a27f9fabb766f9949e39e3aeac5e0c392d41ea100f3165767ac25e6f3362a7b1

Sharing

Copy URL Twitter E-mail

General

Target

a27f9fabb766f9949e39e3aeac5e0c392d41ea100f3165767ac25e6f3362a7b1
Size

948KB
MD5

2109f29d8b1f3276f171d912e520eb8a
SHA1

b9c42b4f059e9fe7eed72532341ed492ed5600be
SHA256

a27f9fabb766f9949e39e3aeac5e0c392d41ea100f3165767ac25e6f3362a7b1
SHA512

4669b7765736ccf433446433555040fd3758c71ac71db2bca778e4a816f2d69af8f00426b50004002eaee6449179b0fbdc780fc494faf3b9a7ac2cb9e3ab90a3
SSDEEP

24576:mxUjxEGt9CgYmmuXGcbizPXM+2Fvr6fBUr:2WCqmk+LMXSBU

Score

N/A

Malware Config

Signatures

Files

a27f9fabb766f9949e39e3aeac5e0c392d41ea100f3165767ac25e6f3362a7b1
.exe windows x86

328bfbc4ed6a1dc5678dcca7221343c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fputws
iswxdigit
toupper
_mbsnbcmp
_finite
isupper
wcspbrk
tmpnam
acos
_c_exit
ldiv
fflush
isxdigit
_fpclass
_getpid
??2@YAPAXI@Z
_eof

user32

LoadStringW
CallWindowProcA
OemToCharBuffA
MapWindowPoints
DefFrameProcW
DestroyAcceleratorTable
KillTimer
SendMessageW
DrawStateA
CountClipboardFormats
LoadMenuW
ExcludeUpdateRgn

iphlpapi

CreateProxyArpEntry
InternalGetIpAddrTable
DeleteIpForwardEntry
InternalCreateIpNetEntry
GetPerAdapterInfo
InternalGetUdpTable
InternalGetIfTable
GetNetworkParams

kernel32

SetVolumeLabelA
GetThreadSelectorEntry
QueryInformationJobObject
HeapReAlloc
CreateConsoleScreenBuffer
GetPrivateProfileSectionW
GetDefaultCommConfigW
LCMapStringA
GetConsoleMode
ResumeThread
GetVersionExA
VirtualAlloc
EnumDateFormatsExW

netapi32

NetShareEnum
NetUnjoinDomain
NetUserModalsGet
NetConnectionEnum
DsRoleFreeMemory
NetGroupAdd
Netbios
NetGetAnyDCName
NetGroupDel
NetGroupGetUsers
NetQueryDisplayInformation
NetUseGetInfo
NetUseAdd
NetShareCheck
NetUserSetInfo
NetShareAdd
NetGroupSetInfo

advapi32

RegCloseKey
RegSetKeySecurity
InitializeSecurityDescriptor
GetKernelObjectSecurity
CloseEventLog
RegOpenCurrentUser
CryptSignHashA
AddAce
ImpersonateSelf
CryptEnumProvidersW
ReadEventLogA
GetEventLogInformation
QueryServiceConfigW
CryptSetProvParam
ReadEventLogW
RegSetValueA
LsaICLookupSids
AbortSystemShutdownW
AddAccessAllowedAce

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 151KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 335KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 107KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

328bfbc4ed6a1dc5678dcca7221343c6

Headers

File Characteristics

Imports

msvcrt

user32

iphlpapi

kernel32

netapi32

advapi32

Sections

.text Size: 90KB - Virtual size: 89KB

.idata Size: 151KB - Virtual size: 307KB

.edata Size: 335KB - Virtual size: 377KB

.rdata Size: 141KB - Virtual size: 323KB

.bss Size: 107KB - Virtual size: 149KB

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.idata
Size: 151KB - Virtual size: 307KB

.edata
Size: 335KB - Virtual size: 377KB

.rdata
Size: 141KB - Virtual size: 323KB

.bss
Size: 107KB - Virtual size: 149KB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 1KB - Virtual size: 1KB