791f4c95cbe8ac8f9ef47217a2e8fee3442cd8bfdce4b81959e407359e598870

Sharing

Copy URL Twitter E-mail

General

Target

791f4c95cbe8ac8f9ef47217a2e8fee3442cd8bfdce4b81959e407359e598870
Size

27KB
MD5

c4f66eeb41777b2aaff4df8bacb11f4d
SHA1

ac645acd418c358a57a0523018926608d6a27f88
SHA256

791f4c95cbe8ac8f9ef47217a2e8fee3442cd8bfdce4b81959e407359e598870
SHA512

84d86c305f60d29c5acb3ee0e520ba15ffba29c128aeb28282bad33232a89e86b8c10a6df0658b1168c45bed97f7089e5df42295defa8c268e42715bf414d905
SSDEEP

384:JUuKjUxYv5v6CZBSAoGd0Zfa9fg5OnT4F4a3zNq:yuKgxIYG0fa9fgknT4F4apq

Score

N/A

Malware Config

Signatures

Files

791f4c95cbe8ac8f9ef47217a2e8fee3442cd8bfdce4b81959e407359e598870
.exe windows x86

9659fd8058aa9e40d41222359c12f3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ReplaceFileW
GetACP
IsBadWritePtr
SetComputerNameW
QueryDosDeviceW
CreateJobObjectW
ReadConsoleOutputW
IsDebuggerPresent
Beep
_lopen
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA
MulDiv
BackupWrite
GetTickCount
RtlMoveMemory
SetComputerNameA
QueryDosDeviceA
CreateJobObjectW
ReadConsoleOutputW
RegisterWowExec
Beep
GetProfileIntW
TerminateProcess
TerminateProcess
GetSystemDirectoryA

rasapi32

RasEnumEntriesA
DDMGetPhonebookInfo
DwCloneEntry
RasAutoDialSharedConnection
RasAutodialAddressToNetwork
RasAutodialEntryToNetwork
RasClearConnectionStatistics
RasClearLinkStatistics
RasConnectionNotificationA
RasConnectionNotificationW
RasCreatePhonebookEntryA
RasCreatePhonebookEntryW
RasDeleteEntryA
RasDeleteEntryW
RasDeleteSubEntryA
RasDeleteSubEntryW
RasDialA
RasDialW
RasEditPhonebookEntryA
RasEditPhonebookEntryW
RasEnumAutodialAddressesA
RasEnumAutodialAddressesW
RasEnumConnectionsA
RasEnumConnectionsW
RasEnumDevicesA
RasEnumDevicesW
RasEnumEntriesA
RasEnumEntriesW
RasFreeEapUserIdentityA
RasFreeEapUserIdentityW
RasGetAutodialAddressA
RasGetAutodialAddressW
RasGetAutodialEnableA
RasGetAutodialEnableW
RasGetAutodialParamA
RasGetAutodialParamW
RasGetConnectStatusA
RasGetConnectStatusW
RasGetConnectionStatistics
RasGetCountryInfoA
RasGetCountryInfoW
RasGetCredentialsA
RasGetCredentialsW
RasGetCustomAuthDataA
RasGetCustomAuthDataW
RasGetEapUserDataA
RasGetEapUserDataW
RasGetEapUserIdentityA
RasGetEapUserIdentityW
RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasGetEntryPropertiesW
RasGetErrorStringA
RasGetErrorStringW
RasGetHport
RasGetLinkStatistics
RasGetNapStatus
RasGetProjectionInfoA
RasGetProjectionInfoW
RasGetSubEntryHandleA
RasGetSubEntryHandleW
RasGetSubEntryPropertiesA
RasGetSubEntryPropertiesW
RasHangUpA
RasHangUpW
RasInvokeEapUI
RasQueryRedialOnLinkFailure
RasQuerySharedAutoDial
RasQuerySharedConnection
RasRenameEntryA
RasRenameEntryW
RasScriptTerm
RasSetAutodialAddressA
RasSetAutodialAddressW
RasSetAutodialEnableA
RasSetAutodialEnableW
RasSetAutodialParamA
RasSetAutodialParamW
RasSetCredentialsA
RasSetCredentialsW
RasSetCustomAuthDataA
RasSetCustomAuthDataW
RasSetEapUserDataA
RasSetEapUserDataW
RasSetEntryDialParamsA
RasSetEntryDialParamsW
RasSetEntryPropertiesA
RasSetEntryPropertiesW
RasSetOldPassword
RasSetSharedAutoDial
RasSetSubEntryPropertiesA
RasSetSubEntryPropertiesW
RasValidateEntryNameA
RasValidateEntryNameW
RasEnumEntriesA
RasEnumEntriesA

opengl32

GlmfBeginGlsBlock
GlmfBeginGlsBlock

odbctrac

TraceSQLAllocEnv

kerberos

KerbKdcCallBack

credui

CredUIInitControls

cryptui

CryptUIDlgSelectCA
CryptUIDlgSelectCA

cfgmgr32

CM_Delete_Range

msvcrt

fopen
fread

pdh

PdhEnumObjectsA

azroles

AzAddPropertyItem
AzApplicationClose
AzApplicationCreate
AzApplicationDelete
AzApplicationEnum

Sections

text
Size: 1024B - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DAT
Size: 11KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

send
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9659fd8058aa9e40d41222359c12f3bc

Headers

File Characteristics

Imports

kernel32

rasapi32

opengl32

odbctrac

kerberos

credui

cryptui

cfgmgr32

msvcrt

pdh

azroles

Sections

text Size: 1024B - Virtual size: 38KB

.DAT Size: 11KB - Virtual size: 64KB

send Size: 10KB - Virtual size: 12KB

DATA Size: 2KB - Virtual size: 2KB

text
Size: 1024B - Virtual size: 38KB

.DAT
Size: 11KB - Virtual size: 64KB

send
Size: 10KB - Virtual size: 12KB

DATA
Size: 2KB - Virtual size: 2KB