98b0c86d23a5a0800ac7b3c99b612b03dd9c5e2e0339f59250857150ebd3b5af

General

Target

98b0c86d23a5a0800ac7b3c99b612b03dd9c5e2e0339f59250857150ebd3b5af
Size

884KB
MD5

13126f274ff5444de42c243f81a6aaa0
SHA1

bc17ccb09ced543d680ae981ee4a2058fc49b974
SHA256

98b0c86d23a5a0800ac7b3c99b612b03dd9c5e2e0339f59250857150ebd3b5af
SHA512

429bbbe2f82633f5ae096176de7f45f4cb1ead63e8b74aeb11c5291be550b95e9f77933c0feb3643a450eed371f2895afa02e03ada19c58848b7126169ee4186
SSDEEP

12288:oVK1IwVFVSYyTHgqk0eApi8asDw3sukygh1zQzzBtQGqN3BtnVEzrNudJcKx:0w7VHyTKnRJQ/glq3ZeZO

Score

N/A

Malware Config

Signatures

Files

98b0c86d23a5a0800ac7b3c99b612b03dd9c5e2e0339f59250857150ebd3b5af
.exe windows x86

6ce6ab6a73639c51f8da286abbd4d85d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

LsaSetSecret
CryptAcquireContextW
AreAnyAccessesGranted
WriteEncryptedFileRaw
RegSetValueExA
RegLoadKeyW
SystemFunction029
CryptVerifySignatureA
RegNotifyChangeKeyValue
CryptGetKeyParam
InitializeAcl
LsaEnumerateAccountRights

setupapi

pSetupStringTableEnum
SetupInstallFromInfSectionW
SetupGetSourceInfoW
SetupQueueCopyIndirectW
SetupDiGetWizardPage
pSetupStringTableDestroy
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInfoListDetailA
SetupGetTargetPathW

netapi32

NetLocalGroupGetMembers
NetStatisticsGet
NetUserAdd
NetServiceEnum
NetUseDel
NetGroupAdd
NetWkstaUserEnum
NetConnectionEnum
NetLocalGroupAddMembers
NetShareGetInfo

kernel32

ReleaseSemaphore
SetProcessPriorityBoost
VirtualAlloc
RtlZeroMemory
SuspendThread
CreateProcessA
LoadResource
DeleteFiber
SetEvent
OpenEventA
SetConsoleTextAttribute
Sleep
EnumSystemLanguageGroupsA
HeapWalk
GetSystemDirectoryA
GetFileInformationByHandle
GetFileType
GetCommState

shell32

SHBrowseForFolderW
SHFormatDrive
SHChangeNotify
SHGetPathFromIDListW
CommandLineToArgvW
ShellExecuteA
SHBindToParent
SheChangeDirExW
SHGetFolderLocation
ShellExecuteW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Sgzf
Size: 737KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ce6ab6a73639c51f8da286abbd4d85d

Headers

File Characteristics

Imports

advapi32

setupapi

netapi32

kernel32

shell32

Sections

.text Size: 25KB - Virtual size: 24KB

.Sgzf Size: 737KB - Virtual size: 1.2MB

.rsrc Size: 121KB - Virtual size: 120KB

.reloc Size: 512B - Virtual size: 206B

.text
Size: 25KB - Virtual size: 24KB

.Sgzf
Size: 737KB - Virtual size: 1.2MB

.rsrc
Size: 121KB - Virtual size: 120KB

.reloc
Size: 512B - Virtual size: 206B