18f8b5f2252b0595459c2a62c10970dcbcfad37beaac83b8ad83d71fcb5a5528

Sharing

Copy URL

Twitter E-mail

General

Target

18f8b5f2252b0595459c2a62c10970dcbcfad37beaac83b8ad83d71fcb5a5528
Size

253KB
MD5

32cb96131081bea16082ad969e47cd6d
SHA1

8849d350ce2e989577cfc9f05ca0ee859b01a76c
SHA256

18f8b5f2252b0595459c2a62c10970dcbcfad37beaac83b8ad83d71fcb5a5528
SHA512

16a2f310dc509ebf01cd000eb7697775eb000536dbedb8f554073659fc0d3d933e60f5e1b0441237a98b00397273f391cf40531e3c3121342e17aa395001f1a7
SSDEEP

6144:WokvYqqMahxn7yXSeA6kzqb9ajF3POt5C5iEbSY30a+:nkvVux7yCECVPkCIEbHkH

Score

N/A

Malware Config

Signatures

Files

18f8b5f2252b0595459c2a62c10970dcbcfad37beaac83b8ad83d71fcb5a5528
.exe windows x86

137aa60f94ac4ecd49dcf620192aba7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

GetClusterNodeState
OpenCluster
RemoveClusterResourceDependency
SetClusterGroupName
CreateClusterResource
ClusterCloseEnum
EvictClusterNode

wininet

FtpCreateDirectoryW
DeleteUrlCacheGroup
InternetConnectW
GopherFindFirstFileW
GopherOpenFileA
FindFirstUrlCacheEntryW
FtpRenameFileA
HttpOpenRequestW
InternetUnlockRequestFile
HttpQueryInfoW

mpr

WNetAddConnection3A
WNetCancelConnectionW

advapi32

NotifyBootConfigStatus
IsValidSecurityDescriptor
OpenEventLogA
MapGenericMask
GetAclInformation
InitializeAcl
StartServiceW
ClearEventLogW
LsaEnumerateTrustedDomains
OpenBackupEventLogA
OpenProcessToken
GetTokenInformation
ImpersonateLoggedOnUser
ChangeServiceConfig2A
ObjectCloseAuditAlarmA
AllocateLocallyUniqueId

gdi32

SetColorSpace
SetMetaFileBitsEx

pdh

PdhMakeCounterPathW
PdhGetDefaultPerfCounterA

msi

ord72

urlmon

CreateAsyncBindCtxEx
CoInternetGetProtocolFlags

oleaut32

VarBoolFromUI1
VarDecAbs
VarR8FromStr
LPSAFEARRAY_UserUnmarshal

shlwapi

PathRelativePathToW
PathIsPrefixA
PathGetArgsA
SHRegWriteUSValueA
PathFindNextComponentA
StrTrimA
StrDupW
PathFindOnPathA
SHRegQueryUSValueA
ChrCmpIW
SHRegEnumUSValueW
PathIsDirectoryA
StrFromTimeIntervalA
PathSkipRootA
PathIsPrefixW
SHQueryValueExW
PathMakeSystemFolderA
PathIsUNCServerA

setupapi

SetupOpenLog
SetupDiGetHwProfileList
SetupAddSectionToDiskSpaceListW
SetupCloseInfFile
SetupSetPlatformPathOverrideA
SetupCopyOEMInfW
SetupGetSourceFileSizeW
SetupQueryInfVersionInformationW
SetupLogErrorW
SetupDiCreateDeviceInfoListExW
SetupDiBuildClassInfoListExW
SetupDiGetHwProfileFriendlyNameExA
SetupSetDirectoryIdExW
SetupRemoveSectionFromDiskSpaceListA
SetupCloseFileQueue
SetupInstallFileA
SetupGetLineByIndexW
SetupCopyOEMInfA
SetupDiCancelDriverInfoSearch
SetupDiCreateDevRegKeyW
SetupQueueDeleteSectionW
SetupScanFileQueueW
SetupQueueRenameW

kernel32

CreateConsoleScreenBuffer
EnumDateFormatsW
CreateMailslotA
GlobalCompact
ExitProcess
EnumCalendarInfoA
GetAtomNameA
GetCPInfo
FatalAppExitW
GetModuleHandleA
GetNumberOfConsoleMouseButtons
GetPrivateProfileSectionW
CreateDirectoryW
GetProcessTimes
GetModuleHandleW
EndUpdateResourceW
EnumCalendarInfoW
EnumResourceLanguagesW
FillConsoleOutputAttribute
GetHandleInformation
DeleteCriticalSection
Process32Next
GetStartupInfoA
CreateConsoleScreenBuffer
EnumDateFormatsW
CreateMailslotA
GlobalCompact
ExitProcess
EnumCalendarInfoA
GetAtomNameA
GetCPInfo
FatalAppExitW
GetModuleHandleA
GetNumberOfConsoleMouseButtons
GetPrivateProfileSectionW
CreateDirectoryW
GetProcessTimes
GetModuleHandleW
EndUpdateResourceW
EnumCalendarInfoW
EnumResourceLanguagesW
FillConsoleOutputAttribute
GetHandleInformation
DeleteCriticalSection
Process32Next
GetStartupInfoA

imm32

ImmDestroyContext
ImmGetGuideLineA
ImmGetStatusWindowPos
ImmUnregisterWordA
ImmSetConversionStatus

comdlg32

GetFileTitleA
GetFileTitleW

resutils

ResUtilStopService
ResUtilSetSzValue
ResUtilVerifyPrivatePropertyList
ResUtilResourceTypesEqual
ResUtilGetAllProperties

winmm

mciGetDeviceIDA

msvcrt

_onexit
__dllonexit
_controlfp
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3
_exit
__set_app_type

netapi32

NetFileGetInfo
NetServerComputerNameAdd
NetServerSetInfo

ole32

SNB_UserMarshal
OleCreateLinkToFile

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

137aa60f94ac4ecd49dcf620192aba7e

Headers

File Characteristics

Imports

clusapi

wininet

mpr

advapi32

gdi32

pdh

msi

urlmon

oleaut32

shlwapi

setupapi

kernel32

imm32

comdlg32

resutils

winmm

msvcrt

netapi32

ole32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 1.9MB

.rsrc Size: 4KB - Virtual size: 904B

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1.9MB

.rsrc
Size: 4KB - Virtual size: 904B