0952e3f370f47dd898b88e631d13c0391d6aabbefdefdcd6322ae2192fd282d2

Sharing

Copy URL Twitter E-mail

General

Target

0952e3f370f47dd898b88e631d13c0391d6aabbefdefdcd6322ae2192fd282d2
Size

1.0MB
MD5

a18f70e4d60501b503ba96123f056879
SHA1

bf69a7e3ea0beb74153461e5b7a3e3ee0a5905b6
SHA256

0952e3f370f47dd898b88e631d13c0391d6aabbefdefdcd6322ae2192fd282d2
SHA512

ea2ca3b4e5c7452fe4c6f96f39dc0f0e617c053bd53c2ac46f1fdd8740f369659d984e0ad463a197adc7fd6ad515c11f1f8a1fd45b0e28b61b579596bed7b978
SSDEEP

24576:CqV6ElSNOUafiha2cNuCM919koUAXrcdRN8Vz+:v6ElSNOUoiTkoUi685

Score

N/A

Malware Config

Signatures

Files

0952e3f370f47dd898b88e631d13c0391d6aabbefdefdcd6322ae2192fd282d2
.exe windows x86

7d2d66232108a5dff4e8d0d21ff84151

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CreateCaret
LoadKeyboardLayoutA
CallWindowProcW
CloseWindow
AdjustWindowRect
PeekMessageA
DefFrameProcW
CreateIcon
DrawTextW
SendMessageW
CharLowerBuffA
MessageBoxA
DlgDirListW
ShowCursor

msvcrt

_localtime64
_purecall
??1type_info@@UAE@XZ
isupper
toupper
memcpy
_wcslwr
_strtime
_chdrive

secur32

QuerySecurityPackageInfoW
TranslateNameW
LsaLookupAuthenticationPackage
LsaUnregisterPolicyChangeNotification
LsaDeregisterLogonProcess
LsaGetLogonSessionData
LsaRegisterPolicyChangeNotification
QueryContextAttributesW
LsaRegisterLogonProcess
AcceptSecurityContext

advapi32

RegUnLoadKeyW
RegCreateKeyExW
CloseServiceHandle
InitializeSecurityDescriptor
GetKernelObjectSecurity
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessWithLogonW
RegisterServiceCtrlHandlerW
RegSetKeySecurity
EqualPrefixSid
AddAccessAllowedAce

kernel32

QueryInformationJobObject
lstrcmpA
CreateFiber
ReplaceFileW
SetVolumeLabelA
GetFullPathNameW
HeapUnlock
CreateConsoleScreenBuffer
Module32Next
BackupWrite
SetInformationJobObject
lstrcmpiA
EnumDateFormatsExW
VirtualAlloc
DosPathToSessionPathW
HeapCreate
GetPrivateProfileSectionW
lstrcmpW
GetCommTimeouts
LockResource
SetLocalTime

netapi32

NetServerEnum
NetUserModalsGet
NetShareCheck
NetServerDiskEnum
NetUserAdd
NetErrorLogWrite
NetShareGetInfo
NetpwPathType
NetUserDel

mprapi

MprConfigInterfaceTransportGetInfo
MprConfigInterfaceTransportEnum
MprAdminMIBEntryGetNext
MprConfigTransportSetInfo
MprAdminConnectionGetInfo
MprAdminGetErrorString
MprConfigGetFriendlyName
MprConfigInterfaceEnum
MprConfigInterfaceTransportRemove
MprAdminMIBEntryGet

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 160KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 360KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 115KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d2d66232108a5dff4e8d0d21ff84151

Headers

File Characteristics

Imports

user32

msvcrt

secur32

advapi32

kernel32

netapi32

mprapi

Sections

.text Size: 118KB - Virtual size: 117KB

.idata Size: 160KB - Virtual size: 307KB

.edata Size: 360KB - Virtual size: 399KB

.rdata Size: 152KB - Virtual size: 322KB

.bss Size: 115KB - Virtual size: 154KB

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 118KB - Virtual size: 117KB

.idata
Size: 160KB - Virtual size: 307KB

.edata
Size: 360KB - Virtual size: 399KB

.rdata
Size: 152KB - Virtual size: 322KB

.bss
Size: 115KB - Virtual size: 154KB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 1KB - Virtual size: 1KB