraceEnableLevel
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
TraceMessage
SetSecurityDescriptorOwner

kernel32

GetFileType
LoadLibraryA
GetStartupInfoA
GetLocaleInfoW
GetLocalTime
LocalAlloc
GetFileAttributesW
GetDateFormatW
SetFilePointer
GetCommandLineW
SetLastError
LocalFree
GetTimeFormatW
DeleteFileA
CreateFileW
FormatMessageW
GetEnvironmentStringsA
CloseHandle
GetSystemDefaultLCID
GetStdHandle
WriteConsoleW
VerifyVersionInfoW
GetModuleHandleA
ReadFile
FreeLibrary
FindNextFileW
FindFirstFileW
GetSystemDefaultLangID
MultiByteToWideChar

msvcrt

wcslen
_initterm
_purecall
wcsncmp
wcscmp
_adjust_fdiv
_onexit
wcscpy
malloc
__dllonexit
free
swprintf

gpedit

BrowseForGPO
DeleteAllGPOLinks
DeleteGPOLink

netapi32

NetApiBufferFree
DsGetDcNameW

ws2_32

htons
htonl

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d4048882c065248c9e2a40f9f68c5e8

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

gpedit

netapi32

ws2_32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 71KB - Virtual size: 70KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 8KB - Virtual size: 8KB