846362cebf502ba758341170ae4bd849646c85bdb4457318b7cd10f63972aa73

Sharing

Copy URL

Twitter E-mail

General

Target

846362cebf502ba758341170ae4bd849646c85bdb4457318b7cd10f63972aa73
Size

182KB
MD5

a7b6dd5afb29395794aeb0d5ad0db677
SHA1

b78575f19bbffde91308781d8ab2dca55fa88446
SHA256

846362cebf502ba758341170ae4bd849646c85bdb4457318b7cd10f63972aa73
SHA512

cfdd876800555d3b3189563e96742bdb0da4bb362cdae9ef367dfb54fc3d8d108e7ccb280ef54c7b8fadf2fb1f2716ae185e17238627e49e048b7fc24195128e
SSDEEP

3072:xzSlpba56AAbihwo9aLCphS5c+Su9dEJCHGidDE4o2tUTv5pP8/y:UlsBb+o9aLCv+9jEsmidDZo2tUTv5pPD

Score

N/A

Malware Config

Signatures

Files

846362cebf502ba758341170ae4bd849646c85bdb4457318b7cd10f63972aa73
.exe windows x86

e9df1d1297c9755fde1ba6c2899f4033

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

wcscpy
malloc
wcslen
free
wcsncmp
wcscmp
sprintf
_snprintf
_except_handler3
calloc
atoi
_strnicmp
_ftol
strncpy
_controlfp
__set_app_type
_adjust_fdiv
__p__fmode
wcscat
__p__commode
__getmainargs
__setusermatherr
_initterm
_exit
__p___initenv
_XcptFilter
strrchr
_vsnprintf
_stricmp
rand
memmove
strpbrk
fgets
isdigit
fopen
sscanf
perror
exit
strtoul

advapi32

AllocateAndInitializeSid
RegEnumKeyA
RegCloseKey
RegNotifyChangeKeyValue
RegOpenKeyA
ReportEventA
RegisterEventSourceA
RegQueryValueExA
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegOpenKeyExA

kernel32

GetSystemTime
UnmapViewOfFile
EnterCriticalSection
CreateThread
LocalAlloc
FlushViewOfFile
OpenEventA
HeapSize
HeapFree
SetFilePointer
GetFileAttributesExA
CompareFileTime
CreateDirectoryA
FormatMessageA
OpenFileMappingA
LocalFree
lstrlenW
WideCharToMultiByte
ReleaseSemaphore
HeapDestroy
HeapCreate
GetVersionExA
LeaveCriticalSection
SystemTimeToFileTime
CreateFileMappingA
MapViewOfFile
InterlockedIncrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedDecrement
OpenProcess
CreateSemaphoreA
GetCurrentProcess
SetProcessWorkingSetSize
GetStdHandle
WriteFile
CreateFileA
ReadFile
GetLocalTime
WaitForMultipleObjects
ExitThread
GetTickCount
WaitForSingleObject
DeleteCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
ExpandEnvironmentStringsA
GetLastError
HeapAlloc
ResetEvent
InitializeCriticalSection
CreateEventA
SetEvent
CloseHandle

ws2_32

gethostbyname
bind
recv
recvfrom
sendto
htons
WSASend
getsockname
listen
WSAIoctl
setsockopt
WSACloseEvent
WSACreateEvent
WSAEventSelect
inet_addr
socket
WSAStartup
WSAEnumNetworkEvents
WSAAccept
shutdown
closesocket
WSACleanup
htonl
send
WSAGetLastError
ntohs
WSAWaitForMultipleEvents
ntohl
inet_ntoa

user32

DispatchMessageA
RegisterClassA
DefWindowProcA
PostQuitMessage
CreateWindowExA
GetMessageA

rpcrt4

NdrFreeBuffer
NdrConvert
NdrConformantArrayUnmarshall
NdrPointerBufferSize
NdrPointerMarshall
NdrSimpleStructUnmarshall
NdrPointerUnmarshall
RpcRaiseException
NdrClientInitializeNew
NdrConformantStringBufferSize
NdrSimpleStructBufferSize
NdrGetBuffer
NdrConformantStringMarshall
NdrSimpleStructMarshall
NdrSendReceive

adsldpc

ADSIGetFirstRow
ADSICloseDSObject
ADSISetSearchPreference
ADSIGetNextRow
ADSIGetColumn
ADSIFreeColumn
ADSICloseSearchHandle
ADSIExecuteSearch

rtutils

TraceRegisterExA
TraceDeregisterA
TracePrintfExA

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9df1d1297c9755fde1ba6c2899f4033

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ws2_32

user32

rpcrt4

adsldpc

rtutils

Sections

.text Size: 165KB - Virtual size: 165KB

.data Size: 4KB - Virtual size: 175KB

.rsrc Size: 10KB - Virtual size: 29KB

.text
Size: 165KB - Virtual size: 165KB

.data
Size: 4KB - Virtual size: 175KB

.rsrc
Size: 10KB - Virtual size: 29KB