97f4a4d4f61313f61901250de0c1bd04ea0aa3f938ddc5962b9f8ce957c0b0b7

Sharing

Copy URL Twitter E-mail

General

Target

97f4a4d4f61313f61901250de0c1bd04ea0aa3f938ddc5962b9f8ce957c0b0b7
Size

283KB
MD5

4d9cf95469ed33f4659429d530cc7180
SHA1

d37393a05592913778122c8aff480f917de71153
SHA256

97f4a4d4f61313f61901250de0c1bd04ea0aa3f938ddc5962b9f8ce957c0b0b7
SHA512

28f858bebdd68a32ed41a5e23635515042919fdaff3937ca7cd3b406c399f89010dc3b8804d424bdaec8ab8e90087d044cdff85e6e889fdb2e8dedb827f1325e
SSDEEP

6144:8PHfHT7nvuz/sBz/K2ib1cHOmVbp8fT2kZp:GHLD2z/sJHib1cHOmxpIqkH

Score

N/A

Malware Config

Signatures

Files

97f4a4d4f61313f61901250de0c1bd04ea0aa3f938ddc5962b9f8ce957c0b0b7
.exe windows x86

50ababa65d948acd4e30247d0dae1848

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetLastError
MultiByteToWideChar
ExitProcess
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
BeginUpdateResourceW
GetProcAddress

samlib

SamSetInformationGroup
SamLookupNamesInDomain
SamGetCompatibilityMode
SamiEncryptPasswords
SamOpenDomain
SamLookupIdsInDomain
SamSetSecurityObject
SamAddMultipleMembersToAlias
SamQueryInformationUser
SamDeleteAlias
SamOpenUser
SamQueryInformationDomain
SamiChangePasswordUser2

lpk

LpkGetCharacterPlacement
LpkEditControl

Sections

.icode
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ZRg
Size: 3KB - Virtual size: 726KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jzJfK
Size: 3KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 99KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wO
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 117KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SVfWx
Size: 4KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50ababa65d948acd4e30247d0dae1848

Headers

File Characteristics

Imports

kernel32

samlib

lpk

Sections

.icode Size: 1KB - Virtual size: 1KB

.ZRg Size: 3KB - Virtual size: 726KB

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 1KB - Virtual size: 35KB

.jzJfK Size: 3KB - Virtual size: 503KB

.edata Size: 99KB - Virtual size: 163KB

.wO Size: 4KB - Virtual size: 10KB

.data Size: 7KB - Virtual size: 90KB

.edata Size: 117KB - Virtual size: 211KB

.SVfWx Size: 4KB - Virtual size: 298KB

.rsrc Size: 24KB - Virtual size: 24KB

.icode
Size: 1KB - Virtual size: 1KB

.ZRg
Size: 3KB - Virtual size: 726KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1KB - Virtual size: 35KB

.jzJfK
Size: 3KB - Virtual size: 503KB

.edata
Size: 99KB - Virtual size: 163KB

.wO
Size: 4KB - Virtual size: 10KB

.data
Size: 7KB - Virtual size: 90KB

.edata
Size: 117KB - Virtual size: 211KB

.SVfWx
Size: 4KB - Virtual size: 298KB

.rsrc
Size: 24KB - Virtual size: 24KB