9e5664bac44970cfb8d73915df834d14d5eef369d51db6543ba9d68e6135d7a2

Sharing

Copy URL Twitter E-mail

General

Target

9e5664bac44970cfb8d73915df834d14d5eef369d51db6543ba9d68e6135d7a2
Size

27KB
MD5

9d06ecfd821a697d93ca56d2a85d441e
SHA1

aeac94503f517a8bba468c09597c407a3151d295
SHA256

9e5664bac44970cfb8d73915df834d14d5eef369d51db6543ba9d68e6135d7a2
SHA512

7aa572138a224722949103531a78467e6cc3f6f803485f53213542d0cc74ac0ff345863300b3a4a4c360bcce726dbadfbf6c057a7e2ecf2b0f59c151c4fde5e3
SSDEEP

384:auKjUxYv5v6CLZfa9fgG1KTw7vuyxbRpL/:auKgxmdfa9fgQKTwTf

Score

N/A

Malware Config

Signatures

Files

9e5664bac44970cfb8d73915df834d14d5eef369d51db6543ba9d68e6135d7a2
.exe windows x86

9659fd8058aa9e40d41222359c12f3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReplaceFileW
GetACP
IsBadWritePtr
SetComputerNameW
QueryDosDeviceW
CreateJobObjectW
ReadConsoleOutputW
IsDebuggerPresent
Beep
_lopen
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA
MulDiv
BackupWrite
GetTickCount
RtlMoveMemory
SetComputerNameA
QueryDosDeviceA
CreateJobObjectW
ReadConsoleOutputW
RegisterWowExec
Beep
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA

rasapi32

RasEnumEntriesA
DDMGetPhonebookInfo
DwCloneEntry
RasAutoDialSharedConnection
RasAutodialAddressToNetwork
RasAutodialEntryToNetwork
RasClearConnectionStatistics
RasClearLinkStatistics
RasConnectionNotificationA
RasConnectionNotificationW
RasCreatePhonebookEntryA
RasCreatePhonebookEntryW
RasDeleteEntryA
RasDeleteEntryW
RasDeleteSubEntryA
RasDeleteSubEntryW
RasDialA
RasDialW
RasEditPhonebookEntryA
RasEditPhonebookEntryW
RasEnumAutodialAddressesA
RasEnumAutodialAddressesW
RasEnumConnectionsA
RasEnumConnectionsW
RasEnumDevicesA
RasEnumDevicesW
RasEnumEntriesA
RasEnumEntriesW
RasFreeEapUserIdentityA
RasFreeEapUserIdentityW
RasGetAutodialAddressA
RasGetAutodialAddressW
RasGetAutodialEnableA
RasGetAutodialEnableW
RasGetAutodialParamA
RasGetAutodialParamW
RasGetConnectStatusA
RasGetConnectStatusW
RasGetConnectionStatistics
RasGetCountryInfoA
RasGetCountryInfoW
RasGetCredentialsA
RasGetCredentialsW
RasGetCustomAuthDataA
RasGetCustomAuthDataW
RasGetEapUserDataA
RasGetEapUserDataW
RasGetEapUserIdentityA
RasGetEapUserIdentityW
RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasGetEntryPropertiesW
RasGetErrorStringA
RasGetErrorStringW
RasGetHport
RasGetLinkStatistics
RasGetNapStatus
RasGetProjectionInfoA
RasGetProjectionInfoW
RasGetSubEntryHandleA
RasGetSubEntryHandleW
RasGetSubEntryPropertiesA
RasGetSubEntryPropertiesW
RasHangUpA
RasHangUpW
RasInvokeEapUI
RasQueryRedialOnLinkFailure
RasQuerySharedAutoDial
RasQuerySharedConnection
RasRenameEntryA
RasRenameEntryW
RasScriptTerm
RasSetAutodialAddressA
RasSetAutodialAddressW
RasSetAutodialEnableA
RasSetAutodialEnableW
RasSetAutodialParamA
RasSetAutodialParamW
RasSetCredentialsA
RasSetCredentialsW
RasSetCustomAuthDataA
RasSetCustomAuthDataW
RasSetEapUserDataA
RasSetEapUserDataW
RasSetEntryDialParamsA
RasSetEntryDialParamsW
RasSetEntryPropertiesA
RasSetEntryPropertiesW
RasSetOldPassword
RasSetSharedAutoDial
RasSetSubEntryPropertiesA
RasSetSubEntryPropertiesW
RasValidateEntryNameA
RasValidateEntryNameW
RasEnumEntriesA
RasEnumEntriesA

opengl32

GlmfBeginGlsBlock
GlmfBeginGlsBlock

odbctrac

TraceSQLAllocEnv

kerberos

KerbKdcCallBack

credui

CredUIInitControls

cryptui

CryptUIDlgSelectCA
CryptUIDlgSelectCA

cfgmgr32

CM_Delete_Range

msvcrt

fopen
fread

pdh

PdhEnumObjectsA

azroles

AzAddPropertyItem
AzApplicationClose
AzApplicationCreate
AzApplicationDelete
AzApplicationEnum

Sections

text
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DAT
Size: 11KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kreo1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

Sharing

General

Malware Config

Signatures

Files

9659fd8058aa9e40d41222359c12f3bc

Headers

File Characteristics

Imports

kernel32

rasapi32

opengl32

odbctrac

kerberos

credui

cryptui

cfgmgr32

msvcrt

pdh

azroles

Sections

text Size: 1024B - Virtual size: 38KB

.DAT Size: 11KB - Virtual size: 64KB

kreo1 Size: 10KB - Virtual size: 12KB

DATA Size: 2KB - Virtual size: 2KB

text
Size: 1024B - Virtual size: 38KB

.DAT
Size: 11KB - Virtual size: 64KB

kreo1
Size: 10KB - Virtual size: 12KB

DATA
Size: 2KB - Virtual size: 2KB