bc647de8dc2e44a6e95e052c1fdf8f76e763e46a870a9d1134a2ef07163b6416

General

Target

bc647de8dc2e44a6e95e052c1fdf8f76e763e46a870a9d1134a2ef07163b6416
Size

602KB
MD5

da5e82295f3a0ec96f0b2898c7ccbbef
SHA1

04e632b0ce7c7059b24c8a26ecf6441f6be680ec
SHA256

bc647de8dc2e44a6e95e052c1fdf8f76e763e46a870a9d1134a2ef07163b6416
SHA512

ce0ec75874d1fa0edc7f5f0403cab8d6029f31348a9c63249e98535a22edc4958a7175ff5f8105f09d0003b9ad7d7a34bd2375af3196918434884c5bd81c8c01
SSDEEP

12288:IjpI+jCc+V8QiLlP+EUo2NCwbDpZL6Sf:Iquf+VELlUouJb1NZf

Score

N/A

Malware Config

Signatures

Files

bc647de8dc2e44a6e95e052c1fdf8f76e763e46a870a9d1134a2ef07163b6416
.exe windows x86

32b68052e44c720731fc0362ed2e3dd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Imports

avicap32

AppCleanup

rtm

RtmDeleteRouteList
RtmDeleteRouteTable
RtmDeleteRouteToDest
RtmDequeueRouteChangeMessage
RtmDereferenceHandles
RtmDeregisterClient
RtmDeregisterEntity
RtmDeregisterFromChangeNotification
RtmEnumerateGetNextRoute
RtmFindNextHop
RtmGetAddressFamilyInfo
RtmGetChangeStatus
RtmGetChangedDests
RtmGetDestInfo
RtmGetEntityInfo
RtmGetEntityMethods
RtmGetEnumDests
RtmGetEnumNextHops
RtmGetEnumRoutes
RtmGetExactMatchDestination
RtmGetExactMatchRoute
RtmGetFirstRoute
RtmGetInstanceInfo
RtmGetInstances
RtmGetLessSpecificDestination
RtmGetListEnumRoutes
RtmGetMostSpecificDestination
RtmGetNetworkCount
RtmGetNextHopInfo
RtmGetNextHopPointer
RtmGetNextRoute

kernel32

FreeConsole
_lopen
GetEnvironmentVariableA
GetTickCount
OutputDebugStringA
FreeConsole
GetPrivateProfileStringA
IsBadWritePtr
GetCommandLineW
GetConsoleAliasA
LZRead

samlib

SamAddMemberToAlias
SamAddMemberToGroup
SamAddMultipleMembersToAlias
SamChangePasswordUser
SamChangePasswordUser2
SamChangePasswordUser3
SamCloseHandle
SamConnect
SamConnectWithCreds
SamCreateAliasInDomain

comdlg32

ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA
ChooseColorA

Sections

.text
Size: 31KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 274KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 546KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32b68052e44c720731fc0362ed2e3dd6

Headers

File Characteristics

Imports

avicap32

rtm

kernel32

samlib

comdlg32

Sections

.text Size: 31KB - Virtual size: 35KB

.data Size: 13KB - Virtual size: 274KB

.rsrc Size: 546KB - Virtual size: 548KB

.text
Size: 31KB - Virtual size: 35KB

.data
Size: 13KB - Virtual size: 274KB

.rsrc
Size: 546KB - Virtual size: 548KB