62266ce00be3c60de78e1f2df2c1fd9fd4fdd80882858c438886988e35091533

General

Target

62266ce00be3c60de78e1f2df2c1fd9fd4fdd80882858c438886988e35091533
Size

600KB
MD5

a312d36460c84630791ef3c7355c02c1
SHA1

9106471f791bf6570c472b0238e6771579f9fcf0
SHA256

62266ce00be3c60de78e1f2df2c1fd9fd4fdd80882858c438886988e35091533
SHA512

86dbdecfa6836054bdf95001d00b662cae9702456b4c7d4715df9c6dd6dc60ef3f9f3c8bbf6f22ff4dabbc2855d1e35351984bf61ae59fb85b83a0487ed0286d
SSDEEP

12288:1jv7+jCc+V8QiLlP+EUo2NCwbDpZL6SR:1Xuf+VELlUouJb1NZR

Score

N/A

Malware Config

Signatures

Files

62266ce00be3c60de78e1f2df2c1fd9fd4fdd80882858c438886988e35091533
.exe windows x86

438faec76918b3661e7934a94ac34f3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

avicap32

AppCleanup

rtm

RtmDeleteRouteList
RtmDeleteRouteTable
RtmDeleteRouteToDest
RtmDequeueRouteChangeMessage
RtmDereferenceHandles
RtmDeregisterClient
RtmDeregisterEntity
RtmDeregisterFromChangeNotification
RtmEnumerateGetNextRoute
RtmFindNextHop
RtmGetAddressFamilyInfo
RtmGetChangeStatus
RtmGetChangedDests
RtmGetDestInfo
RtmGetEntityInfo
RtmGetEntityMethods
RtmGetEnumDests
RtmGetEnumNextHops
RtmGetEnumRoutes
RtmGetExactMatchDestination
RtmGetExactMatchRoute
RtmGetFirstRoute
RtmGetInstanceInfo
RtmGetInstances
RtmGetLessSpecificDestination
RtmGetListEnumRoutes
RtmGetMostSpecificDestination
RtmGetNetworkCount
RtmGetNextHopInfo
RtmGetNextHopPointer
RtmGetNextRoute

kernel32

FreeConsole
_lopen
GetEnvironmentVariableA
GetTickCount
OutputDebugStringA
FreeConsole
IsBadCodePtr
IsBadWritePtr
GetCommandLineW
GetConsoleAliasA
LZRead

samlib

SamAddMemberToAlias
SamAddMemberToGroup
SamAddMultipleMembersToAlias
SamChangePasswordUser
SamChangePasswordUser2
SamChangePasswordUser3
SamCloseHandle
SamConnect
SamConnectWithCreds
SamCreateAliasInDomain

comctl32

CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar
CreateToolbar

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 274KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 544KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

438faec76918b3661e7934a94ac34f3f

Headers

File Characteristics

Imports

avicap32

rtm

kernel32

samlib

comctl32

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 274KB

.rsrc Size: 544KB - Virtual size: 548KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 274KB

.rsrc
Size: 544KB - Virtual size: 548KB