617af029221f990c321ec39b4ff6e9bbe68651961ca4867882b9bfcfce18d2e0

Sharing

Copy URL Twitter E-mail

General

Target

617af029221f990c321ec39b4ff6e9bbe68651961ca4867882b9bfcfce18d2e0
Size

26KB
MD5

2d6b0d4d9d4ff6319213926a1be09561
SHA1

40ebc485c2fb1437cc4f2ec879693891fe281578
SHA256

617af029221f990c321ec39b4ff6e9bbe68651961ca4867882b9bfcfce18d2e0
SHA512

1230631436ee5d516e1a40b429f317386c1838253250e1b6cc40441f942d0f471127a09666230da8a4d156daa3f1f26a4754bcc8fdd20ed88b339693f8c02ebf
SSDEEP

768:2Tc72P/LeYKhyhjzzzzzzzzzzzzzzzzzzzzzzzzzzzz2:2gk/3KhMzzzzzzzzzzzzzzzzzzzzzzzi

Score

N/A

Malware Config

Signatures

Files

617af029221f990c321ec39b4ff6e9bbe68651961ca4867882b9bfcfce18d2e0
.exe windows x86

63a20667aacf69611447d0a9b3faba73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetUserChangePassword
NetUserDel
NetUserEnum
NetUserGetGroups
NetUserGetInfo
NetUserGetLocalGroups
NetUserModalsGet
NetUserModalsSet
NetUserSetGroups
NetUserSetInfo
NetValidateName
NetWkstaGetInfo
NetWkstaSetInfo
NetWkstaTransportAdd
NetWkstaTransportDel
NetWkstaTransportEnum
NetWkstaUserEnum
NetWkstaUserGetInfo
NetWkstaUserSetInfo
NetapipBufferAllocate
Netbios
NetpAddTlnFtinfoEntry
NetpAssertFailed
NetpCleanFtinfoContext
NetpCloseConfigData
NetpCopyFtinfoContext
NetpDbgPrint
NetUserChangePassword
NetUserDel
NetUserEnum
NetUserGetGroups
NetUserGetInfo
NetUserGetLocalGroups
NetUserModalsGet
NetUserModalsSet
NetUserSetGroups
NetUserSetInfo
NetValidateName
NetWkstaGetInfo
NetWkstaSetInfo
NetWkstaTransportAdd
NetWkstaTransportDel
NetWkstaTransportEnum
NetWkstaUserEnum
NetWkstaUserGetInfo
NetWkstaUserSetInfo
NetapipBufferAllocate
Netbios
NetpAddTlnFtinfoEntry
NetpAssertFailed
NetpCleanFtinfoContext
NetpCloseConfigData
NetpCopyFtinfoContext
NetpDbgPrint

msvcrt

fread
fopen

kernel32

QueryDosDeviceA
GetTickCount
GetWindowsDirectoryA
GetVersionExW
ReadConsoleA
EnumCalendarInfoW
CallNamedPipeA
SetFileTime
SetLocalTime

mprapi

CompressPhoneNumber
MprAdminBufferFree
MprAdminConnectionClearStats
MprAdminConnectionEnum
MprAdminConnectionGetInfo
MprAdminDeregisterConnectionNotification

catsrv

DllCanUnloadNow

httpapi

HttpAddFragmentToCache

mssign32

PvkPrivateKeyLoad
PvkPrivateKeyLoadA
PvkPrivateKeyLoadFromMemory
PvkPrivateKeyLoadFromMemoryA
PvkPrivateKeyReleaseContext
PvkPrivateKeyReleaseContextA
PvkPrivateKeySave
PvkPrivateKeySaveA
PvkPrivateKeySaveToMemory
PvkPrivateKeySaveToMemoryA
SignError
SignerAddTimeStampResponse
PvkPrivateKeyLoad
PvkPrivateKeyLoadA
PvkPrivateKeyLoadFromMemory
PvkPrivateKeyLoadFromMemoryA
PvkPrivateKeyReleaseContext
PvkPrivateKeyReleaseContextA
PvkPrivateKeySave
PvkPrivateKeySaveA
PvkPrivateKeySaveToMemory
PvkPrivateKeySaveToMemoryA
SignError
SignerAddTimeStampResponse

mshtml

CreateHTMLPropertyPage
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
MatchExactGetIDsOfNames
PrintHTML
RunHTMLApplication
ShowHTMLDialog
ShowHTMLDialogEx
ShowModelessHTMLDialog
CreateHTMLPropertyPage
CreateHTMLPropertyPage
DllCanUnloadNow
DllEnumClassObjects
DllGetClassObject
MatchExactGetIDsOfNames
PrintHTML
RunHTMLApplication
ShowHTMLDialog
ShowHTMLDialogEx
ShowModelessHTMLDialog
CreateHTMLPropertyPage

activeds

ADsEncodeBinaryData
ADsFreeEnumerator
ADsEncodeBinaryData
ADsFreeEnumerator

Sections

text
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_MEM_READ

.bss
Size: 10KB - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63a20667aacf69611447d0a9b3faba73

Headers

File Characteristics

Imports

netapi32

msvcrt

kernel32

mprapi

catsrv

httpapi

mssign32

mshtml

activeds

Sections

text Size: 1KB - Virtual size: 14KB

.bss Size: 10KB - Virtual size: 84KB

.rsrc Size: 12KB - Virtual size: 16KB

.rdata Size: 1024B - Virtual size: 1008B

text
Size: 1KB - Virtual size: 14KB

.bss
Size: 10KB - Virtual size: 84KB

.rsrc
Size: 12KB - Virtual size: 16KB

.rdata
Size: 1024B - Virtual size: 1008B