92e8b36d4ac26462f271c48afc7b28f8497c945158134577837a3b2bed40a917

Sharing

Copy URL

Twitter E-mail

General

Target

92e8b36d4ac26462f271c48afc7b28f8497c945158134577837a3b2bed40a917
Size

97KB
MD5

527bad1954ae62b4b4710a219c46eeca
SHA1

d49a846e8317138882abd99fdc1f74be8b0f632b
SHA256

92e8b36d4ac26462f271c48afc7b28f8497c945158134577837a3b2bed40a917
SHA512

d252570a7479d8e1277b1206f6e6f272e81bfe0883d9b079325f98c04bb08a873983fc72f7c078cafb14689fce9dbdd8504444b8ee9ebc2d3f73f600e45da660
SSDEEP

1536:J7l6A7EnK0qNyxQcYTtCfaauBwKEQUO7NenhtaI84R189REcdQxiSE30cb2if:d67QN4fadv7NehtbNb+SxaTf

Score

N/A

Malware Config

Signatures

Files

92e8b36d4ac26462f271c48afc7b28f8497c945158134577837a3b2bed40a917
.dll windows x86

0593d6a66882683397dab154cf235146

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

clusapi

OnlineClusterGroup
OfflineClusterGroup
CreateClusterResourceType
ClusterRegOpenKey
ClusterRegSetValue
GetClusterNodeState
RegisterClusterNotify
CloseClusterNode
ClusterRegDeleteKey
ClusterResourceTypeControl
AddClusterResourceNode
ClusterRegEnumValue
ClusterResourceGetEnumCount
CloseClusterNotifyPort
ClusterGroupControl
GetClusterGroupState
OnlineClusterResource
EvictClusterNodeEx
GetClusterInformation
GetClusterResourceTypeKey
CloseCluster
ClusterRegQueryInfoKey
ClusterRegGetKeySecurity
AddClusterResourceDependency
GetClusterNetworkState
GetClusterFromGroup
GetClusterNodeKey
ClusterRegSetKeySecurity
ChangeClusterResourceGroup
CreateClusterResource
ClusterNetworkEnum
ClusterNodeCloseEnum
SetClusterGroupNodeList
ClusterResourceCloseEnum
GetClusterFromResource
SetClusterNetworkName
ClusterCloseEnum
ClusterGroupOpenEnum
CloseClusterNetInterface
FailClusterResource

sqlunirl

_ShellAbout_@16
_IsCharAlphaNumeric_@4
_GetTimeFormat_@24
_GetFileAttributesEx_@12
_GetTempPath_@8
_FreeEnvironmentStrings@4
_OpenEvent_@12
_GetVolumeInformation_@32
_MoveFile@8
_GetTextMetrics@8
_GetMenuItemInfo_@16
_BackupEventLog_@8
_DrawState_@40
_StartServiceCtrlDispatcher_@4
AllocConvertMultiSZNameToA
_SystemParametersInfo_@16
_QueryServiceConfig_@16
_AddAtom_@4
_WritePrivateProfileString_@16
_GetWindowTextLength@4
newWideCharFromMultiByte
_RegQueryMultipleValues_@20
_WritePrivateProfileSection_@12
_RemoveFontResource_@4
_SetEnvironmentVariable_@8
_InsertMenuItem_@16
_GetDateFormat_@24
_CreateMDIWindow_@40
_CreateScalableFontResource_@16
_FatalAppExit_@8
_DragQueryFile_@16
_MapVirtualKey_@8
_DeleteFile@4
_GetWindowLong@8
_CharLowerBuff_@8
_GetProp@8
_OutputDebugString_@4
_GetTextExtentPoint32@16
AllocConvertMultiSZNameToAEx
_CopyAcceleratorTable_@12

advapi32

OpenServiceW
QueryServiceConfig2A
StopTraceA
ElfNumberOfRecords
WmiReceiveNotificationsW
CredWriteDomainCredentialsA
GetMultipleTrusteeOperationA
GetExplicitEntriesFromAclW
ConvertStringSDToSDRootDomainW
RegisterTraceGuidsA
GetSecurityDescriptorDacl
SetTraceCallback
RegOpenKeyExW
AddAccessAllowedObjectAce
CredReadDomainCredentialsW
SetServiceStatus
CredUnmarshalCredentialW
QueryServiceStatusEx
TraceEventInstance
FreeEncryptionCertificateHashList
I_ScGetCurrentGroupStateW
QueryServiceConfigW
LsaOpenAccount
AccessCheck
GetSidSubAuthority
GetCurrentHwProfileA
BuildImpersonateTrusteeW
LsaSetInformationPolicy

kernel32

GetBinaryType
InvalidateConsoleDIBits
GetModuleFileNameW
GetDriveTypeA
CopyFileExW
WriteConsoleOutputCharacterA
ProcessIdToSessionId
ZombifyActCtx
QueryDosDeviceA
GetConsoleAliasA
GetFullPathNameA
CloseProfileUserMapping
FindFirstVolumeMountPointA
SignalObjectAndWait
GlobalAlloc
WaitNamedPipeW
RegisterWaitForSingleObjectEx
HeapFree
LocalAlloc
SetConsoleMaximumWindowSize
LZCloseFile
OpenJobObjectA
WriteFile
VirtualAlloc
IsBadWritePtr
BeginUpdateResourceW
ReadConsoleInputExW
WriteConsoleInputA
CreateDirectoryExA
InterlockedDecrement
GetConsoleCommandHistoryW
VerLanguageNameW
GetFullPathNameW
LoadLibraryA
GetUserDefaultLCID
GetModuleHandleA
GetTimeFormatW
DeleteVolumeMountPointW
WriteConsoleInputVDMA
SetCommState
GetCurrentThread
DebugBreak
MultiByteToWideChar

opengl32

glTexParameteriv
glGetPixelMapusv
wglMakeCurrent
glGetPixelMapfv
glVertex3i
glMatrixMode
glGetMapdv
glMaterialfv
glVertex4i
glLoadIdentity
wglCopyContext
glGetMapiv
glColor3sv
glCopyTexImage1D
glTexCoord2dv
glRectfv
glNormal3b
glRasterPos4s
glTexCoord1iv
glRasterPos3dv
glTexCoord3sv
glPushAttrib
glVertex3iv
glGetTexEnviv
wglCreateLayerContext
glIndexdv
glGetMaterialiv
glLightf
glColor3b
glGetTexGenfv
glGetClipPlane
glTexCoord4fv
wglUseFontBitmapsA
glPixelStorei
glPushClientAttrib
glColor4d
glAreTexturesResident
glTexCoord1f
glColor3bv
glVertex3fv
wglSetLayerPaletteEntries
glRecti

crypt32

CertVerifyCTLUsage
CryptImportPKCS8
CryptImportPublicKeyInfo
CertGetPublicKeyLength
CreateFileU
CryptUnregisterDefaultOIDFunction
CryptProtectData
CryptVerifyCertificateSignatureEx
CertUnregisterSystemStore
CertOpenSystemStoreW
CryptBinaryToStringA
CryptStringToBinaryA
CertDeleteCTLFromStore
CryptAcquireContextU
CryptFindOIDInfo
CertCreateCTLContext
CryptSignMessageWithKey
RegDeleteValueU
CryptVerifySignatureU
CertEnumCTLsInStore
CryptExportPKCS8
I_CryptAddSmartCardCertToStore
I_CryptFindSmartCardCertInStore
CertCreateCTLEntryFromCertificateContextProperties
CertEnumCertificatesInStore
CryptEnumProvidersU

Exports

Exports

InstallU
PluginCommand
PluginMain
PluginName
PluginType
PluginVersion
WSPStartup

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0593d6a66882683397dab154cf235146

Headers

File Characteristics

Imports

clusapi

sqlunirl

advapi32

kernel32

opengl32

crypt32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 35KB - Virtual size: 107KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 35KB - Virtual size: 107KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 904B