b1910d2f0b0a9a4bed8fa0b0b215c0af1d5d68efd92e1d66f54873cf1e9dbfe3

General

Target

b1910d2f0b0a9a4bed8fa0b0b215c0af1d5d68efd92e1d66f54873cf1e9dbfe3
Size

602KB
MD5

174e8bbada23f9f089460dc2fe2bf090
SHA1

0e2ec170dafde18cd5e3fb303cf0597f06cdc435
SHA256

b1910d2f0b0a9a4bed8fa0b0b215c0af1d5d68efd92e1d66f54873cf1e9dbfe3
SHA512

ce8eedf0ce171de4d1333fb6d23c784140c554f2ad8f532a014e080d6c3941ee2c4c044613d654a2d7434e13197698f67b5d28dd86ae801e00306e040ad4a093
SSDEEP

12288:IjpI+jCc+V8QiLlP+EUo2NCwbDpZL6SH:Iquf+VELlUouJb1NZH

Score

N/A

Malware Config

Signatures

Files

b1910d2f0b0a9a4bed8fa0b0b215c0af1d5d68efd92e1d66f54873cf1e9dbfe3
.exe windows x86

32b68052e44c720731fc0362ed2e3dd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

avicap32

AppCleanup

rtm

RtmDeleteRouteList
RtmDeleteRouteTable
RtmDeleteRouteToDest
RtmDequeueRouteChangeMessage
RtmDereferenceHandles
RtmDeregisterClient
RtmDeregisterEntity
RtmDeregisterFromChangeNotification
RtmEnumerateGetNextRoute
RtmFindNextHop
RtmGetAddressFamilyInfo
RtmGetChangeStatus
RtmGetChangedDests
RtmGetDestInfo
RtmGetEntityInfo
RtmGetEntityMethods
RtmGetEnumDests
RtmGetEnumNextHops
RtmGetEnumRoutes
RtmGetExactMatchDestination
RtmGetExactMatchRoute
RtmGetFirstRoute
RtmGetInstanceInfo
RtmGetInstances
RtmGetLessSpecificDestination
RtmGetListEnumRoutes
RtmGetMostSpecificDestination
RtmGetNetworkCount
RtmGetNextHopInfo
RtmGetNextHopPointer
RtmGetNextRoute

kernel32

FreeConsole
_lopen
GetEnvironmentVariableA
GetTickCount
OutputDebugStringA
FreeConsole
GetPrivateProfileStringA
IsBadWritePtr
GetCommandLineW
GetConsoleAliasA
LZRead

samlib

SamAddMemberToAlias
SamAddMemberToGroup
SamAddMultipleMembersToAlias
SamChangePasswordUser
SamChangePasswordUser2
SamChangePasswordUser3
SamCloseHandle
SamConnect
SamConnectWithCreds
SamCreateAliasInDomain

comdlg32

ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 274KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 546KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32b68052e44c720731fc0362ed2e3dd6

Headers

File Characteristics

Imports

avicap32

rtm

kernel32

samlib

comdlg32

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 274KB

.rsrc Size: 546KB - Virtual size: 548KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 274KB

.rsrc
Size: 546KB - Virtual size: 548KB