69fc13789ba9421eb0f53ed76ba299db6ff51b76a5c2d8118f34bf3fa46009b9

Sharing

Copy URL Twitter E-mail

General

Target

69fc13789ba9421eb0f53ed76ba299db6ff51b76a5c2d8118f34bf3fa46009b9
Size

827KB
MD5

3d5dcf425f658efe1c8e0f260fcc7d30
SHA1

a859be4491227afdffaddf035afbd1a1518d6dda
SHA256

69fc13789ba9421eb0f53ed76ba299db6ff51b76a5c2d8118f34bf3fa46009b9
SHA512

f03ad610d0cefdd2ee4a2583087f792182da7db6ee3a6f338f64e50287acb316b965b6a4d25e71b91bc60982beb99e951e2ff80d6b86b7a7f02dd7b2806a596f
SSDEEP

12288:aFHuty0HlEkFZnBuxRykTaY+WNX/ZNodqK5P67zPuKrjEJ9NYt6JZo86YRt67:EOfHGkF+ry8hNKDIPFrjO9GL86Yj6

Score

N/A

Malware Config

Signatures

Files

69fc13789ba9421eb0f53ed76ba299db6ff51b76a5c2d8118f34bf3fa46009b9
.exe windows x86

3eb26225eb97432430cac130585cc5da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

InitializeAcl
TraceMessage
RegSetValueExA
StartTraceW
StartServiceCtrlDispatcherW
RemoveUsersFromEncryptedFile
CryptCreateHash
AddAccessAllowedAceEx
EqualPrefixSid
RegOpenKeyExA
RegNotifyChangeKeyValue
AreAnyAccessesGranted
RegSaveKeyW
FreeSid
LsaLookupPrivilegeValue
AddAccessAllowedObjectAce
InitiateSystemShutdownW
RegOverridePredefKey
OpenTraceW
RegCreateKeyExA

kernel32

SetConsoleTextAttribute
GetFileTime
VirtualAlloc
IsBadStringPtrW
DeleteTimerQueueTimer
GetLocalTime
GetComputerNameA
GetModuleHandleW
SetProcessPriorityBoost
GetFileInformationByHandle
DeleteTimerQueueEx
Sleep
EnumSystemLanguageGroupsA
ContinueDebugEvent
RemoveDirectoryW
GetTapeParameters
LoadResource
GetSystemDirectoryA
SetLocalTime

iphlpapi

GetAdaptersInfo
InternalCreateIpForwardEntry
GetInterfaceInfo
FlushIpNetTable
GetBestInterface
NhGetInterfaceNameFromGuid

ulib

??1PATH_ARGUMENT@@UAE@XZ
??0KEYBOARD@@QAE@XZ
?GetWSTR@WSTRING@@QBEPBGXZ
?Display@MESSAGE@@QAAEPBDZZ
?QueryDirectory@SYSTEM@@SGPAVFSN_DIRECTORY@@PBVPATH@@E@Z
?DeleteAllMembers@SEQUENTIAL_CONTAINER@@UAEEXZ

netapi32

NetUseEnum
NetLocalGroupGetInfo
NetGetAnyDCName
NetLocalGroupGetMembers
NetGroupDel
NetFileEnum
NetUseDel
NetLocalGroupAddMembers
NetSessionDel
NetStatisticsGet
NetLocalGroupSetInfo
NetDfsSetClientInfo
NetValidateName
DsRoleGetPrimaryDomainInformation
Netbios
NetWkstaUserEnum
NetGroupGetUsers

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wDfcH
Size: 638KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3eb26225eb97432430cac130585cc5da

Headers

File Characteristics

Imports

advapi32

kernel32

iphlpapi

ulib

netapi32

Sections

.text Size: 66KB - Virtual size: 65KB

.wDfcH Size: 638KB - Virtual size: 1.0MB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 1024B - Virtual size: 628B

.text
Size: 66KB - Virtual size: 65KB

.wDfcH
Size: 638KB - Virtual size: 1.0MB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 1024B - Virtual size: 628B