b1090d5df682c96e45857cfaed77340c8bc59907b2b61b780d22dcd422bbf6fd

Sharing

Copy URL Twitter E-mail

General

Target

b1090d5df682c96e45857cfaed77340c8bc59907b2b61b780d22dcd422bbf6fd
Size

73KB
MD5

438b098e40dc09679e3751a41e6be020
SHA1

93e147288510fcb11e7e2858ea107cf8ea35ccba
SHA256

b1090d5df682c96e45857cfaed77340c8bc59907b2b61b780d22dcd422bbf6fd
SHA512

cc21f07def166b9c62fbc65f7156c6e191c14f693cbcc797502965bc2ea74d0e4a9b40fdd9990c106a7523873479183876d45e37ff84516d491d76327c3c7695
SSDEEP

1536:HFARmEKXHboc6qBNPs3Yx75E1oPJT+QGqbvGFd0xZLf:HFowXbGqBn59CQpiFa9

Score

N/A

Malware Config

Signatures

Files

b1090d5df682c96e45857cfaed77340c8bc59907b2b61b780d22dcd422bbf6fd
.exe windows x86

6c9d62724ee6915581ec01d0113d153e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetDateFormatA
GetCurrentDirectoryW
GlobalFindAtomW
lstrcpyA
GetTempPathW
LoadResource
WaitForMultipleObjects
LocalAlloc
EnumCalendarInfoW
OpenSemaphoreA
GetUserDefaultLCID
OpenMutexA
RaiseException
GetDateFormatW
SearchPathA
GetSystemInfo
FatalAppExitA
GetWindowsDirectoryW
GetShortPathNameA
lstrcpynW
SetCurrentDirectoryW
GetSystemDefaultLangID
lstrlenA
GlobalGetAtomNameA
FindResourceA
SystemTimeToFileTime
GetNumberFormatW
WaitForSingleObject
FatalAppExitW
EnumDateFormatsW
Beep
GetAtomNameA
SetErrorMode
CreateThread
EnumDateFormatsA
GetCalendarInfoW
GlobalAlloc
CreateMailslotA
FindAtomA
OpenWaitableTimerA
QueryPerformanceFrequency
GetSystemDirectoryA
GetLongPathNameA
IsBadCodePtr
GetMailslotInfo
GetCurrentThreadId
IsValidLocale
CreateDirectoryA
ReadDirectoryChangesW
GetLogicalDriveStringsA
SetLocaleInfoA
CompareFileTime
MoveFileA
SetComputerNameW
SetLocaleInfoW
DosDateTimeToFileTime
GetVolumeInformationA
FindAtomW
GetSystemTime
ExpandEnvironmentStringsW
FileTimeToDosDateTime
GetTempFileNameA
DisconnectNamedPipe
GetFullPathNameW
EnumTimeFormatsA
CreateDirectoryW
GetCalendarInfoA
MoveFileW
GetOEMCP
EnumCalendarInfoA
CreateNamedPipeA
GetLocalTime
GetWindowsDirectoryA

user32

DialogBoxParamA
GetWindowDC
LoadImageW
AdjustWindowRect
GetTopWindow
DialogBoxParamW
CopyRect
TrackPopupMenuEx
LoadMenuIndirectA
LoadBitmapA
OffsetRect
GetClassInfoExW
GetKeyboardType
wvsprintfW
WinHelpA
SetCapture

advapi32

SetEntriesInAuditListW
CredMarshalCredentialA
MSChapSrvChangePassword2
AddAccessDeniedAceEx
CancelOverlappedAccess
ObjectDeleteAuditAlarmW
RegOpenKeyExW
EqualSid
LsaEnumerateTrustedDomains
RegSetValueA
LsaLookupNames2
CryptSetProviderA
AccessCheckByTypeResultListAndAuditAlarmA
BuildTrusteeWithSidW
CredRenameA
LsaEnumerateAccounts
GetCurrentHwProfileW
OpenProcessToken
WmiQuerySingleInstanceMultipleA
SystemFunction040
I_ScSendTSMessage
CreatePrivateObjectSecurityWithMultipleInheritance
ElfReadEventLogW
GetMultipleTrusteeOperationA
GetMultipleTrusteeW
WmiReceiveNotificationsA
GetWindowsAccountDomainSid
OpenEventLogW
A_SHAInit
ConvertSDToStringSDRootDomainW
IsTokenRestricted
CloseEncryptedFileRaw
QueryServiceStatus
MSChapSrvChangePassword
GetSecurityDescriptorLength
RegDeleteKeyW
LsaSetForestTrustInformation
LsaSetTrustedDomainInformation
SystemFunction035
EnumerateTraceGuids
InitiateSystemShutdownExW
CreateProcessWithLogonW
FindFirstFreeAce
ReportEventW
BuildTrusteeWithObjectsAndNameW
RegQueryValueExW
I_ScSetServiceBitsW
CredpConvertTargetInfo
BuildImpersonateExplicitAccessWithNameW
SetNamedSecurityInfoA

gdi32

CreateFontIndirectExW
CreateRectRgn
CreateFontW
CreateDIBPatternBrushPt
CreateCompatibleDC

netcfgx

NetPropPageProvider

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c9d62724ee6915581ec01d0113d153e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

netcfgx

Sections

.text Size: 22KB - Virtual size: 22KB

.CRT Size: 2KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 37KB - Virtual size: 7.9MB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 22KB - Virtual size: 22KB

.CRT
Size: 2KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 37KB - Virtual size: 7.9MB

.rsrc
Size: 6KB - Virtual size: 5KB