6bf754e7ba83226240ce4b601675b4fec913512cf3b7e42c4cb5a0131646e440

Sharing

Copy URL Twitter E-mail

General

Target

6bf754e7ba83226240ce4b601675b4fec913512cf3b7e42c4cb5a0131646e440
Size

252KB
MD5

aece75ae5b350653ec8540e1c2d4b8e7
SHA1

b04b7717aa4eb7cf7fac53d22d8643b278353ced
SHA256

6bf754e7ba83226240ce4b601675b4fec913512cf3b7e42c4cb5a0131646e440
SHA512

deec14c5d85a0b6e72da1c82f623e19f64119d209926fa213a1d22e28dfd2212c9ca344940224f9ae0e66ac88fa78bf25307c077e2f34879c425a8ee0dbac5a8
SSDEEP

3072:GUDFPj7aDsPRN6d4NJmKGQbgBsIOA6B59PwM36UXBgMbnZt2L8OpZ:JF7GgPYKVbgBsXZPD6+gM7mp

Score

N/A

Malware Config

Signatures

Files

6bf754e7ba83226240ce4b601675b4fec913512cf3b7e42c4cb5a0131646e440
.exe windows x86

79bb8b5fa56fdb3a8fe2370fdf4a1985

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

authz

AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzFreeContext
AuthzFreeAuditEvent

user32

IsCharLowerW
LoadMenuW
PeekMessageA
LoadBitmapA
InsertMenuA
DialogBoxParamA
GetClassLongA
CreateDesktopW
DrawStateA
LoadIconA
GetDlgItemTextW

wtsapi32

WTSVirtualChannelPurgeInput
WTSVirtualChannelRead
WTSQuerySessionInformationA
WTSSendMessageA
WTSVirtualChannelClose
WTSFreeMemory
WTSOpenServerW
WTSVirtualChannelQuery
WTSUnRegisterSessionNotification
WTSSetUserConfigW
WTSRegisterSessionNotification

shell32

SHCreateShellItem
DuplicateIcon
ShellAboutA
SHGetDataFromIDListA
SHChangeNotify
SHGetFileInfoA
DragFinish
DllUnregisterServer
SHFileOperationA
SHGetDiskFreeSpaceA
SHGetMalloc
ShellMessageBoxA

kernel32

GetDriveTypeA
GetConsoleTitleW
FormatMessageA
ReadConsoleA
GetModuleHandleA
CreateDirectoryA
GetNumberFormatW
GetFullPathNameW
WriteConsoleA
GetVersionExA
HeapAlloc
VirtualProtectEx
LoadLibraryW
CompareStringA
CreateFileW
WaitForSingleObject

clusapi

CloseClusterNode
CloseClusterGroup
ClusterControl

mprapi

MprAdminConnectionEnum
MprInfoBlockFind
MprInfoBlockAdd

modemui

InvokeControlPanel
CountryRunOnce

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79bb8b5fa56fdb3a8fe2370fdf4a1985

Headers

DLL Characteristics

File Characteristics

Imports

authz

user32

wtsapi32

shell32

kernel32

clusapi

mprapi

modemui

Sections

.text Size: 220KB - Virtual size: 216KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 1014B

.text
Size: 220KB - Virtual size: 216KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 1014B