d8d1d5a362334bcdf6917eb2fd22065288ea26a7eccb189718b344aa7d8f34cc

Sharing

Copy URL Twitter E-mail

General

Target

d8d1d5a362334bcdf6917eb2fd22065288ea26a7eccb189718b344aa7d8f34cc
Size

576KB
MD5

62e5abe63e599b9e913411784188573d
SHA1

da917e0c907f7e7ed5d13b8956b656832606df4c
SHA256

d8d1d5a362334bcdf6917eb2fd22065288ea26a7eccb189718b344aa7d8f34cc
SHA512

b2f627acbd8afc23a570f42e59052a3cafc65af0a657375d7f14cd0dccbadfc677b8ab70453db5843041f9a7c5621137770be6f8f82b2cf73c029f9466b068c5
SSDEEP

12288:tdGev6rCsnAZCO2qQdj4XMyc8wFA7hWMfDD+e2:tdYGsny12VqJWA70MO

Score

N/A

Malware Config

Signatures

Files

d8d1d5a362334bcdf6917eb2fd22065288ea26a7eccb189718b344aa7d8f34cc
.exe windows x86

ed88770930de0a4d8fa3f1ada177f82b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertFindExtension
CertControlStore
CertAlgIdToOID
CertCloseStore
CertAddStoreToCollection
CertFindChainInStore
CryptEnumOIDInfo
CertNameToStrA
CertFindAttribute
CertFreeCRLContext
CertOpenStore
CertCreateCRLContext
CertSaveStore

cfgmgr32

CMP_UnregisterNotification
CM_Add_IDA

user32

IsCharLowerW
SetFocus
PostMessageW
IsZoomed
CharToOemA
GetWindowTextA
DialogBoxParamA
IsDialogMessageA
SetCursorPos
DrawIcon
LoadCursorA

shlwapi

UrlHashA
UrlCreateFromPathA
UrlIsNoHistoryA
PathCombineA
UrlIsOpaqueW
UrlGetPartA
PathCompactPathA
UrlIsA
UrlGetLocationA
UrlCompareA

wtsapi32

WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSEnumerateProcessesA
WTSSetSessionInformationA
WTSSetUserConfigA
WTSVirtualChannelOpen
WTSVirtualChannelClose
WTSQuerySessionInformationA
WTSCloseServer
WTSEnumerateServersA

kernel32

GetTickCount
GetModuleHandleA
FileTimeToSystemTime
GetAtomNameW
CompareStringW
QueryDosDeviceA
CreateNamedPipeW
GetCurrentProcess
GetDiskFreeSpaceA
GetProcAddress
GetLogicalDrives
GetEnvironmentVariableW
SetVolumeLabelA
CloseHandle
CreateSemaphoreA
CreateEventW
OpenMutexA
GetCurrentDirectoryW
InterlockedExchange
InterlockedDecrement
lstrcmpiA
lstrcmpA
CopyFileA
lstrcmpiA

authz

AuthzInitializeContextFromSid
AuthzFreeResourceManager

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 543KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed88770930de0a4d8fa3f1ada177f82b

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

cfgmgr32

user32

shlwapi

wtsapi32

kernel32

authz

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 1KB - Virtual size: 5KB

.rsrc Size: 543KB - Virtual size: 612KB

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 1KB - Virtual size: 5KB

.rsrc
Size: 543KB - Virtual size: 612KB