63d638fa7574431cb0051a256048bd6d9cf5bc2de12497a4a945ea0ff264d5a7

Sharing

Copy URL

Twitter E-mail

General

Target

63d638fa7574431cb0051a256048bd6d9cf5bc2de12497a4a945ea0ff264d5a7
Size

130KB
MD5

7280f3459bd673ea64e8cfb64aee76e0
SHA1

7a4e0f3c8c40917a413de98c110c20a452550c07
SHA256

63d638fa7574431cb0051a256048bd6d9cf5bc2de12497a4a945ea0ff264d5a7
SHA512

a563b4d8ecbab2a44fd677e944e9cc8c736cd5e34839adc95f9f69485f64b6c532c86362df13c563beb51c524ebb5bf2ef798178e4c7e3f0468626d863f57531
SSDEEP

3072:SDv4WnhNknkglLUgXFEba06+LJlIP13lB:Sr4WP+kg5U6FEba06A813b

Score

N/A

Malware Config

Signatures

Files

63d638fa7574431cb0051a256048bd6d9cf5bc2de12497a4a945ea0ff264d5a7
.exe windows x86

e4dc6f37dc0e0299d45565dadd4e4c0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterNodeCloseEnum
CloseClusterResource
ClusterRegGetKeySecurity
ClusterNodeEnum
GetClusterKey
AddClusterResourceDependency
ClusterCloseEnum
ClusterRegEnumKey
ClusterResourceEnum
CreateClusterResource
CreateClusterNotifyPort
ClusterRegDeleteValue
ClusterRegCloseKey
ClusterRegSetValue
ClusterNodeOpenEnum
DeleteClusterGroup
DeleteClusterResource
ClusterResourceTypeControl
ClusterRegOpenKey
CloseCluster
CloseClusterNetwork
CreateClusterResourceType
DeleteClusterResourceType
ClusterNetworkEnum
CloseClusterNode
GetClusterGroupState
ClusterResourceControl
EvictClusterNode
CreateClusterGroup
ClusterNetInterfaceControl
CanResourceBeDependent

kernel32

GetStartupInfoA
GetModuleHandleA
HeapCreate
lstrcatA

user32

RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
DestroyWindow
DefWindowProcA
CreateWindowExA

winmm

auxGetNumDevs

advapi32

EqualPrefixSid
RegQueryInfoKeyW
CloseEventLog
InitiateSystemShutdownA
RegUnLoadKeyW
GetSecurityDescriptorDacl
NotifyBootConfigStatus
GetFileSecurityA
LsaEnumerateAccountsWithUserRight
OpenEventLogW
StartServiceCtrlDispatcherA
CreatePrivateObjectSecurity
SetFileSecurityA
RegNotifyChangeKeyValue
GetTokenInformation
GetOldestEventLogRecord
ObjectCloseAuditAlarmA
RegRestoreKeyW
FindFirstFreeAce
SetSecurityDescriptorDacl
RegQueryValueExW
RegEnumKeyExA
RegQueryInfoKeyA
EnumServicesStatusA
RegDeleteKeyA
MakeSelfRelativeSD
RegDeleteValueA
SetPrivateObjectSecurity
StartServiceA
RegFlushKey
LockServiceDatabase
RegCreateKeyExA
GetSidSubAuthority
MapGenericMask
LsaQueryInformationPolicy
QueryServiceObjectSecurity
ClearEventLogW
GetTrusteeNameA
GetNamedSecurityInfoW
IsTextUnicode
SetServiceObjectSecurity
GetAuditedPermissionsFromAclW
LsaEnumerateAccountRights
LookupSecurityDescriptorPartsW
PrivilegeCheck
OpenProcessToken
UnlockServiceDatabase
RegEnumKeyExW
GetSidSubAuthorityCount
SetTokenInformation
GetTrusteeFormW
RegCreateKeyW
LsaDeleteTrustedDomain
GetPrivateObjectSecurity
GetEffectiveRightsFromAclA
RegDeleteValueW
OpenBackupEventLogW
RegCreateKeyA
ChangeServiceConfigW
DecryptFileA
EncryptFileA
RegQueryMultipleValuesA
EnumDependentServicesW
LsaQueryTrustedDomainInfoByName
RegSetKeySecurity
LsaOpenPolicy
LsaLookupSids
GetMultipleTrusteeA
LsaFreeMemory
RegSaveKeyW
SetFileSecurityW
GetMultipleTrusteeW
LookupPrivilegeNameA
LookupAccountSidW
ObjectDeleteAuditAlarmA
OpenBackupEventLogA
GetMultipleTrusteeOperationA
LookupSecurityDescriptorPartsA
RegQueryMultipleValuesW
GetFileSecurityW
ObjectDeleteAuditAlarmW
ObjectPrivilegeAuditAlarmW
InitializeSid
RegEnumKeyW
IsValidSecurityDescriptor
RegisterServiceCtrlHandlerA
LogonUserA
QueryServiceConfigW
IsValidSid
OpenServiceW
GetServiceKeyNameA
SetNamedSecurityInfoW
ObjectOpenAuditAlarmA
CreateProcessAsUserW
GetSecurityDescriptorGroup
LookupAccountNameW
LsaSetTrustedDomainInfoByName
RegOpenKeyA
SetEntriesInAclW
GetAuditedPermissionsFromAclA
DestroyPrivateObjectSecurity
RegCreateKeyExW
GetUserNameA
CreateRestrictedToken
OpenSCManagerA
RegSetValueW
LookupPrivilegeValueW
InitiateSystemShutdownW
PrivilegedServiceAuditAlarmA
SetSecurityDescriptorOwner
RegEnumValueW
SetServiceStatus
LookupPrivilegeDisplayNameA
ImpersonateLoggedOnUser
QueryServiceConfigA
OpenServiceA
SetSecurityInfo
QueryServiceLockStatusW
LsaNtStatusToWinError
GetSecurityDescriptorSacl
ClearEventLogA
OpenThreadToken
LsaSetInformationPolicy
PrivilegedServiceAuditAlarmW
SetNamedSecurityInfoA
LsaQueryTrustedDomainInfo
RegReplaceKeyA
ImpersonateNamedPipeClient
GetMultipleTrusteeOperationW
CloseServiceHandle
GetKernelObjectSecurity
RegUnLoadKeyA
SetSecurityDescriptorGroup
IsValidAcl
LsaAddAccountRights
GetSecurityDescriptorOwner
GetAclInformation
GetTrusteeNameW
RegOpenKeyExA
GetExplicitEntriesFromAclA
GetAce
RegOverridePredefKey
ReportEventW
QueryServiceConfig2W
ObjectOpenAuditAlarmW
FreeSid
LookupPrivilegeValueA
SetKernelObjectSecurity
RegConnectRegistryA
RegRestoreKeyA
LsaStorePrivateData
GetSidIdentifierAuthority
LsaSetDomainInformationPolicy
ReadEventLogW
RevertToSelf
LogonUserW
DeregisterEventSource
RegGetKeySecurity
GetSidLengthRequired
LookupPrivilegeDisplayNameW
SetThreadToken
OpenSCManagerW
IsTokenRestricted
LookupPrivilegeNameW
DeleteAce
RegSaveKeyA
RegQueryValueW
InitializeAcl

msvcrt

_controlfp
_except_handler3
__dllonexit
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_onexit
__set_app_type
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4dc6f37dc0e0299d45565dadd4e4c0c

Headers

File Characteristics

Imports

clusapi

kernel32

user32

winmm

advapi32

msvcrt

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 1.0MB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 1.0MB

.rsrc
Size: 24KB - Virtual size: 21KB