11182878b224d47629a77ae26e8308c4a4d63a886e57f8c4f4b7e357d775bcd9

Sharing

Copy URL Twitter E-mail

General

Target

11182878b224d47629a77ae26e8308c4a4d63a886e57f8c4f4b7e357d775bcd9
Size

33KB
MD5

07a078a3644e112be6bd2dc16d67431c
SHA1

a4aef74c37b83d07d7248310cf87178d75f022eb
SHA256

11182878b224d47629a77ae26e8308c4a4d63a886e57f8c4f4b7e357d775bcd9
SHA512

9e0e6bc783f606a0c2385911dc066a1cf9010568e8742236c4653f4675353d5f8687ba7b3f3c9f748062d608a124d54c06d3d4b8089a7f3b5781bbd443ada83f
SSDEEP

384:AZeaXz3jCLZzqCGqBjN7/+55MTMt7YKm5vY9NsDmRXKWxGkqBnuTngdF9QfNW:5aXz3jNq/+X5E/gQKRXB8YgdfQfN

Score

N/A

Malware Config

Signatures

Files

11182878b224d47629a77ae26e8308c4a4d63a886e57f8c4f4b7e357d775bcd9
.exe windows x86

eea435e8fbd1720ac0061d5ef18ab96c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprInfoBlockFind
MprAdminConnectionEnum
MprAdminBufferFree
MprAdminDeviceEnum

modemui

drvGetDefaultCommConfigA
InvokeControlPanel
drvSetDefaultCommConfigA
drvCommConfigDialogA

certcli

CAEnumFirstCA
CACloseCA
CADeleteCA
CAEnumNextCA

advapi32

CreateProcessAsUserA
IsValidSid
IsValidAcl
ControlService
ClearEventLogA
RegDeleteValueA
RegCreateKeyA
IsTextUnicode
RegQueryValueA
RegOpenKeyExA

user32

IsDialogMessageA
SetCursorPos
LoadCursorA
DialogBoxParamA
PostMessageA
GetWindowLongA
GetPropA
IsZoomed
LoadImageA
DispatchMessageA
PeekMessageA
GetMessageA
IsWindow
CreateWindowExA

kernel32

SetFilePointer
CreateDirectoryA
CreateNamedPipeA
GetTickCount
UpdateResourceA
GetProcessHeap
CompareStringA
GetPrivateProfileIntA
GetCurrentDirectoryA
GetDateFormatA
WaitForSingleObject
HeapValidate
LoadLibraryA
GetEnvironmentVariableW
lstrcpynW
GetComputerNameA
GetCurrentProcess
GetProcAddress
CloseHandle

wtsapi32

WTSEnumerateProcessesA
WTSWaitSystemEvent
WTSVirtualChannelClose
WTSUnRegisterSessionNotification
WTSSetUserConfigW
WTSRegisterSessionNotification
WTSOpenServerW
WTSQueryUserToken
WTSVirtualChannelRead
WTSEnumerateServersA
WTSSendMessageA
WTSVirtualChannelOpen
WTSLogoffSession
WTSVirtualChannelQuery

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 155B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eea435e8fbd1720ac0061d5ef18ab96c

Headers

DLL Characteristics

File Characteristics

Imports

mprapi

modemui

certcli

advapi32

user32

kernel32

wtsapi32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 155B

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 155B

.rsrc
Size: 21KB - Virtual size: 21KB