7578350a543c38ef2df3535ae7ddbf3b3594b39d749a1137c68268f08232945f

Sharing

Copy URL Twitter E-mail

General

Target

7578350a543c38ef2df3535ae7ddbf3b3594b39d749a1137c68268f08232945f
Size

40KB
MD5

bb187856100a4ab3c2f97c28f5a83d69
SHA1

7d3ce171a65a67f9ab226264ea51e9c238aa2f69
SHA256

7578350a543c38ef2df3535ae7ddbf3b3594b39d749a1137c68268f08232945f
SHA512

1140378e16ff6f6af1b3ec132d22d7bbf694327a0c5787510b7f9b7b232d96f1106f34e27815fe2f5518f9fdd76db435d44131790624f86dc036c07065dba75f
SSDEEP

768:aSbxM7QJrUnQE6tI+Ot2Prq1mDKYDi1qeMQACkheqbeWkfeN:cT36y2Prq1mDK4mrMlheqbeWkWN

Score

N/A

Malware Config

Signatures

Files

7578350a543c38ef2df3535ae7ddbf3b3594b39d749a1137c68268f08232945f
.exe windows x86

b860d0f69f957ca0e8e00b7a19c9d749

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GlobalFix
SetMailslotInfo
VirtualProtectEx
ReadDirectoryChangesW
TzSpecificLocalTimeToSystemTime
EnumUILanguagesW
LoadLibraryA
SetLastError
GetSystemDirectoryW
VirtualAlloc
GetFileAttributesExA
Process32FirstW
GetEnvironmentVariableA
SetThreadLocale
GetProcAddress
FindFirstFileExW
_lwrite
SetComputerNameExA
ZombifyActCtx
DnsHostnameToComputerNameW
CreateActCtxW
GlobalAlloc
LZStart
GetDiskFreeSpaceA
WriteTapemark
OutputDebugStringW
UTUnRegister
IsBadStringPtrW
WriteProfileSectionW
FindAtomW
GetVersionExA
GetFileAttributesExW
QueryActCtxW
SetCurrentDirectoryW
IsValidLocale

comctl32

ImageList_BeginDrag
InitMUILanguage
PropertySheetA
ImageList_DragShowNolock
CreateStatusWindowA
ImageList_DrawEx
FlatSB_GetScrollProp
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_GetImageCount
ImageList_Duplicate
ImageList_Replace
ImageList_Add
ImageList_Create
InitCommonControlsEx
FlatSB_SetScrollProp
ImageList_GetIcon
ImageList_GetDragImage
FlatSB_ShowScrollBar
ImageList_DragMove
FlatSB_GetScrollRange
DestroyPropertySheetPage
ImageList_GetImageRect
ImageList_SetOverlayImage
CreateUpDownControl
FlatSB_EnableScrollBar
DllGetVersion
ImageList_ReplaceIcon
MakeDragList
DrawStatusTextW
ImageList_Destroy

ws2_32

WSCUpdateProvider
WSAAccept
WSAAsyncGetServByName
select
gethostname
WSADuplicateSocketA
getservbyname
ntohl
WSASetServiceA
WSAEnumNameSpaceProvidersA
WSALookupServiceEnd
WSARecvFrom
WSALookupServiceBeginW
gethostbyaddr
WSCInstallProvider
WSCInstallNameSpace
listen
WSARecvDisconnect
WEP
WSASetServiceW
getpeername
WSALookupServiceBeginA
WSAConnect
WSALookupServiceNextA
WSASocketA
getprotobyname
getsockname
WSAGetServiceClassInfoW
htonl

certcli

CAIsCertTypeCurrent
CASetCertTypeExtension
CADeleteLocalAutoEnrollmentObject
CACloseCA
CAGetCAFlags
CAGetCAProperty
CAOIDFreeLdapURL
CAUpdateCA
CAGetDN
CAFreeCertTypeProperty
CASetCertTypeFlagsEx
CAGetCertTypeExtensionsEx
DllInstall
CAGetCertTypeExtensions
CAGetCertTypeExpiration
CACountCertTypes
CAEnumCertTypes
CAFreeCAProperty
CASetCertTypeKeySpec
CASetCertTypeFlags
CACertTypeAccessCheck
CAGetCASecurity
CACertTypeSetSecurity
CACreateNewCA
CAFindByCertType
CACountCAs
CAFreeCertTypeExtensions
CAFindCertTypeByName
CAFindByIssuerDN

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b860d0f69f957ca0e8e00b7a19c9d749

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

ws2_32

certcli

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 4KB