01e51e515e40bf69373b3854895d8862ee0e5c109059285a3f37ec950aa811c3

Sharing

Copy URL Twitter E-mail

General

Target

01e51e515e40bf69373b3854895d8862ee0e5c109059285a3f37ec950aa811c3
Size

701KB
MD5

ba3cd161d0cc2cb42f390649694c8cce
SHA1

46106c819f6039767d1e3cb4d0b7d3cd53730a62
SHA256

01e51e515e40bf69373b3854895d8862ee0e5c109059285a3f37ec950aa811c3
SHA512

25a552e7279e5c2434b35ee6adb7e61d0c57f5c2a8d2c51056c38fc95bba173a9c10389d6e765b6453660238ab1c2a30d9d346ad8a023271a6442c3e6faafe71
SSDEEP

12288:0A0bpl5D6IC7wGfUGndzswzr+nJK1HdCnMR5eehE7OGIYDjTGM:0A0bX5IJUIVzbxonM3eeLXIj6M

Score

N/A

Malware Config

Signatures

Files

01e51e515e40bf69373b3854895d8862ee0e5c109059285a3f37ec950aa811c3
.exe windows x86

f2f4eb4b615a74c7918a78cbdfca12e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

WaitForInputIdle
SetWindowTextA
CharLowerBuffW
ClientToScreen
KillTimer
ShowScrollBar
GetClipCursor
GetLastInputInfo
ChangeClipboardChain
IsWindowVisible
CharLowerBuffA
ShowCursor
DefFrameProcW
SetKeyboardState
PostMessageW
GetSystemMenu
ReasonCodeNeedsComment
SetForegroundWindow
GetDesktopWindow
EnumDisplaySettingsExA
CharLowerA
GetClassInfoExW
SendMessageA
CharToOemW
InsertMenuA
GetAncestor
SetCaretBlinkTime
SetWindowsHookExA
DdeInitializeA
DrawTextW
InitializeLpkHooks
SwitchToThisWindow
CharNextA
GetCursorInfo
GetFocus
LoadMenuA
BeginPaint
SetScrollPos
EnumThreadWindows
GetNextDlgTabItem
RemovePropA
GetMenuInfo
ArrangeIconicWindows
EndTask
SetProcessWindowStation
MessageBoxTimeoutW
WinHelpW
GetMessageA
ScrollWindowEx
LoadLocalFonts
SendDlgItemMessageW
GetDlgItemTextW
CloseClipboard
GetWindowDC
GetWindow
GetMenuDefaultItem

netapi32

NetLocalGroupEnum
NetGroupGetInfo
NetShareEnum
NetpwPathType
NetRemoteTOD
DsRoleGetPrimaryDomainInformation
NetRenameMachineInDomain
NetDfsSetClientInfo
NetSessionEnum
NetFileEnum
NetGetJoinInformation
NetUserChangePassword
NetWkstaUserGetInfo
NetUserAdd
NetUserSetInfo
NetGetAnyDCName
NetRegisterDomainNameChangeNotification
DsEnumerateDomainTrustsW
NetShareDelSticky
I_NetServerReqChallenge
NetShareDel
NetServiceEnum
NetUserModalsGet
NetFileGetInfo
NetWkstaTransportEnum

kernel32

SetProcessWorkingSetSize
HeapReAlloc
SetMailslotInfo
SearchPathW
ExpandEnvironmentStringsW
HeapCreate
lstrcpynW
GetDriveTypeW
QueryDosDeviceA
IsSystemResumeAutomatic
ContinueDebugEvent
SetTermsrvAppInstallMode
GetStringTypeW
LCMapStringA
GetUserDefaultLCID
VirtualAlloc
FindVolumeClose
MoveFileWithProgressW
GetEnvironmentVariableW
SetConsoleTitleW
BuildCommDCBA
HeapUnlock
GetCommTimeouts

gdi32

GdiStartDocEMF
ResetDCW
GetBitmapDimensionEx
CLIPOBJ_ppoGetPath
GetTextExtentPointW
Polyline
EndPath
SetTextJustification
GetViewportOrgEx
SetPaletteEntries
GetStockObject
CreateDCW
EngStretchBlt
CreateFontIndirectA
InvertRgn
GetDeviceGammaRamp

rasapi32

RasGetEapUserIdentityW
RasEnumConnectionsA
RasSetEntryPropertiesW
RasEnumDevicesW
RasGetConnectStatusW
RasDialW
RasSetCredentialsW
RasConnectionNotificationW
RasDeleteEntryW
RasSetCustomAuthDataW
RasHangUpW
RasGetErrorStringW
RasValidateEntryNameW
RasGetCustomAuthDataW
RasEnumEntriesW
RasGetProjectionInfoW
RasGetEapUserDataW
RasSetAutodialAddressW
RasGetEntryDialParamsW
RasFreeEapUserIdentityW
RasGetAutodialAddressW
RasGetEntryHrasconnW
RasGetHport
RasGetSubEntryPropertiesW

msvcrt

isupper
wcstombs
_wtempnam
_swab
getchar
_lseeki64
memcmp
toupper
_mbctolower
mktime
scanf
_CxxThrowException
fflush
??0exception@@QAE@XZ
iswalnum
iswgraph
_expand
strcat
??0exception@@QAE@ABV0@@Z
fgetc
iswprint
exp
_mbscmp
iswctype
_control87
memchr
wcslen
fwrite
isxdigit

dnsapi

DnsQueryConfig
DnsDhcpSrvRegisterInit
DnsReplaceRecordSetUTF8
DnsValidateName_UTF8
DnsRecordListFree
DnsQuery_W
DnsQuery_UTF8
DnsNameCompareEx_W
DnsValidateName_W
DnsStatusString
DnsNameCompare_W
DnsNotifyResolver
DnsModifyRecordsInSet_UTF8
DnsDhcpSrvRegisterTerm

Sections

.text
Size: 18KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 537KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2f4eb4b615a74c7918a78cbdfca12e2

Headers

DLL Characteristics

File Characteristics

Imports

user32

netapi32

kernel32

gdi32

rasapi32

msvcrt

dnsapi

Sections

.text Size: 18KB - Virtual size: 347KB

CRT Size: 537KB - Virtual size: 866KB

.rsrc Size: 145KB - Virtual size: 144KB

.reloc Size: 512B - Virtual size: 128B

.text
Size: 18KB - Virtual size: 347KB

CRT
Size: 537KB - Virtual size: 866KB

.rsrc
Size: 145KB - Virtual size: 144KB

.reloc
Size: 512B - Virtual size: 128B