ef51c39f217b5bff9773019ed79ba218402e27a1a82a74e45ef29bf3217b9f27

General

Target

ef51c39f217b5bff9773019ed79ba218402e27a1a82a74e45ef29bf3217b9f27
Size

96KB
MD5

01c716a08539179221ff26d886a0ff00
SHA1

d6466fbe9141d8a2535f3de0f26e9a2676d61d00
SHA256

ef51c39f217b5bff9773019ed79ba218402e27a1a82a74e45ef29bf3217b9f27
SHA512

00cac5a9faed28391364cd4004941aed0e612f013561479153fff8858200752eb4e84c20ab97bc65b89ecbf2ad69bb6693a7041e93bc9b76c1bfdf647cefe35a
SSDEEP

384:cGbzjvr3hIe1k/03SUfMib4n9OCmdTTI7hUlOvr3hIhzidGzqUl0+Jl:57G5O1KyS7hUlaGh+Kl5

Score

N/A

Malware Config

Signatures

Files

ef51c39f217b5bff9773019ed79ba218402e27a1a82a74e45ef29bf3217b9f27
.exe windows x86

5238b79aa5b561b19ffe8af82628a89a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSSendMessageA
WTSVirtualChannelRead
WTSSetUserConfigW
WTSQuerySessionInformationA
WTSWaitSystemEvent
WTSUnRegisterSessionNotification
WTSCloseServer
WTSVirtualChannelOpen
WTSEnumerateServersA
WTSRegisterSessionNotification
WTSEnumerateSessionsA

authz

AuthzFreeAuditEvent
AuthzAddSidsToContext

crypt32

CryptFindOIDInfo
CertFindExtension
CertFreeCRLContext
CryptEncodeObject
CertGetNameStringA
CertDuplicateCRLContext
CertFindCRLInStore
CryptEnumOIDInfo
CertCompareCertificate
CertOpenStore

untfs

FormatEx
Recover
Format

kernel32

GetPrivateProfileIntA
GetDiskFreeSpaceA
WriteProcessMemory
GetConsoleAliasW
GetTimeFormatA
GetDateFormatW
SetEnvironmentVariableA
ExpandEnvironmentStringsA
GetCurrentProcess
LoadLibraryA
GetAtomNameA
SetLastError
SleepEx
FindResourceExA
CreateDirectoryA
FoldStringW
GetNumberFormatA
FormatMessageA
CreateEventA
GetProcessHeap
GetCurrentDirectoryA
WriteFile
HeapCreate
GetComputerNameA
QueryDosDeviceA

user32

IsDialogMessageA
DispatchMessageA
GetCaretPos
SetFocus
CreateWindowExW
CharToOemA
PostMessageA
SetCursorPos
IsCharLowerA
wsprintfA
IsWindow
LoadCursorA
GetWindowTextA
PeekMessageA
DialogBoxParamW
LoadImageW
DrawIcon

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5238b79aa5b561b19ffe8af82628a89a

Headers

File Characteristics

Imports

wtsapi32

authz

crypt32

untfs

kernel32

user32

Sections

.text Size: 52KB - Virtual size: 48KB

.data Size: 20KB - Virtual size: 16KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 52KB - Virtual size: 48KB

.data
Size: 20KB - Virtual size: 16KB

.rsrc
Size: 20KB - Virtual size: 18KB