d2b00622e35561039e9ad7d50e393c4362e7768b7e92e761ea885b9e13ce685c

Sharing

Copy URL

Twitter E-mail

General

Target

d2b00622e35561039e9ad7d50e393c4362e7768b7e92e761ea885b9e13ce685c
Size

107KB
MD5

1913de5d47ac70799cd809c29385dfa0
SHA1

987a0967be1f685f2edd642ac296a7029063576d
SHA256

d2b00622e35561039e9ad7d50e393c4362e7768b7e92e761ea885b9e13ce685c
SHA512

39f31518a5568d116f362cb13c4eaec03d8c8257e4444410ed19915406a65db1398d0ab70aff6a3d7f21e43cec9a5fac31c15c06e16dea05e7addf9747733f09
SSDEEP

3072:Dj2mu4eGSBG031YxW6moxs8Z17bwwTbS:DjRuPo03JysebR

Score

N/A

Malware Config

Signatures

Files

d2b00622e35561039e9ad7d50e393c4362e7768b7e92e761ea885b9e13ce685c
.dll windows x86

751cd153c14162f0fca7967697f1a8b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

EnumServicesStatusW
RegCreateKeyExW
InitializeSecurityDescriptor
RegisterEventSourceW
GetKernelObjectSecurity
LookupPrivilegeValueW
ElfDeregisterEventSource
AddAccessAllowedAce
LogonUserW
RegSetKeySecurity
RegQueryMultipleValuesA
RegRestoreKeyW

netapi32

NetErrorLogWrite
NetShareEnum
NetLocalGroupAddMembers
NetAlertRaiseEx
DsEnumerateDomainTrustsW
NetUserChangePassword
NetStatisticsGet
I_NetServerReqChallenge
NetUserModalsGet
NetGroupDel
NetUseGetInfo
NetLocalGroupEnum
NetWkstaGetInfo
NetGroupGetInfo

msvcrt

_ismbblead
_wfreopen
__setusermatherr
toupper
_mbsupr
longjmp
_timezone
rand
isupper
memcmp
iswprint
_CIcos
_mbsnextc
_ismbcalpha
wcsstr

user32

SendMessageW
BeginPaint
SetWindowRgn
MonitorFromWindow
PtInRect
EmptyClipboard
SetKeyboardState
CheckMenuItem
SendNotifyMessageW
SetWindowsHookA

msacm32

acmFormatDetailsW
acmDriverEnum
acmStreamUnprepareHeader
acmGetVersion
acmDriverClose
acmMetrics
acmStreamOpen
acmStreamPrepareHeader
acmFormatSuggest
acmFormatTagDetailsW
acmDriverOpen
acmStreamConvert
acmStreamSize
acmStreamClose
acmFormatChooseW

kernel32

AddAtomA
SetupComm
GetWindowsDirectoryW
QueryInformationJobObject
GetProcessTimes
GetPrivateProfileSectionW
CreateRemoteThread
SystemTimeToFileTime
OutputDebugStringW
GetSystemTime
VirtualAlloc
ExpandEnvironmentStringsW
CreateConsoleScreenBuffer
GetVersion
EnumResourceLanguagesW
EnumDateFormatsExW
GetCalendarInfoW

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

751cd153c14162f0fca7967697f1a8b8

Headers

File Characteristics

Imports

advapi32

netapi32

msvcrt

user32

msacm32

kernel32

Sections

.text Size: 87KB - Virtual size: 87KB

.idata Size: 13KB - Virtual size: 53KB

.edata Size: 1KB - Virtual size: 12KB

.rdata Size: 1024B - Virtual size: 47KB

.bss Size: 1024B - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 544B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 87KB - Virtual size: 87KB

.idata
Size: 13KB - Virtual size: 53KB

.edata
Size: 1KB - Virtual size: 12KB

.rdata
Size: 1024B - Virtual size: 47KB

.bss
Size: 1024B - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 544B

.reloc
Size: 1KB - Virtual size: 1KB