7bf7f284cd3d6cf718391e985682d5cbef4610daf6ece6f2b336c1db2fbf0310

Sharing

Copy URL Twitter E-mail

General

Target

7bf7f284cd3d6cf718391e985682d5cbef4610daf6ece6f2b336c1db2fbf0310
Size

825KB
MD5

cfa212e0286318627e7c30e8ae4883d3
SHA1

5c72fa873d22bf3af960b3577dede1fa1a29e72b
SHA256

7bf7f284cd3d6cf718391e985682d5cbef4610daf6ece6f2b336c1db2fbf0310
SHA512

a4776f0194cc435ef0b52893b07e0fb2853d9fc2e6be8d17e28cf91b78be883dd5f47a22966b71807e628aec9fa943cd157cf9c72a24194e4c06835f6857c623
SSDEEP

12288:TV/lYNdZbxQA5K+6b68PL3UNBOgz9EDuYH3uB4yUUOab7W8e1JYUTMYnT14siF:piNbVJ56dLiOgeDuYH3Ib7R+7tn

Score

N/A

Malware Config

Signatures

Files

7bf7f284cd3d6cf718391e985682d5cbef4610daf6ece6f2b336c1db2fbf0310
.exe windows x86

79a31068b39ba060c075224f6a1fa6aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

LsaLookupAuthenticationPackage
GetUserNameExA
AddCredentialsA
GetComputerObjectNameW
EnumerateSecurityPackagesW
AcquireCredentialsHandleA
InitSecurityInterfaceA
DeleteSecurityPackageW
LsaRegisterPolicyChangeNotification
AcceptSecurityContext
LsaConnectUntrusted
QuerySecurityPackageInfoW
TranslateNameA
AddSecurityPackageW
QueryCredentialsAttributesA
GetUserNameExW
CompleteAuthToken
CredMarshalTargetInfo
FreeContextBuffer
SecpTranslateName
FreeCredentialsHandle
MakeSignature
ExportSecurityContext
LsaFreeReturnBuffer
EnumerateSecurityPackagesA

gdi32

EnumFontFamiliesExA
AbortPath
SetPaletteEntries
PolyPolygon
GdiDrawStream
DdEntry20
PatBlt
GdiRealizationInfo
GetCurrentPositionEx
EndFormPage
ColorMatchToTarget
EngMultiByteToWideChar
SetICMProfileA
FONTOBJ_pQueryGlyphAttrs
TextOutW
EngUnicodeToMultiByteN
GdiEntry3
DeviceCapabilitiesExA
GetTextExtentExPointI
GetBitmapBits
CreateMetaFileA
ExtTextOutW

rasapi32

RasHangUpA
RasEnumDevicesA
RasSetAutodialParamW
RasFreeEapUserIdentityW
RasGetCustomAuthDataW
RasGetAutodialAddressA
RasInvokeEapUI
RasClearLinkStatistics
RasEnumConnectionsA
RasGetHport
RasSetEntryPropertiesA
DDMGetPhonebookInfo
RasDeleteSubEntryW
RasEnumConnectionsW
RasGetEapUserIdentityW
RasSetEapUserDataW
RasCreatePhonebookEntryW
RasQuerySharedAutoDial
RasQueryRedialOnLinkFailure
RasAutodialAddressToNetwork
RasGetSubEntryPropertiesA
RasSetCredentialsA

user32

SetParent
SendDlgItemMessageW
DdeConnect
TranslateMDISysAccel
PostMessageW
EmptyClipboard
GetAltTabInfoW
VkKeyScanW
SetPropA
IsDialogMessageA
SendIMEMessageExW
RemovePropW
WINNLSEnableIME
LoadCursorFromFileA
CreateWindowExW
IsDlgButtonChecked
CharNextA
RegisterClassW
UnregisterMessagePumpHook
UnpackDDElParam

kernel32

GetTickCount
EnumCalendarInfoExA
LoadLibraryW
MapUserPhysicalPages
EnumDateFormatsW
FindResourceExW
GetSystemTimeAsFileTime
GetUserDefaultLCID
OpenEventA
OutputDebugStringW
SetLastError

rasman

RasGetConnectionParams
RasInitializeNoWait
RasPortReserve
RasPortOpenEx
RasSecurityDialogReceive
RasSendNotification
RasGetCalledIdInfo
RasPortGetStatisticsEx
RasRPCBind
RasRpcDeleteEntry
RasDeviceGetInfo
RasPortOpen
RasSecurityDialogSend
RasConnectionEnum
RasPortReceive
RasPortEnum
RasPortRetrieveUserData
RasBundleClearStatisticsEx
RasGetUserCredentials
RasSetCalledIdInfo
RasFindPrerequisiteEntry
RasPortSetProtocolCompression
RasGetHConnFromEntry
RasGetDeviceConfigInfo

mscms

InstallColorProfileW
RegisterCMMA
InternalGetPS2CSAFromLCS
SetColorProfileHeader
CreateMultiProfileTransform
SetColorProfileElementSize
GenerateCopyFilePaths
IsColorProfileValid
UninstallColorProfileA
GetPS2ColorRenderingDictionary
InternalGetDeviceConfig
InternalGetPS2ColorRenderingDictionary
OpenColorProfileA
GetColorProfileHeader
UnregisterCMMA
TranslateColors

oleaut32

VarDecFromI1
VarUI8FromR4
LHashValOfNameSys
VarCyNeg
VarI1FromStr
VarCyFromBool
SafeArrayCopy
GetVarConversionLocaleSetting

Sections

.text
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79a31068b39ba060c075224f6a1fa6aa

Headers

DLL Characteristics

File Characteristics

Imports

secur32

gdi32

rasapi32

user32

kernel32

rasman

mscms

oleaut32

Sections

.text Size: 348KB - Virtual size: 348KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 199KB - Virtual size: 199KB

.reloc Size: 1024B - Virtual size: 872B

.text
Size: 348KB - Virtual size: 348KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 199KB - Virtual size: 199KB

.reloc
Size: 1024B - Virtual size: 872B