61ff7e0f413af473a04c4c9ad433514a94e2f11699cead25b38d4fcd1e263929

Sharing

Copy URL Twitter E-mail

General

Target

61ff7e0f413af473a04c4c9ad433514a94e2f11699cead25b38d4fcd1e263929
Size

833KB
MD5

ece78a1c5cc2003d836a4cf0c18d723d
SHA1

d0cb5a91eca6f2a5e8e9e9e907a71ce9ebda704d
SHA256

61ff7e0f413af473a04c4c9ad433514a94e2f11699cead25b38d4fcd1e263929
SHA512

a47834d536135667490f5ab5b843daf77988ceed2cb4b2ec87256a5ef297cf6e94bf00244b934198d8878ee77cfff022687bb7d2c20c37541315c386745057c9
SSDEEP

24576:XFOLXD0G4L6wbi3rki/qraEzt4DCBEQydTacK:eD05ggiqrPuCrWOh

Score

N/A

Malware Config

Signatures

Files

61ff7e0f413af473a04c4c9ad433514a94e2f11699cead25b38d4fcd1e263929
.exe windows x86

c9aa6f14e0a50e4319629109724a3252

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

samlib

SamQuerySecurityObject
SamDeleteAlias
SamChangePasswordUser
SamCreateUserInDomain
SamCreateAliasInDomain
SamQueryInformationDomain
SamEnumerateAliasesInDomain
SamGetCompatibilityMode
SamSetInformationUser
SamGetGroupsForUser
SamiSetBootKeyInformation
SamCreateUser2InDomain
SamChangePasswordUser3
SamAddMemberToGroup
SamSetInformationDomain
SamFreeMemory
SamiLmChangePasswordUser
SamAddMultipleMembersToAlias
SamLookupNamesInDomain
SamRidToSid
SamGetMembersInGroup
SamEnumerateUsersInDomain
SamEnumerateGroupsInDomain
SamSetSecurityObject
SamSetInformationAlias
SamGetAliasMembership
SamOpenAlias

inetcomm

MimeOleGetFileInfoW
HrAttachDataFromBodyPart
HrGetLastOpenFileDirectory
DllCanUnloadNow
MimeOleSMimeCapAddCert
MimeOleCreateMessage
MimeOleSMimeCapAddSMimeCap
MimeOleGetPropW
MimeOleSMimeCapGetEncAlg
EssReceiptRequestDecodeEx
MimeOleCreateMessageParts
MimeEditViewSource
MimeOleCreateVirtualStream
MimeOleParseRfc822AddressW
MimeOleEncodeHeader
HrDoAttachmentVerb
MimeOleSMimeCapsToDlg
MimeOleSMimeCapGetHashAlg
MimeOleGetPropA
MimeOleGetExtContentType
MimeOleGetBodyPropA
MimeOleParseMhtmlUrl
MimeOleInetDateToFileTime
EssSecurityLabelDecodeEx
MimeOleDecodeHeader
EssKeyExchPreferenceDecodeEx
MimeOleStripHeaders

kernel32

GetModuleHandleW
SetVolumeLabelW
ReplaceFile
FoldStringA
GetPrivateProfileIntA
GlobalLock
LoadLibraryW
GetProcessIoCounters
AddConsoleAliasA
QueryPerformanceCounter
WriteProfileStringW
GetLocaleInfoW
SetThreadLocale
EnumTimeFormatsA
GetCurrentThread
OpenConsoleW

ws2_32

htons
getservbyname
closesocket
recv
WSAStringToAddressA
WSAHtonl
gethostbyaddr
WSALookupServiceNextA
WSAEnumNameSpaceProvidersW
WSALookupServiceNextW
WSAStartup
getprotobynumber
WSARecvDisconnect
WSCUnInstallNameSpace
WSANtohs
inet_ntoa

netapi32

NetServiceInstall
NetLocalGroupDelMember
DsGetDcNextA
NetRenameMachineInDomain
I_BrowserDebugCall
NetLocalGroupDel
NetpCopyFtinfoContext
NetpwNameCompare
NetpGetConfigBool
DsRoleDnsNameToFlatName
I_NetLogonSendToSam
NetShareEnum
DsRoleDcAsReplica
NetGroupDel
I_NetLogonSamLogon
DsGetSiteNameA
I_NetDatabaseSync2
NetDfsManagerGetConfigInfo
I_NetAccountSync
NetSetPrimaryComputerName
NetSessionDel
NetLocalGroupEnum
NetpMergeFtinfo
I_BrowserQueryStatistics
NetAuditRead

sensapi

IsDestinationReachableA
IsNetworkAlive
IsDestinationReachableW

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9aa6f14e0a50e4319629109724a3252

Headers

DLL Characteristics

File Characteristics

Imports

samlib

inetcomm

kernel32

ws2_32

netapi32

sensapi

Sections

.text Size: 418KB - Virtual size: 417KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 197KB - Virtual size: 1.5MB

.rsrc Size: 78KB - Virtual size: 78KB

.reloc Size: 1024B - Virtual size: 852B

.text
Size: 418KB - Virtual size: 417KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 197KB - Virtual size: 1.5MB

.rsrc
Size: 78KB - Virtual size: 78KB

.reloc
Size: 1024B - Virtual size: 852B