bddc21b6a5bd31120eda3a2014b439e08b75d8dd8125d1b1f5edd294f46938e3

General

Target

bddc21b6a5bd31120eda3a2014b439e08b75d8dd8125d1b1f5edd294f46938e3
Size

1.8MB
MD5

766311c653a7f25996bd2b38a07204b8
SHA1

9f529612034fddbe93b168c64e80727bb46066b2
SHA256

bddc21b6a5bd31120eda3a2014b439e08b75d8dd8125d1b1f5edd294f46938e3
SHA512

ff2afc22c4461d564bc2395c48be5af428b49801bf6d1ca06b95bda1e4015813b38c7c809bc60297a9f636aafce36f93a4f194cc695e1671481d0e38968ceb52
SSDEEP

49152:J/WGabB+wuLtVBlO0BNl4f0PR3bZi7Ez35zdd0/LjbwlJ/E:MWL13RQEJzdcwlJ/E

Score

N/A

Malware Config

Signatures

Files

bddc21b6a5bd31120eda3a2014b439e08b75d8dd8125d1b1f5edd294f46938e3
.exe windows x86

0eb28c43bb604ad42415e04e9878d5b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsValidAcl
IsValidSid
RegSaveKeyA
RegEnumValueA
RegCreateKeyA
RegOpenKeyExA
ClearEventLogA
CreateServiceA
IsValidSecurityDescriptor
RegDeleteKeyA
InitializeSid
ControlService

qutil

FreeConnections
FreeFixupInfo
AllocFixupInfo
AllocConnections
FreeSoH

onex

OneXAddTLV
OneXCopyAuthParams
OneXInitialize
OneXFreeMemory

kernel32

GetDateFormatA
GetCurrentProcess
lstrcpynA
GetProcessId
HeapValidate
GetConsoleAliasA
GetPrivateProfileIntA
CompareStringA
GetNumberFormatW
FormatMessageA
UpdateResourceA
WaitForSingleObject
GetCommandLineA
LoadLibraryA
GetEnvironmentVariableA
GetTickCount
GetConsoleTitleA
CloseHandle
GetCurrentDirectoryA
SetFilePointer
WriteConsoleA
GetAtomNameA
HeapCreate
SetEnvironmentVariableW

clusapi

ClusterEnum
CloseClusterNode
ClusterControl

user32

IsWindow
SetCursorPos
GetWindowTextA
DialogBoxParamA
CreateWindowExA
PostMessageA
GetMessageA
GetWindowLongA
LoadCursorA
GetCaretPos
DrawIcon
IsCharLowerW
IsDialogMessageA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eb28c43bb604ad42415e04e9878d5b0

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

qutil

onex

kernel32

clusapi

user32

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 3KB - Virtual size: 2KB