94ecfb32c003b28e0471a4f4f367f65a9a386937ea44b4996210730b0650b35d

Sharing

Copy URL Twitter E-mail

General

Target

94ecfb32c003b28e0471a4f4f367f65a9a386937ea44b4996210730b0650b35d
Size

135KB
MD5

423614a37741647a6cba27f1023f5453
SHA1

d413b2bda2380fa384fb2da9437fa73da64d0cb1
SHA256

94ecfb32c003b28e0471a4f4f367f65a9a386937ea44b4996210730b0650b35d
SHA512

6e3b47514ef937b41b4dfe0c86d10e44e0fb1d2187a16e50e8faa1ecc12d75f0577c5de4e4e11b804143431dd54814deb0e1b49abd9522e382e2ca5fc5dfccd4
SSDEEP

3072:jTlJuxk6dvqNVgH3Umqtb5wp3/ac2k4SzHFO+De5Ki:jTnsldvkVHFtdwR/ag4SzNiK

Score

N/A

Malware Config

Signatures

Files

94ecfb32c003b28e0471a4f4f367f65a9a386937ea44b4996210730b0650b35d
.exe windows x86

abd80ee352a4b5249e7f1098e8917a09

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasesW
lstrcpyn
PrepareTape
_lwrite
VirtualFree
QueryPerformanceCounter
AddConsoleAliasA
FreeLibrary
FillConsoleOutputCharacterW
ConvertThreadToFiber
GetVolumeNameForVolumeMountPointA
OpenConsoleW
UnregisterWait
EnumLanguageGroupLocalesW
LoadLibraryA
InterlockedExchange
GetModuleHandleExW
EnumResourceTypesW
WriteProcessMemory
DeactivateActCtx
CompareStringW
GetPrivateProfileStringA
EnumTimeFormatsW
GetDevicePowerState
GlobalUnWire
CreateMutexW
CancelDeviceWakeupRequest
FindFirstFileW
GetFileAttributesExA
LocalReAlloc
SetThreadUILanguage
GetCPInfo
GetCurrentConsoleFont
TerminateThread
WritePrivateProfileStructW
WriteProfileSectionW
SetCommConfig
GetThreadTimes
InterlockedPopEntrySList
SetVolumeMountPointW
EnumDateFormatsExA
SetConsoleCursorMode
GetLargestConsoleWindowSize
CreateHardLinkA
GlobalAlloc
GetSystemDefaultUILanguage
DeleteFileA
GlobalFlags
GlobalDeleteAtom
FindFirstFileA
GlobalFix
GetNumaAvailableMemoryNode
GetDateFormatA
SetConsoleCtrlHandler
WriteFileEx
VerSetConditionMask
GetStartupInfoA
VirtualAlloc
GetConsoleCP
ExpandEnvironmentStringsW
SetLastError
FindNextFileW
GetCurrentProcessId
SetComputerNameA
SetProcessAffinityMask

user32

GetPropA
keybd_event
GetUserObjectSecurity
GetWindowContextHelpId
GetSubMenu
MessageBoxIndirectA
RegisterClassA
CharLowerA
EnumWindowStationsW
SetWindowLongA
CreateMDIWindowW
MonitorFromRect
DlgDirListA
CharLowerBuffW
InsertMenuW
GetInputState
ChildWindowFromPoint
LoadImageW
GetDCEx
GetKeyboardLayoutList
EmptyClipboard
SetWindowWord
BroadcastSystemMessageA

advapi32

LsaEnumeratePrivilegesOfAccount
ConvertSecurityDescriptorToAccessNamedW
EqualPrefixSid
GetTrusteeTypeW
CryptGetDefaultProviderA
LsaQueryDomainInformationPolicy
CredMarshalCredentialA
CredUnmarshalCredentialW
OpenTraceA
GetSidSubAuthority
SystemFunction017
RegRestoreKeyA
CopySid
SaferiSearchMatchingHashRules
RegSetValueA
AddAuditAccessAce
LsaOpenAccount
DuplicateToken
CreatePrivateObjectSecurityWithMultipleInheritance
SetPrivateObjectSecurity

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abd80ee352a4b5249e7f1098e8917a09

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 34KB - Virtual size: 33KB

Size: 43KB - Virtual size: 42KB

.data Size: 55KB - Virtual size: 232KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 180B

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 55KB - Virtual size: 232KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 180B