aa055c92547679de5e334d1b2f280090ae327837f880f43ac1fdbb9f333c3bdb

General

Target

aa055c92547679de5e334d1b2f280090ae327837f880f43ac1fdbb9f333c3bdb
Size

96KB
MD5

7b69d0eb0522f429eceffd28a45a6614
SHA1

595a82453fb5d7db6f5f3a4a4e43e42c62e5d98c
SHA256

aa055c92547679de5e334d1b2f280090ae327837f880f43ac1fdbb9f333c3bdb
SHA512

e04f935bd1ddc0b1b52a9c9feb948d321b67b0d9917584258a5b5cb60e822cfc2a0e5814a9a162104212e5e2f4d49c9fc1d605301c27e0612d8b9df315bca0c8
SSDEEP

1536:LSGilXVXRErrlWa34Eflzoc5ltNNFdNwi1cIAD0FZEeDHIBFJwdT1BClf5E+w7SH:GpS4EflocPtNNheD47dxBU5Nw7S3j

Score

N/A

Malware Config

Signatures

Files

aa055c92547679de5e334d1b2f280090ae327837f880f43ac1fdbb9f333c3bdb
.exe windows x86

63606e3a83dbef30274c5a032fa923ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wtsapi32

WTSCloseServer
WTSEnumerateProcessesA
WTSQueryUserToken
WTSVirtualChannelRead
WTSEnumerateSessionsA
WTSSetSessionInformationA
WTSVirtualChannelPurgeInput
WTSRegisterSessionNotification
WTSOpenServerA
WTSLogoffSession
WTSFreeMemory
WTSVirtualChannelOpen
WTSWaitSystemEvent
WTSSendMessageA
WTSVirtualChannelWrite
WTSVirtualChannelQuery
WTSQuerySessionInformationA

eappcfg

EapHostPeerGetMethods
EapHostPeerFreeErrorMemory

dhcpcsvc

McastGenUID
DhcpEnumClasses
DhcpFreeMem
McastApiStartup

odbctrac

TraceSQLCancel
TraceSQLBindCol

kernel32

lstrlenW
CreateMutexW
GetProcAddress
GetFileSize
GetModuleHandleA
CreateHardLinkA
GetLogicalDriveStringsA
WriteConsoleW
CreateDirectoryA
GetLocaleInfoA
lstrcatA
WaitForSingleObjectEx
OpenJobObjectA
OpenEventW
Heap32First
CreateFileA
MoveFileExA
QueryDosDeviceA
MoveFileW
GetVersion
lstrcpynW
GetDriveTypeA
GetTickCount
GetSystemDirectoryA
FileTimeToSystemTime
GetACP
GetVolumeNameForVolumeMountPointA
FindNextFileA
CompareStringW
InterlockedDecrement

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63606e3a83dbef30274c5a032fa923ff

Headers

File Characteristics

Imports

wtsapi32

eappcfg

dhcpcsvc

odbctrac

kernel32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 432B

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 432B