7c271c9329055f737ce4783e8713e864935e0eb6f76b0ea83f3898653d4b98b1

Sharing

Copy URL Twitter E-mail

General

Target

7c271c9329055f737ce4783e8713e864935e0eb6f76b0ea83f3898653d4b98b1
Size

256KB
MD5

92bff3b0142238e5e3087da0179248e2
SHA1

bbf43ddd072dd468d4472f473ec6a8525b935f2f
SHA256

7c271c9329055f737ce4783e8713e864935e0eb6f76b0ea83f3898653d4b98b1
SHA512

a61279700ba5ecf402a979c1af86c6bb3382d731d8fcfd075c25d2631d73d4da67000703e82077151c15723e913047509f88fecf926786b376b1e4d4b12398e0
SSDEEP

6144:iBZb7MMnMMMMMa9Y+x5+MerYJjRXLGKr7tP1Bfmd8H+xl:AdMMnMMMMMeX+lmXJr7lOeQ

Score

N/A

Malware Config

Signatures

Files

7c271c9329055f737ce4783e8713e864935e0eb6f76b0ea83f3898653d4b98b1
.exe windows x86

c231757b1f8d49e5528410cb4d36bd34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamRemoveMultipleMembersFromAlias
SamiSetDSRMPassword
SamConnectWithCreds
SamTestPrivateFunctionsUser

ddraw

DirectDrawEnumerateA

kernel32

InterlockedDecrement
LeaveCriticalSection
FormatMessageW
GetShortPathNameA
GlobalHandle
_llseek
lstrcmpiA
GetFileAttributesA
FreeEnvironmentStringsW
GlobalReAlloc
DeleteFileA
GetCommandLineA
MultiByteToWideChar
LoadResource
FlushFileBuffers
GetCurrentProcessId
GetSystemDirectoryA
GetEnvironmentStringsW
CloseHandle
SetFileAttributesA
FindNextFileA
DuplicateHandle
IsDBCSLeadByte
lstrlenA
GetLastError
MoveFileA
HeapSize
UnhandledExceptionFilter
CreateProcessA
GetVolumeInformationA
TerminateProcess
SetFilePointer
WideCharToMultiByte
LoadLibraryExA
HeapAlloc
GetOEMCP
GlobalDeleteAtom
GetTimeZoneInformation
GetTickCount
LockResource
GetStartupInfoA
GlobalUnlock
LCMapStringW
FindResourceA
IsBadReadPtr
WinExec
GetSystemDefaultLangID
GetFileType
WaitForSingleObject
GlobalSize
FormatMessageA
ResetEvent
_lwrite
GetDateFormatA
GlobalLock
FileTimeToSystemTime
GetVersionExA
lstrcmpA
GetCurrentProcess
GlobalFree
HeapCreate
GetLocaleInfoA
TlsGetValue
VirtualQuery
GetCurrentThreadId
CreateFileA
LoadLibraryA
GetCurrentDirectoryA
SetCurrentDirectoryA
VirtualProtect
GetTempPathA
SearchPathA
GetExitCodeProcess
CreateEventA
VirtualAlloc
ExitProcess
GetModuleHandleA
CreateMailslotA
GetUserDefaultLCID
_lread
GetProcAddress
lstrcmpiW
FlushInstructionCache
SetEndOfFile
SetEnvironmentVariableA
WriteFile
ReadFile
GetStringTypeA
CompareStringW
GetLocalTime
lstrcpynA
GetSystemDefaultLCID
CreateProcessW
GetACP
FileTimeToLocalFileTime
FreeEnvironmentStringsA
RtlUnwind
SetErrorMode
lstrcatA
TlsSetValue
VirtualFree
GetCPInfo
SetLocalTime
RaiseException
SetStdHandle
IsBadCodePtr
SetHandleCount
InterlockedIncrement
MulDiv
GetModuleFileNameW
CreateSemaphoreA
ResumeThread
FreeResource
CreateDirectoryA
GetFullPathNameA
SetEvent
GetEnvironmentStrings
FreeLibrary
lstrcpyA
GetWindowsDirectoryA
_lclose
HeapDestroy
GlobalAlloc
FindFirstFileA
GetProfileStringA
SetFileTime
DeleteCriticalSection
GetSystemInfo
LCMapStringA
GetStdHandle
Sleep
GlobalAddAtomA
InitializeCriticalSection
GetStringTypeExA
SystemTimeToFileTime
LockFile
GetUserDefaultLangID
ReleaseSemaphore
CreateThread
RemoveDirectoryA
GetModuleFileNameA
HeapReAlloc
TlsFree
GetDriveTypeA
FindClose
SetLastError
ExitThread
GetVersion
CompareStringA
UnlockFile
HeapFree
GetStringTypeW
GetSystemTime
GetTempFileNameA
EnterCriticalSection
SizeofResource
TlsAlloc

mswsock

sethostname

advapi32

RegSetValueExW
RegCreateKeyW
OpenProcessToken
InitializeSecurityDescriptor
RegEnumKeyW
SetSecurityDescriptorDacl
ReportEventA
RegDeleteValueW
RegEnumValueW
RegSetValueA
RegOpenKeyW
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExA
RegisterEventSourceA
LookupPrivilegeValueA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumKeyA
RegCreateKeyA
RegQueryValueExA
DeregisterEventSource
AdjustTokenPrivileges
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c231757b1f8d49e5528410cb4d36bd34

Headers

DLL Characteristics

File Characteristics

Imports

samlib

ddraw

kernel32

mswsock

advapi32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 131KB - Virtual size: 130KB

.reloc Size: 512B - Virtual size: 64B

.data Size: 154KB - Virtual size: 1.0MB

.rdata Size: 205KB - Virtual size: 205KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 131KB - Virtual size: 130KB

.reloc
Size: 512B - Virtual size: 64B

.data
Size: 154KB - Virtual size: 1.0MB

.rdata
Size: 205KB - Virtual size: 205KB