5f2dc7e8f7ed574c759450c569e76c77ddc876b670a629ac45b514f20bbb9dec

Sharing

Copy URL Twitter E-mail

General

Target

5f2dc7e8f7ed574c759450c569e76c77ddc876b670a629ac45b514f20bbb9dec
Size

727KB
MD5

30c7f36601e620678ff24d98d7737760
SHA1

018f468f5c526309f93ab2d446a07a88b49730b9
SHA256

5f2dc7e8f7ed574c759450c569e76c77ddc876b670a629ac45b514f20bbb9dec
SHA512

f0609b1e4eadbe266a2147dbe37dcdcc4c45c866938550bc69c0aa8b9137f3ba78931a9b944d99f9dbf7023bfdbff7e091538d94543d671c34a1bfacb3268d30
SSDEEP

12288:4yADksIibTudSBzx1zunFnr2WuMxb4+J3SW:EUSBN1ahaWtNJ

Score

N/A

Malware Config

Signatures

Files

5f2dc7e8f7ed574c759450c569e76c77ddc876b670a629ac45b514f20bbb9dec
.exe windows x86

6295e750c5fdaaf8f7b77217c392edc5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigTransportDelete
MprAdminMIBEntryGetNext
MprAdminUserOpen
MprConfigInterfaceTransportRemove
MprAdminInterfaceDelete
MprConfigServerConnect
MprInfoBlockAdd
MprAdminMIBBufferFree
MprAdminServerConnect
MprConfigInterfaceDelete

advapi32

AddAccessAllowedObjectAce
SetTokenInformation
RegDeleteKeyW
CryptAcquireContextW
GetTraceLoggerHandle
CryptGetHashParam
CloseServiceHandle
AddAccessDeniedAce
RegOpenUserClassesRoot
LsaFreeMemory

userenv

DeleteProfileW
ProcessGroupPolicyCompletedEx
GetAppliedGPOListW
UnloadUserProfile
ExpandEnvironmentStringsForUserW
LeaveCriticalPolicySection
UnregisterGPNotification

kernel32

AreFileApisANSI
SetConsoleCursorInfo
CreateWaitableTimerA
CreateHardLinkA
GetCurrentProcess
WaitForMultipleObjects
DeleteVolumeMountPointA
ReadFileEx
VirtualAlloc
HeapSize
GetUserDefaultLangID
SetVolumeLabelW
WritePrivateProfileStructW
WTSGetActiveConsoleSessionId
GetFileTime
OpenMutexW

netapi32

NetUseGetInfo
NetUseEnum
NetServerGetInfo
NetFileClose
NetUserSetInfo
NetSessionDel
NetUseAdd

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 169KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 233KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 38KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 122KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 550B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6295e750c5fdaaf8f7b77217c392edc5

Headers

File Characteristics

Imports

mprapi

advapi32

userenv

kernel32

netapi32

Sections

.text Size: 23KB - Virtual size: 23KB

.edata Size: 169KB - Virtual size: 235KB

.idata Size: 233KB - Virtual size: 353KB

.idata Size: 38KB - Virtual size: 112KB

INIT Size: 122KB - Virtual size: 200KB

.rsrc Size: 138KB - Virtual size: 137KB

.reloc Size: 1024B - Virtual size: 550B

.text
Size: 23KB - Virtual size: 23KB

.edata
Size: 169KB - Virtual size: 235KB

.idata
Size: 233KB - Virtual size: 353KB

.idata
Size: 38KB - Virtual size: 112KB

INIT
Size: 122KB - Virtual size: 200KB

.rsrc
Size: 138KB - Virtual size: 137KB

.reloc
Size: 1024B - Virtual size: 550B