1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4

Sharing

Copy URL

Twitter E-mail

General

Target

1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4
Size

228KB
MD5

f37f9160e2cf021983080ee0046529be
SHA1

65095a67c453db178b5735e7ecbeccbf1338ed75
SHA256

1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4
SHA512

e02014e203c776bf8f11ebd48dc9abf132a8a907fa87e21b0f37306b0924f56dce99af7ed5fbcd862b3c6173c7cf09335c2fc1d4edc6f5753bd16bfdbab2d5de
SSDEEP

3072:at02MzGJiEWNgZEYCATuvcurAVI0XN0bHJJ2yMUp7JaHVKFqa:bNNguNATkAVI0iLFMiIKFqa

Score

N/A

Malware Config

Signatures

Files

1f7d74e5ccf5681021323717359fb3efc6213d45ee84628c56f476f856477df4
.exe windows x86

dfe7eeb5bbdb98b5c6f2cb1c6a61f73f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

wcsncpy
wcscmp
qsort
wcslen
wcstol
_wcsicmp
_wcslwr
isalpha
__toascii
_i64tow
_wtoi64

kernel32

TlsGetValue

msvcrt

strtok
_wfullpath
getc
free
fscanf
_strnset
_strerror
_searchenv
fread
_strdup
fgets
putc
fprintf
vprintf
_strnicoll
_putws

user32

LoadBitmapW

msi

ord86
ord119
ord7
ord120
ord42
ord138
ord186
ord44
ord95
ord115
ord125
ord117
ord39
ord32
ord76
ord19
ord57
ord179
ord136
ord215
ord72
ord61
ord124
ord22
ord84
ord67
ord228
ord171
ord214
ord142
ord16
ord113
ord92

mprapi

MprInfoCreate
MprAdminServerConnect
MprAdminInterfaceTransportRemove
MprAdminInterfaceSetInfo
MprConfigTransportGetHandle
MprAdminEstablishDomainRasServer
MprAdminTransportSetInfo
MprAdminDeregisterConnectionNotification
MprAdminInterfaceEnum
MprConfigInterfaceSetInfo
MprAdminInterfaceCreate
MprConfigInterfaceEnum
MprAdminConnectionClearStats
MprAdminPortEnum
MprConfigInterfaceTransportEnum
MprAdminTransportGetInfo
MprConfigInterfaceGetHandle
MprConfigInterfaceDelete
MprAdminMIBEntryDelete
MprAdminInterfaceTransportAdd
MprConfigInterfaceTransportGetHandle
MprConfigInterfaceTransportAdd
MprAdminUserGetInfo
MprAdminInterfaceDelete
MprAdminBufferFree
MprAdminPortReset

secur32

RevertSecurityContext
AddSecurityPackageW
AcquireCredentialsHandleW
InitSecurityInterfaceA
QueryContextAttributesA
InitializeSecurityContextW
QuerySecurityPackageInfoA
QuerySecurityPackageInfoW
DeleteSecurityPackageA
EnumerateSecurityPackagesW
InitializeSecurityContextA
EnumerateSecurityPackagesA
AcceptSecurityContext
FreeCredentialsHandle
CompleteAuthToken
DeleteSecurityContext
QueryCredentialsAttributesW
ExportSecurityContext
ApplyControlToken
QuerySecurityContextToken
AcquireCredentialsHandleA
EncryptMessage

avifil32

AVISaveOptionsFree
AVIFileInfoA
EditStreamSetNameA
AVISaveA
IID_IAVIEditStream
EditStreamClone
AVIFileOpenW
AVIStreamRead
AVIMakeStreamFromClipboard
AVIStreamOpenFromFileW
AVIFileWriteData
AVIStreamBeginStreaming
AVIMakeFileFromStreams
AVIMakeCompressedStream
AVIStreamInfoW
AVIStreamOpenFromFileA
AVIFileOpenA
AVIStreamEndStreaming
AVIBuildFilterW
EditStreamSetInfoA
AVIFileEndRecord
AVIFileGetStream
AVIClearClipboard
AVIStreamWrite
EditStreamSetNameW
EditStreamCut
AVIStreamWriteData

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfe7eeb5bbdb98b5c6f2cb1c6a61f73f

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

msvcrt

user32

msi

mprapi

secur32

avifil32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 112KB - Virtual size: 111KB

INIT Size: 24KB - Virtual size: 20KB

.ndata Size: 64KB - Virtual size: 61KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 112KB - Virtual size: 111KB

INIT
Size: 24KB - Virtual size: 20KB

.ndata
Size: 64KB - Virtual size: 61KB