b2f189c736c38f5d33518276903510106ab6c0aa22424b149a5bcc92c2d79503

Sharing

Copy URL

Twitter E-mail

General

Target

b2f189c736c38f5d33518276903510106ab6c0aa22424b149a5bcc92c2d79503
Size

825KB
MD5

0e5bb6d055bc4b0649df4a897b948765
SHA1

a3300b666856e698d4af6b64e74a58129770cb84
SHA256

b2f189c736c38f5d33518276903510106ab6c0aa22424b149a5bcc92c2d79503
SHA512

110b02452a6540a6ccadce8d93ec328cc8d31f8422bee92974a1f8ab824c130b5de824d91937836a749c5fbcc1d65d5fd0f49835112d32fa7dc3705706be846b
SSDEEP

24576:a8p6xqnNRaTppBCDUlrmzmTrO5v3TnvJt:a8p6xgaTBCOsArYTJ

Score

N/A

Malware Config

Signatures

Files

b2f189c736c38f5d33518276903510106ab6c0aa22424b149a5bcc92c2d79503
.exe windows x86

56e1c0050d6f5018f696c1070896c91a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetCurrentThread
GetUserDefaultUILanguage
SetConsoleFont
MulDiv
FlushFileBuffers
QueryPerformanceCounter
QueryDosDeviceW
IsBadWritePtr
OpenWaitableTimerW
LocalFree
_lread
InterlockedIncrement
LZSeek
FindCloseChangeNotification
TlsGetValue
OpenProcess
LZStart
GlobalSize
RemoveDirectoryA
FileTimeToSystemTime
GetModuleHandleW
ClearCommError
DosPathToSessionPathW
LoadLibraryW
GetLocaleInfoA

mprapi

MprAdminGetPDCServer
MprAdminMIBEntryGetNext
MprAdminDeregisterConnectionNotification
MprAdminInterfaceSetCredentials
MprInfoBlockFind
MprAdminConnectionGetInfo
MprConfigServerInstall
MprAdminServerSetCredentials
MprConfigGetFriendlyName
MprAdminInterfaceUpdatePhonebookInfo
MprAdminUserRead
MprAdminUpgradeUsers
MprAdminEstablishDomainRasServer
MprConfigInterfaceTransportEnum
MprInfoBlockRemove
MprInfoCreate
MprConfigInterfaceSetInfo
MprAdminPortClearStats
MprGetUsrParams
MprConfigInterfaceTransportSetInfo
MprAdminUserClose
MprAdminTransportGetInfo
MprAdminConnectionEnum
MprAdminConnectionClearStats
MprAdminDeviceEnum
MprAdminMIBEntryGet

clusapi

OfflineClusterResource
SetClusterName
GetClusterNodeState
CloseClusterNetInterface
ClusterResourceControl
ClusterResourceTypeEnum
GetClusterGroupState
ClusterRegSetKeySecurity
ClusterNetworkGetEnumCount
ClusterRegDeleteValue
RemoveClusterResourceDependency
ClusterResourceCloseEnum
SetClusterGroupName
ClusterGetEnumCount
SetClusterResourceName
ClusterRegOpenKey
EvictClusterNode
RegisterClusterNotify
ClusterCloseEnum
GetClusterNetworkKey

dhcpsapi

DhcpDeleteClass
DhcpServerSetDnsRegCredentials
DhcpServerGetConfig
DhcpServerRestoreDatabase
DhcpEnumSubnetElementsV5
DhcpDsCleanup
DhcpRpcFreeMemory
DhcpModifyClass
DhcpSetOptionValuesV5
DhcpRemoveSubnetElementV4
DhcpDeleteSuperScopeV4
DhcpGetAllOptions

esent

JetGetLogInfoInstance2
JetCommitTransaction
JetIdle
JetEnumerateColumns
JetGetObjectInfo
JetCreateTable
JetDeleteIndex
JetSetSystemParameter
JetRestore2
JetEndExternalBackupInstance2
JetGotoBookmark
JetGetCurrentIndex
JetBackupInstance
JetDupCursor
JetTerm
JetSeek@12

apphelp

SdbTagIDToTagRef
SdbReadWORDTagRef
ApphelpFixMsiPackageExe
SdbEnumMsiTransforms
SdbGetFirstChild
SdbTagToString
SdbGetDatabaseID
SdbReadEntryInformation
SdbReadMsiTransformInfo
SdbGetStandardDatabaseGUID
SdbFindNextTag

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56e1c0050d6f5018f696c1070896c91a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mprapi

clusapi

dhcpsapi

esent

apphelp

Sections

.text Size: 367KB - Virtual size: 366KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 1024B - Virtual size: 792B

.text
Size: 367KB - Virtual size: 366KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 1024B - Virtual size: 792B