5b04a596d7c1c2e08ebad55301f077601cdf3a7cabb16ea0c156f81043e561b8

General

Target

5b04a596d7c1c2e08ebad55301f077601cdf3a7cabb16ea0c156f81043e561b8
Size

365KB
MD5

30bdfd9c82f688286c30ec56dc5f13d0
SHA1

75b3bfce4dc498db19ea67ff3a75313b8d49efa7
SHA256

5b04a596d7c1c2e08ebad55301f077601cdf3a7cabb16ea0c156f81043e561b8
SHA512

df33c38f2a8c833eef25294f273bb82815fa4a01af93156b9272bc24b8167c4f1e2326d89d3ac6dc136c0f226b89ce2a3b8a239bddb0c3cbc3df1ab60c8c6024
SSDEEP

6144:DxknXJ+p86uYBsAUFECghElAxU/f6mAYGCeu1zSPM0ItZnCNrgEwYis3KuljRzG:Dxc5/6uYBsZWJbU3TFlMM0onCNhJiD41

Score

N/A

Malware Config

Signatures

Files

5b04a596d7c1c2e08ebad55301f077601cdf3a7cabb16ea0c156f81043e561b8
.dll windows x86

da12c548a6215b3a11b3fa8d8ea8c259

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
SetCurrentDirectoryW
BackupSeek
lstrcmpW
MapViewOfFile
EscapeCommFunction
CreateNamedPipeW
InitializeSListHead
GetCommTimeouts
ResetWriteWatch
SetProcessShutdownParameters
GlobalAddAtomA
GetComputerNameW
GetDateFormatW
SetCommBreak
FillConsoleOutputCharacterA
RegisterConsoleOS2

user32

LoadMenuW
RegisterClassExA
LoadCursorW
GetWindowLongA
GetWindowLongW
IsMenu
LoadCursorFromFileW
GetInputState

gdi32

GetStockObject

winsta

ServerLicensingOpenW
ServerLicensingGetPolicyInformationW
WinStationEnumerate_IndexedW
ServerLicensingGetAvailablePolicyIds
WinStationGetLanAdapterNameW
ServerLicensingOpenA
WinStationConnectW
WinStationAutoReconnect
WinStationSendWindowMessage
WinStationOpenServerW
WinStationGetAllProcesses

Exports

Exports

ACMEActionCheckingChecking
CompletedWorkgroup
CouldInstalledInstallationInfo
InfoOSDomain

Sections

.text
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da12c548a6215b3a11b3fa8d8ea8c259

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winsta

Exports

Exports

Sections

.text Size: 226KB - Virtual size: 226KB

.data Size: 63KB - Virtual size: 66KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 1024B - Virtual size: 1004B

.text
Size: 226KB - Virtual size: 226KB

.data
Size: 63KB - Virtual size: 66KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 1024B - Virtual size: 1004B