abd1394c7b4f6bb0988e31f582405698282d6794e74bf3c2f2e537f455b41dd3

General

Target

abd1394c7b4f6bb0988e31f582405698282d6794e74bf3c2f2e537f455b41dd3
Size

420KB
MD5

49a06348800633f78a4f5f87f1b38c05
SHA1

66bde689a519d98a01047b5285010b1962f6e15b
SHA256

abd1394c7b4f6bb0988e31f582405698282d6794e74bf3c2f2e537f455b41dd3
SHA512

04dc3852adb3a5d4ab8787f9e59df9543a5ac162aa842b7874259bc61157b8046d794cdc1266792b18e443c8b0ae0c0f04a16f0e98e026eb8cd5b1d880fe1386
SSDEEP

12288:4vRICY6NZmn8ixgsQSHNxnFR3f3vL2A3f4d:4vRO6bzsQaPRvz2KC

Score

N/A

Malware Config

Signatures

Files

abd1394c7b4f6bb0988e31f582405698282d6794e74bf3c2f2e537f455b41dd3
.exe windows x86

d6234d3a7a46c183b4ea1b9fe8aa5292

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

esent

JetBeginTransaction
JetCloseFile
JetCloseDatabase
JetCloseTable

kernel32

ReplaceFileA
GetBinaryTypeW
CreateMutexW
lstrcpynW
CopyFileA
FindNextFileA
GetNumberFormatA
GetExpandedNameA
HeapReAlloc
GetStartupInfoA
GetFileSize
GetDateFormatA
GetProcessHeap
CloseHandle
ReadFile
CreateDirectoryA
WriteFile
MoveFileA
InterlockedDecrement
GetACP
GetDiskFreeSpaceA
WaitForSingleObjectEx
lstrcatW
OpenJobObjectW
DeleteFileW
GetVersion
GetDriveTypeW
OpenSemaphoreA
GetProcAddress
GetModuleHandleA

wtsapi32

WTSShutdownSystem
WTSQueryUserToken
WTSVirtualChannelQuery
WTSLogoffSession
WTSVirtualChannelWrite
WTSCloseServer
WTSDisconnectSession
WTSSetUserConfigA
WTSSetSessionInformationW
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
WTSQuerySessionInformationA
WTSOpenServerW
WTSEnumerateSessionsA
WTSEnumerateServersA
WTSSendMessageA
WTSVirtualChannelOpen

Sections

.text
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6234d3a7a46c183b4ea1b9fe8aa5292

Headers

File Characteristics

Imports

esent

kernel32

wtsapi32

Sections

.text Size: 408KB - Virtual size: 408KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 192B

.text
Size: 408KB - Virtual size: 408KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 192B