f481c6e155677e5c8f65bde2a5d32ec333a1ecac2908c107d541ad2f8c71a424

General

Target

f481c6e155677e5c8f65bde2a5d32ec333a1ecac2908c107d541ad2f8c71a424
Size

836KB
MD5

458d114114d972cfa4a66644ac37fab4
SHA1

cc46ba8290e01749eb0ebb4be4e0f9ad1555df9d
SHA256

f481c6e155677e5c8f65bde2a5d32ec333a1ecac2908c107d541ad2f8c71a424
SHA512

fd369f0b07e2b14d11810f7098bd6d20053492b661aca7cc2c26ac1a9f12e7c12750894b972aaab04a928de286ca101a7546752a8adc7449de57ed17ea5f7f40
SSDEEP

12288:sNRTnf5e6U+qW+B3U3QSPhSHhPGqoPTIBymRzoN+Wh0F9FRUxwH/mbjv:sNBnf5lU/zWgyhYnoPEwSoMwxwfajv

Score

N/A

Malware Config

Signatures

Files

f481c6e155677e5c8f65bde2a5d32ec333a1ecac2908c107d541ad2f8c71a424
.exe windows x86

59d28dd6cbcf2b6ef88ce0f6c7f7fd6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

dsauth

DhcpAddServerDS

pdh

PdhAdd009CounterA
PdhAdd009CounterW
PdhAddCounterA
PdhAddCounterW
PdhBindInputDataSourceA
PdhBindInputDataSourceW
PdhBrowseCountersA
PdhBrowseCountersHA
PdhBrowseCountersHW
PdhBrowseCountersW
PdhCalculateCounterFromRawValue
PdhCloseLog
PdhCloseQuery
PdhCollectQueryData
PdhCollectQueryDataEx
PdhComputeCounterStatistics
PdhConnectMachineA
PdhConnectMachineW
PdhCreateSQLTablesA
PdhCreateSQLTablesW
PdhEnumLogSetNamesA
PdhEnumLogSetNamesW
PdhEnumMachinesA
PdhEnumMachinesHA
PdhEnumMachinesHW
PdhEnumMachinesW
PdhEnumObjectItemsA
PdhEnumObjectItemsHA
PdhEnumObjectItemsHW
PdhEnumObjectItemsW
PdhEnumObjectsA

kernel32

DecodePointer
GetLastError
GetSystemDirectoryA
DeviceIoControl
IsBadCodePtr
AddVectoredExceptionHandler
AllocConsole
AllocateUserPhysicalPages
AreFileApisANSI
CreateSemaphoreA
_lopen
_lread

onex

OneXAddEapAttributes
OneXAddTLV
OneXCompareAuthParams
OneXCopyAuthParams
OneXCreateDefaultProfile
OneXCreateDiscoveryProfiles
OneXCreateSupplicantPort
OneXDeInitialize

advpack

AddDelBackupEntry

Sections

.text
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 778KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

Sharing

General

Malware Config

Signatures

Files

59d28dd6cbcf2b6ef88ce0f6c7f7fd6d

Headers

File Characteristics

Imports

dsauth

pdh

kernel32

onex

advpack

Sections

.text Size: 28KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 14KB

.rsrc Size: 778KB - Virtual size: 780KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 28KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 14KB

.rsrc
Size: 778KB - Virtual size: 780KB

.rsrc
Size: 5KB - Virtual size: 8KB