a679e000625dfe6ca35da0648ac6a81b7cead64b84438e4029054cada242cc36

Sharing

Copy URL Twitter E-mail

General

Target

a679e000625dfe6ca35da0648ac6a81b7cead64b84438e4029054cada242cc36
Size

406KB
MD5

0513f8a40aa5ccd447ff350b25ed2e39
SHA1

d5f0df3d0f365ccb738cb5ee7bbffa2070626ddb
SHA256

a679e000625dfe6ca35da0648ac6a81b7cead64b84438e4029054cada242cc36
SHA512

09a0e4ec5e552540582294dfa76d8f22183e44800c4fa50c4229008182768626110267bb93728868dd95fc0bd0e351fb852defdfe3a1a3294e933efea1816dfd
SSDEEP

6144:/zGl1zzP/oYB7AA+JsoHLr/OQyHaLYHBZRGtYN0QzrWadaOnE824rbSKV:LczzPgYB7AygLrGQyDbGS3z/nE8tbb

Score

N/A

Malware Config

Signatures

Files

a679e000625dfe6ca35da0648ac6a81b7cead64b84438e4029054cada242cc36
.exe windows x86

ad6bcfef7f4f6a69f6021b19996586c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprAdminMIBServerConnect
MprAdminMIBServerDisconnect
MprAdminPortClearStats
MprAdminPortDisconnect
MprAdminPortEnum
MprAdminPortGetInfo
MprAdminPortReset
MprAdminSendUserMessage
MprAdminServerConnect
MprAdminServerDisconnect
MprAdminServerGetCredentials
MprAdminServerGetInfo
MprAdminServerSetCredentials
MprAdminTransportCreate
MprAdminTransportGetInfo
MprAdminTransportSetInfo
MprAdminUpgradeUsers
MprAdminUserClose
MprAdminUserGetInfo
MprAdminUserOpen
MprAdminUserRead
MprAdminUserSetInfo
MprAdminUserWrite
MprAdminUserWriteProfFlags
MprConfigBufferFree
MprConfigGetFriendlyName
MprConfigGetGuidName
MprConfigInterfaceCreate
MprConfigInterfaceDelete
MprConfigInterfaceEnum
MprConfigInterfaceGetHandle
MprAdminBufferFree
MprAdminBufferFree

kernel32

GetSystemTime
GetACP
GetSystemDirectoryA
GetVersionExA
PeekConsoleInputW
EnumCalendarInfoW
CallNamedPipeA
_lread
_lopen

clusapi

CloseClusterResource
ClusterCloseEnum
ClusterGroupOpenEnum
ClusterRegCloseKey
ClusterRegCreateKey
ClusterRegDeleteKey
ClusterRegDeleteValue
ClusterRegEnumKey
CloseClusterResource
ClusterCloseEnum
ClusterGroupOpenEnum
ClusterRegCloseKey
ClusterRegCreateKey
ClusterRegDeleteKey
ClusterRegDeleteValue
ClusterRegEnumKey

certcli

CACloseCertType

Sections

.text
Size: 1KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad6bcfef7f4f6a69f6021b19996586c4

Headers

File Characteristics

Imports

mprapi

kernel32

clusapi

certcli

Sections

.text Size: 1KB - Virtual size: 22KB

DATA Size: 7KB - Virtual size: 83KB

.rsrc Size: 396KB - Virtual size: 396KB

DATA Size: 512B - Virtual size: 512B

Size: - Virtual size: 496B

.text
Size: 1KB - Virtual size: 22KB

DATA
Size: 7KB - Virtual size: 83KB

.rsrc
Size: 396KB - Virtual size: 396KB

DATA
Size: 512B - Virtual size: 512B