203ae898af14f50b3a34fdb30537c0d224d088db82cfe71c119c604396dce267

Sharing

Copy URL

Twitter E-mail

General

Target

203ae898af14f50b3a34fdb30537c0d224d088db82cfe71c119c604396dce267
Size

707KB
MD5

89f25b313a6d9e6771d599c40efae0db
SHA1

e93636ff48a660cb340666bcef24df5070275cdf
SHA256

203ae898af14f50b3a34fdb30537c0d224d088db82cfe71c119c604396dce267
SHA512

ee89d81ad9b40445ad1f6db40c4f4f3e1131666095958596cced4f50112395b4132fdf0d0087a3378f267d7c221868ac4667ffa9c426eaaf354ddc59952687d3
SSDEEP

12288:IuAnZ+A44YAyuO86X+6sxJL/ZdMMfP/0JRb6etnTtKg:ItA14GuOax5/cMH/+b6OBKg

Score

N/A

Malware Config

Signatures

Files

203ae898af14f50b3a34fdb30537c0d224d088db82cfe71c119c604396dce267
.exe windows x86

922ddb215f20b8f47aa8d0d14384032b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msacm32

acmStreamUnprepareHeader
acmFormatChooseW
acmDriverEnum
acmStreamPrepareHeader
acmStreamOpen
acmDriverClose
acmStreamConvert
acmGetVersion
acmMetrics
acmStreamSize
acmFormatTagDetailsW
acmStreamClose
acmFormatDetailsW
acmFormatSuggest
acmDriverOpen

netapi32

NetShareDelSticky
NetGroupDelUser
NetShareEnum
NetServiceInstall
NetJoinDomain
NetServerGetInfo
DsValidateSubnetNameA
NetUserModalsSet
NetServiceEnum
NetWkstaTransportEnum
NetGetJoinInformation
NetMessageBufferSend
NetUseDel
DsGetDcNameW
NetServerDiskEnum
NetUserEnum
NetUserModalsGet
NetConnectionEnum
NetWkstaUserGetInfo
NetQueryDisplayInformation
NetLocalGroupEnum
NetLocalGroupGetInfo
NetServerEnum
NetUserGetLocalGroups
DsGetSiteNameW
NetUserDel
NetApiBufferFree
NetUnjoinDomain

rasapi32

RasGetEapUserDataW
RasGetSubEntryPropertiesW
RasGetConnectStatusW
RasGetProjectionInfoW
RasSetEntryPropertiesW
RasEnumEntriesW
RasGetEapUserIdentityW
RasSetSubEntryPropertiesW
RasDeleteEntryW
RasDialW
RasEnumConnectionsW
RasSetCredentialsW
RasConnectionNotificationW
RasHangUpW
RasValidateEntryNameW
RasSetEapUserDataA
RasGetCustomAuthDataW
RasGetCredentialsW
RasEnumConnectionsA
RasGetErrorStringW

msvcrt

log10
_strdup
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
ldexp
_snprintf
_read
_chdrive
toupper
__argc
strncat
tmpnam
isupper
_fcvt
_cexit
?what@exception@@UBEPBDXZ
__RTDynamicCast
_close
_hypot
islower
??0exception@@QAE@ABQBD@Z
_open
system

advapi32

SetTokenInformation
AllocateAndInitializeSid
RegCreateKeyExW
RegOpenKeyA
CryptAcquireContextA
RevertToSelf
PrivilegeCheck
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetTokenInformation
ObjectCloseAuditAlarmA
RegSaveKeyA
CryptGenRandom
LsaDelete
CryptSignHashW
RegQueryValueExA
StartServiceCtrlDispatcherA
RegisterEventSourceW
SystemFunction016
RegSaveKeyW
FileEncryptionStatusW
SystemFunction012
QueryUsersOnEncryptedFile
CryptDeriveKey
OpenEventLogA
TraceEvent

kernel32

CreateSemaphoreW
ReadFileEx
QueryDosDeviceA
lstrcpynW
GetLongPathNameW
WriteProfileSectionA
GetTapeParameters
EndUpdateResourceA
OpenSemaphoreW
GetProcessIoCounters
HeapLock
GetAtomNameA
Module32First
GetPrivateProfileIntW
SetConsoleActiveScreenBuffer
LoadLibraryA
BuildCommDCBA
DebugBreak
ExpandEnvironmentStringsW
GetCurrentThreadId
CallNamedPipeA
CreateFileMappingW
VirtualAlloc
MoveFileWithProgressA
GetEnvironmentStrings
GetCurrencyFormatW
VirtualQueryEx
GetSystemDirectoryW
TzSpecificLocalTimeToSystemTime
DeviceIoControl
WriteConsoleInputA

user32

OemToCharBuffA
MapWindowPoints
LoadImageW
DrawTextW
IsClipboardFormatAvailable
FrameRect
PaintDesktop
GetClassLongA
IsWindowUnicode
SetShellWindowEx
KillTimer
GetWindowContextHelpId
OemKeyScan
SendMessageA
ChangeClipboardChain
GetWindowPlacement
RegisterLogonProcess
CharToOemBuffA
GetAsyncKeyState
GetSysColor
GetAppCompatFlags
CreateWindowExA
GetClipboardData
LoadStringW
UpdatePerUserSystemParameters
DlgDirListA
DestroyWindow
CreatePopupMenu
LoadMenuIndirectA
CreateDialogIndirectParamA
GetClipboardOwner
LoadStringA

shell32

SHBrowseForFolderA
SHAppBarMessage
SHAddToRecentDocs
SHGetFolderPathW
DragFinish
DuplicateIcon
SHGetSpecialFolderPathA
SHFileOperationA
SHGetPathFromIDListW
SHUpdateRecycleBinIcon
SHGetIconOverlayIndexW
SHGetFileInfoA
SheChangeDirExW
FindExecutableA
ExtractIconExA
SHGetPathFromIDListA
SHGetDesktopFolder
SHChangeNotifySuspendResume
ShellExecuteA
ExtractAssociatedIconA
SHGetSpecialFolderPathW
SHChangeNotify
ShellAboutW

Sections

.text
Size: 18KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 542KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

922ddb215f20b8f47aa8d0d14384032b

Headers

DLL Characteristics

File Characteristics

Imports

msacm32

netapi32

rasapi32

msvcrt

advapi32

kernel32

user32

shell32

Sections

.text Size: 18KB - Virtual size: 337KB

CRT Size: 542KB - Virtual size: 861KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 1024B - Virtual size: 138B

.text
Size: 18KB - Virtual size: 337KB

CRT
Size: 542KB - Virtual size: 861KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 1024B - Virtual size: 138B