360c6b79e955e8ec6be3ddd339843a3aef798e713aae76ea59b7b683b40103b6

Sharing

Copy URL Twitter E-mail

General

Target

360c6b79e955e8ec6be3ddd339843a3aef798e713aae76ea59b7b683b40103b6
Size

707KB
MD5

1b322aedc4d525a2f1d2786706388310
SHA1

bf1c4c52b892369402e0b6ba429459e6bf4f6ae3
SHA256

360c6b79e955e8ec6be3ddd339843a3aef798e713aae76ea59b7b683b40103b6
SHA512

490ef158569b43b35e9261345312c6113249acc4a5920b2bd87fccc528b58d97ae76256b383ca074f1624c4d84e62f0711793a53521d95cb0b952f56cb30a6e1
SSDEEP

12288:RuAnZ+A44YAyuO86X+6sxJL/ZdMMfP/0JRb6etnTtKg:RtA14GuOax5/cMH/+b6OBKg

Score

N/A

Malware Config

Signatures

Files

360c6b79e955e8ec6be3ddd339843a3aef798e713aae76ea59b7b683b40103b6
.exe windows x86

922ddb215f20b8f47aa8d0d14384032b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msacm32

acmStreamUnprepareHeader
acmFormatChooseW
acmDriverEnum
acmStreamPrepareHeader
acmStreamOpen
acmDriverClose
acmStreamConvert
acmGetVersion
acmMetrics
acmStreamSize
acmFormatTagDetailsW
acmStreamClose
acmFormatDetailsW
acmFormatSuggest
acmDriverOpen

netapi32

NetShareDelSticky
NetGroupDelUser
NetShareEnum
NetServiceInstall
NetJoinDomain
NetServerGetInfo
DsValidateSubnetNameA
NetUserModalsSet
NetServiceEnum
NetWkstaTransportEnum
NetGetJoinInformation
NetMessageBufferSend
NetUseDel
DsGetDcNameW
NetServerDiskEnum
NetUserEnum
NetUserModalsGet
NetConnectionEnum
NetWkstaUserGetInfo
NetQueryDisplayInformation
NetLocalGroupEnum
NetLocalGroupGetInfo
NetServerEnum
NetUserGetLocalGroups
DsGetSiteNameW
NetUserDel
NetApiBufferFree
NetUnjoinDomain

rasapi32

RasGetEapUserDataW
RasGetSubEntryPropertiesW
RasGetConnectStatusW
RasGetProjectionInfoW
RasSetEntryPropertiesW
RasEnumEntriesW
RasGetEapUserIdentityW
RasSetSubEntryPropertiesW
RasDeleteEntryW
RasDialW
RasEnumConnectionsW
RasSetCredentialsW
RasConnectionNotificationW
RasHangUpW
RasValidateEntryNameW
RasSetEapUserDataA
RasGetCustomAuthDataW
RasGetCredentialsW
RasEnumConnectionsA
RasGetErrorStringW

msvcrt

log10
_strdup
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
ldexp
_snprintf
_read
_chdrive
toupper
__argc
strncat
tmpnam
isupper
_fcvt
_cexit
?what@exception@@UBEPBDXZ
__RTDynamicCast
_close
_hypot
islower
??0exception@@QAE@ABQBD@Z
_open
system

advapi32

SetTokenInformation
AllocateAndInitializeSid
RegCreateKeyExW
RegOpenKeyA
CryptAcquireContextA
RevertToSelf
PrivilegeCheck
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetTokenInformation
ObjectCloseAuditAlarmA
RegSaveKeyA
CryptGenRandom
LsaDelete
CryptSignHashW
RegQueryValueExA
StartServiceCtrlDispatcherA
RegisterEventSourceW
SystemFunction016
RegSaveKeyW
FileEncryptionStatusW
SystemFunction012
QueryUsersOnEncryptedFile
CryptDeriveKey
OpenEventLogA
TraceEvent

kernel32

CreateSemaphoreW
ReadFileEx
QueryDosDeviceA
lstrcpynW
GetLongPathNameW
WriteProfileSectionA
GetTapeParameters
EndUpdateResourceA
OpenSemaphoreW
GetProcessIoCounters
HeapLock
GetAtomNameA
Module32First
GetPrivateProfileIntW
SetConsoleActiveScreenBuffer
LoadLibraryA
BuildCommDCBA
DebugBreak
ExpandEnvironmentStringsW
GetCurrentThreadId
CallNamedPipeA
CreateFileMappingW
VirtualAlloc
MoveFileWithProgressA
GetEnvironmentStrings
GetCurrencyFormatW
VirtualQueryEx
GetSystemDirectoryW
TzSpecificLocalTimeToSystemTime
DeviceIoControl
WriteConsoleInputA

user32

OemToCharBuffA
MapWindowPoints
LoadImageW
DrawTextW
IsClipboardFormatAvailable
FrameRect
PaintDesktop
GetClassLongA
IsWindowUnicode
SetShellWindowEx
KillTimer
GetWindowContextHelpId
OemKeyScan
SendMessageA
ChangeClipboardChain
GetWindowPlacement
RegisterLogonProcess
CharToOemBuffA
GetAsyncKeyState
GetSysColor
GetAppCompatFlags
CreateWindowExA
GetClipboardData
LoadStringW
UpdatePerUserSystemParameters
DlgDirListA
DestroyWindow
CreatePopupMenu
LoadMenuIndirectA
CreateDialogIndirectParamA
GetClipboardOwner
LoadStringA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHAddToRecentDocs
SHGetFolderPathW
DragFinish
DuplicateIcon
SHGetSpecialFolderPathA
SHFileOperationA
SHGetPathFromIDListW
SHUpdateRecycleBinIcon
SHGetIconOverlayIndexW
SHGetFileInfoA
SheChangeDirExW
FindExecutableA
ExtractIconExA
SHGetPathFromIDListA
SHGetDesktopFolder
SHChangeNotifySuspendResume
ShellExecuteA
ExtractAssociatedIconA
SHGetSpecialFolderPathW
SHChangeNotify
ShellAboutW

Sections

.text
Size: 18KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 542KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

922ddb215f20b8f47aa8d0d14384032b

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

netapi32

rasapi32

msvcrt

advapi32

kernel32

user32

shell32

Sections

.text Size: 18KB - Virtual size: 337KB

CRT Size: 542KB - Virtual size: 861KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 1024B - Virtual size: 138B

.text
Size: 18KB - Virtual size: 337KB

CRT
Size: 542KB - Virtual size: 861KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 1024B - Virtual size: 138B