24faa7b4b6fe7691a2c97572ec0a7df18896d86bfb03a1fe48c912b77ea35df2

Sharing

Copy URL

Twitter E-mail

General

Target

24faa7b4b6fe7691a2c97572ec0a7df18896d86bfb03a1fe48c912b77ea35df2
Size

674KB
MD5

2cd95a575ac673ca3a5304dba4a40174
SHA1

a06e4f812f7ab7e3be1e131a9c792d43f6b5e9ca
SHA256

24faa7b4b6fe7691a2c97572ec0a7df18896d86bfb03a1fe48c912b77ea35df2
SHA512

8051c4949088ba1653976ca1c956a4252f072c34eaf6eec456b4682ab2d977997670adc4b8fbbc72a38e04019971bd35285d7b9b1fd7e2b94abe4419818a8551
SSDEEP

12288:UKCvgpGoqZyO7D79psKFCeAvAHqd82dDOUSViSdUA0T1EkNH:UOp7eAvXW2dD+cSdyEkNH

Score

N/A

Malware Config

Signatures

Files

24faa7b4b6fe7691a2c97572ec0a7df18896d86bfb03a1fe48c912b77ea35df2
.exe windows x86

da0912992397bc06748404303a3d337e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

netapi32

NetApiBufferFree
NetServerEnum

ws2_32

ntohs
WSAStartup
inet_ntoa
gethostname
getnameinfo
htons
gethostbyname

mpr

WNetAddConnection2W
WNetCancelConnection2W

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

ole32

StringFromGUID2
IIDFromString
CoCreateInstance
CoSetProxyBlanket
CoInitialize

kernel32

GetStdHandle
GetLastError
SetLastError
Process32FirstW
GetConsoleScreenBufferInfo
LockResource
RemoveDirectoryW
GetSystemInfo
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetVersion
DeleteFileW
ExitProcess
CopyFileW
ProcessIdToSessionId
DeviceIoControl
GetCurrentProcessId
ExpandEnvironmentStringsW
MapViewOfFile
UnmapViewOfFile
GetCurrentThread
GetOverlappedResult
SetThreadPriority
GetFileSizeEx
CreateFileMappingW
SetConsoleCtrlHandler
CreateEventW
WaitForMultipleObjects
GetDateFormatW
GetTempFileNameW
InterlockedCompareExchange64
GetLogicalDriveStringsW
WriteFile
InitializeCriticalSection
OpenProcess
GetVersionExW
LeaveCriticalSection
FileTimeToSystemTime
EnterCriticalSection
QueryDosDeviceW
Module32FirstW
GetTempPathW
InterlockedDecrement
QueryPerformanceCounter
ResetEvent
QueryPerformanceFrequency
DeleteCriticalSection
InterlockedIncrement
CreateThread
FindFirstFileW
FindClose
FindNextFileW
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
TerminateProcess
GetFileType
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetConsoleCP
FlushFileBuffers
FatalAppExitA
lstrlenW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
GetFileAttributesW
IsProcessorFeaturePresent
GetExitCodeProcess
FormatMessageW
SizeofResource
Sleep
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
ConnectNamedPipe
SetEvent
GetComputerNameW
WaitForSingleObject
CreateDirectoryW
GetCurrentProcess
LoadLibraryExW
CreateProcessW
LoadResource
FreeLibrary
FindResourceW
InterlockedExchange
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetCommandLineW
HeapSize
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeFormatW
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
CompareStringW
LCMapStringW
SetFilePointerEx
OutputDebugStringW
SetStdHandle
WriteConsoleW
SetEndOfFile
ReadFile
ReadConsoleInputA
SetConsoleMode
GetModuleHandleExW
IsDebuggerPresent
ExitThread
GetCurrentThreadId
EncodePointer
HeapAlloc
HeapFree
WideCharToMultiByte
lstrlenA
RtlUnwind
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
ReadConsoleW
AreFileApisANSI
ResumeThread
GetWindowsDirectoryW
HeapReAlloc

user32

UnregisterClassW
MessageBoxW
SetCursor
DialogBoxIndirectParamW
LoadCursorW
InflateRect
GetDlgItem
EndDialog
GetSysColorBrush
SendMessageW
SetWindowTextW

gdi32

StartPage
GetDeviceCaps
SetMapMode
StartDocW
EndDoc
EndPage

comdlg32

PrintDlgW

advapi32

StartServiceCtrlDispatcherW
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
LookupAccountSidW
GetSecurityDescriptorLength
ConvertSidToStringSidW
GetLengthSid
ReportEventW
DeregisterEventSource
RegOpenKeyW
CopySid
GetSidSubAuthorityCount
GetSidSubAuthority
RegisterEventSourceW
RegNotifyChangeKeyValue
QueryServiceConfigW
RegOpenKeyExW
SetServiceStatus
RegDeleteValueW
ChangeServiceConfig2W
RegDeleteKeyW
RegCreateKeyExW
RegisterServiceCtrlHandlerExW
CreateServiceW
AdjustTokenPrivileges
ControlService
FreeSid
RevertToSelf
AllocateAndInitializeSid
RegConnectRegistryW
ImpersonateLoggedOnUser
QueryServiceStatus
StartServiceW
LookupPrivilegeValueW
EqualSid
GetTokenInformation
OpenServiceW
LogonUserW
OpenSCManagerW
DeleteService
OpenProcessToken
CloseServiceHandle
RegCloseKey

oleaut32

SafeArrayDestroy
SafeArrayAccessData
VariantClear
SafeArrayGetLBound
SysFreeString
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SysAllocString
CreateErrorInfo
VariantChangeType
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayGetUBound
VarBstrCmp
SysStringByteLen
GetErrorInfo
SetErrorInfo

crypt32

CertDuplicateCertificateContext
CertGetNameStringW
CertOIDToAlgId

psapi

GetMappedFileNameW
EnumProcesses

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da0912992397bc06748404303a3d337e

Headers

DLL Characteristics

File Characteristics

Imports

version

netapi32

ws2_32

mpr

wtsapi32

ole32

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

crypt32

psapi

secur32

Sections

.text Size: 379KB - Virtual size: 379KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 17KB - Virtual size: 26KB

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 379KB - Virtual size: 379KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 17KB - Virtual size: 26KB

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 21KB - Virtual size: 20KB