fd9d42e90d82c9360b83a6d7e5897980f24fe2aae3da6bdd4452bb8132572640

Sharing

Copy URL

Twitter E-mail

General

Target

fd9d42e90d82c9360b83a6d7e5897980f24fe2aae3da6bdd4452bb8132572640
Size

597KB
MD5

0a6af39c11f60261547051fc4c868125
SHA1

01a153e855024ddff465ab33efdc91fa2ea3cfcc
SHA256

fd9d42e90d82c9360b83a6d7e5897980f24fe2aae3da6bdd4452bb8132572640
SHA512

303366f7e9cb93d0ba49fa22bb9222f2157bd4b875998336d2dc0494634a64107ed22c028d0ea949dd410cc65b4199e163ecdb26335c4b27a827b0535867b7c8
SSDEEP

12288:ljhJEMzspppppMi+f3TyG7f5QZSTy06yaN1jsavha0yFl8tVZUhJE:dhJEMzDDfj35Q4Ty3Tfa0y0xUhJE

Score

N/A

Malware Config

Signatures

Files

fd9d42e90d82c9360b83a6d7e5897980f24fe2aae3da6bdd4452bb8132572640
.exe windows x86

b4528803cf03113d013a7b99f1f5bac3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertGetNameStringA
CertFreeCRLContext
CertOpenStore
CertFindCRLInStore
CertSaveStore
CertDuplicateStore
CertCompareCertificate
CryptEnumOIDInfo
CertFindExtension
CertDuplicateCRLContext
CertAlgIdToOID
CertCreateContext
CertControlStore
CertFindChainInStore

azroles

AzGroupDelete
AzCloseHandle

kernel32

GetProcessHeap
QueryDosDeviceA
CreateMutexA
lstrcmpA
GetStdHandle
GetLocaleInfoA
GetComputerNameW
lstrcpynA
CopyFileA
GetCurrentDirectoryW
GetModuleHandleA
lstrcmpiA
ResetEvent
GetStringTypeA
GetProcAddress
GetFullPathNameA
GetAtomNameW
CloseHandle
GetBinaryTypeW
GetCurrentProcess
SetStdHandle
GetLogicalDrives
GetEnvironmentVariableW
DeleteFileA
FormatMessageA
GetLastError
CreateEventW
SetCurrentDirectoryA
lstrcmpiA
FindResourceA
GetDiskFreeSpaceA
CreateNamedPipeW
CreateSemaphoreA

shlwapi

UrlEscapeA
PathCompactPathA
UrlCreateFromPathA
UrlCanonicalizeA
UrlCombineA
UrlIsNoHistoryA
UrlGetPartA
UrlUnescapeA
UrlIsA
UrlIsOpaqueA
PathCommonPrefixA
PathCombineA

user32

DispatchMessageA
PeekMessageA
PostMessageA
GetWindowLongA
wsprintfA
IsDialogMessageA
SetCursorPos
DialogBoxParamA
IsZoomed
DrawIcon
IsWindow
IsCharLowerW

wtsapi32

WTSLogoffSession
WTSVirtualChannelRead
WTSVirtualChannelWrite
WTSEnumerateSessionsA
WTSRegisterSessionNotification
WTSSendMessageA
WTSEnumerateProcessesA
WTSWaitSystemEvent
WTSFreeMemory
WTSCloseServer

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 564KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4528803cf03113d013a7b99f1f5bac3

Headers

File Characteristics

Imports

crypt32

azroles

kernel32

shlwapi

user32

wtsapi32

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 564KB - Virtual size: 788KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 564KB - Virtual size: 788KB

.reloc
Size: 2KB - Virtual size: 2KB