86aed1237b13f3c254ca47aae5170711b177791070ae44c6ae470a8437ab5878

Sharing

Copy URL Twitter E-mail

General

Target

86aed1237b13f3c254ca47aae5170711b177791070ae44c6ae470a8437ab5878
Size

1.8MB
MD5

e4d5fa97a1438573ed00aef29193ddad
SHA1

af63a3e6aa49da43687a10ab04c8de1e6f66b4cd
SHA256

86aed1237b13f3c254ca47aae5170711b177791070ae44c6ae470a8437ab5878
SHA512

39b0a82d4035d58aa62d4b0aa2f74ddfc84428dc9252855678180ec0c8ae11be604bccf42c6788bee96e0ea0115272119484cdbe6d12e9cdfc4930c3203d69f0
SSDEEP

49152:aVlbr3TpZkBgt9MRDyfOxBHo0gQfxfezo:Sbr3Tkyt97irgOxn

Score

N/A

Malware Config

Signatures

Files

86aed1237b13f3c254ca47aae5170711b177791070ae44c6ae470a8437ab5878
.exe windows x86

118c65449b367f0967d3f3ad3a624af7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCertType
CADeleteCA
CAEnumFirstCA
CACloseCA
CAEnumNextCA

advapi32

OpenServiceA
ControlService
IsValidAcl
CreateServiceA
IsValidSecurityDescriptor
IsTextUnicode
RegSaveKeyA
RegDeleteKeyA
InitializeSid
RegCloseKey
IsValidSid
RegOpenKeyExA
RegQueryValueA
RegDeleteValueA

wtsapi32

WTSLogoffSession
WTSSetSessionInformationA
WTSSetUserConfigW
WTSQuerySessionInformationA
WTSOpenServerW
WTSVirtualChannelWrite
WTSVirtualChannelClose
WTSSendMessageA
WTSRegisterSessionNotification
WTSVirtualChannelPurgeInput
WTSEnumerateProcessesA

modemui

CountryRunOnce
drvSetDefaultCommConfigA

kernel32

GetConsoleAliasW
WaitForSingleObject
CloseHandle
GetFullPathNameA
CreateDirectoryA
CreateNamedPipeA
GetTickCount
UpdateResourceA
HeapValidate
GetPrivateProfileStructA
GetTimeFormatA
LoadLibraryA
GetPrivateProfileSectionA
GetStringTypeA
GetAtomNameA
GetProcAddress
SetFilePointer
GetGeoInfoA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

118c65449b367f0967d3f3ad3a624af7

Headers

DLL Characteristics

File Characteristics

Imports

certcli

advapi32

wtsapi32

modemui

kernel32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 5KB - Virtual size: 4KB