d14e3596f5fa85e230f68a51beb6a92804193e8847848bf2936af4cda208a2a4

Sharing

Copy URL Twitter E-mail

General

Target

d14e3596f5fa85e230f68a51beb6a92804193e8847848bf2936af4cda208a2a4
Size

376KB
MD5

e3c334eb106be2ab9e48b06d0def99b2
SHA1

67642bb5b8fa7787331a4a42aa82987953bd691c
SHA256

d14e3596f5fa85e230f68a51beb6a92804193e8847848bf2936af4cda208a2a4
SHA512

e4846594ce0e581ea49eb5f854777827ff55c12909ba7d528e2f2302465fee56efe2ce4c19be316155dc28c6b4e632243f503c9a6cb95c64b15f840dc35ba091
SSDEEP

6144:0UgkNiPGmJVarhgxSfAv9iZrqMKC2syY9hl/:okNitidswZRKC2sBl/

Score

N/A

Malware Config

Signatures

Files

d14e3596f5fa85e230f68a51beb6a92804193e8847848bf2936af4cda208a2a4
.dll windows x86

c4090c7fba84b2f7bd620cc820be5517

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetVolumeNameForVolumeMountPointA
LeaveCriticalSection
WriteFileGather
GetCalendarInfoW
EnumerateLocalComputerNamesW
ExpandEnvironmentStringsA
CreateMailslotA
CreateRemoteThread
OpenProcess
GetTapeStatus
UnregisterWait
CreateFileMappingA
MoveFileW
IsBadStringPtrW
ReleaseActCtx
QueryDepthSList
ConvertDefaultLocale
CallNamedPipeW
GetFileSizeEx
WaitNamedPipeA
CreateNamedPipeW
SetFileApisToANSI
GetConsoleMode
GetEnvironmentStrings
SetLastConsoleEventActive
SetConsoleNlsMode
GetConsoleNlsMode
OpenConsoleW
GetConsoleFontInfo
SetConsoleOS2OemFormat
SetConsoleCP
IsProcessorFeaturePresent
GlobalHandle
SetUserGeoID

user32

FlashWindow
AdjustWindowRect
DestroyWindow

gdi32

SetLayout

netapi32

NetReplImportDirGetInfo
NetLocalGroupEnum
DsGetSiteNameA
DsValidateSubnetNameW
NetFileEnum
NetConnectionEnum
NetDfsAddStdRootForced
NetGroupDel
NetUseDel
DsGetDcSiteCoverageA
NetWkstaTransportAdd
NetDfsGetDcAddress
NetDfsManagerInitialize
NetGetDisplayInformationIndex
NetSessionDel
NetShareGetInfo
NetServerEnum
NetUserModalsGet
NetRemoteTOD
DsValidateSubnetNameA
NetDfsEnum
NetWkstaSetInfo
NetUserChangePassword
NetLocalGroupSetMembers
NetErrorLogRead
NetAuditClear
NetScheduleJobEnum
NetGroupDelUser
NetReplImportDirDel
NetServerGetInfo
NetApiBufferSize
NetUserDel
DsAddressToSiteNamesExW
Netbios
NetUseGetInfo
NetGroupAdd
NetSessionEnum
DsGetSiteNameW
NetServiceInstall
NetReplExportDirAdd
DsEnumerateDomainTrustsA
NetQueryDisplayInformation
NetConfigGet
NetGetAnyDCName
NetLocalGroupAddMembers

advpack

RegInstall
FileSaveRestore
ExtractFiles

glmf32

glsGetStreamType
glsHeaderLayerf
glsCallArray
glsChannel
glsCaptureFlags
glsUTF8toUCS4
glsNums
glsUnsupportedCommand
glsNumuiv
glsHeaderiv
glsNuml
glsPixelSetupGen
glsGetConsti
glsReadFunc
glsWritePrefix
glsHeaderLayeri
glsGetCommandFunc
glsBeginCapture
__glsParser_print
glsUTF8toUCS2z
glsGetStreamReadName
glsAppRef
glsBeginObj
glsNumub
glsGetStreamSize
glsWriteFunc
glsGLRC
glsNullCommandFunc
glsNumbv
glsGetHeaderf
glsGetConstubz
glsGetContextFunc
glsNumi
glsGetLayerf
glsLongHigh
glsNumubv
glsCopyStream
glsGetContextListl
glsNumiv
glsULongHigh
glsDeleteReadPrefix
glsGetCommandAttrib
glsBlock
glsSwapBuffers
glsGetHeaderubz
glsComment
glsUTF8toUCS1z
glsBeginGLS
glsIsContextStream
glsNumd

Exports

Exports

BooleanSectionIntoNames
ButWhitespaceLineAbove
LeadingInWith
MustATheStart
ValuesBeWithAny
WhichNotTrailingNameBut
WithAre

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 220KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4090c7fba84b2f7bd620cc820be5517

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

netapi32

advpack

glmf32

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.idata Size: 6KB - Virtual size: 4KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 220KB - Virtual size: 402KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 106KB - Virtual size: 105KB

.idata
Size: 6KB - Virtual size: 4KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 220KB - Virtual size: 402KB

.reloc
Size: 4KB - Virtual size: 2KB