847e856de90acd987a0be23cfae56ff110bb474787a2d81e39480cc30fd791ce

Sharing

Copy URL Twitter E-mail

General

Target

847e856de90acd987a0be23cfae56ff110bb474787a2d81e39480cc30fd791ce
Size

752KB
MD5

01e66bc4edc04512c7f21864de456ed0
SHA1

a85c213f545e40dce1e2e0a8242e71e5ccaae49a
SHA256

847e856de90acd987a0be23cfae56ff110bb474787a2d81e39480cc30fd791ce
SHA512

60f1ff3969147736177de9233302baed1ce6088ce0fa311ea4ea4a7cc04baa24926d1122bc2b79c151b2a754f4f0e40466b58cd3d53191b3b17cf7cd8142a613
SSDEEP

12288:nw0BawKnH6aN7BUpQwoHWtSK4M2bygAwcSqhJO1s6o5O:w976qAQLA2urLJQs6o5

Score

N/A

Malware Config

Signatures

Files

847e856de90acd987a0be23cfae56ff110bb474787a2d81e39480cc30fd791ce
.exe windows x86

80f209f9df257aff1b850c247595cbbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupInstallFromInfSectionW
SetupDiGetClassInstallParamsW
SetupDiGetClassDevsA
CM_Get_Device_ID_ExW
SetupOpenFileQueue
SetupDiSetDeviceRegistryPropertyW
SetupDiBuildClassInfoList
CM_Get_Res_Des_Data_Size_Ex
SetupGetStringFieldW
SetupDiCreateDeviceInfoA
SetupDiGetDriverInstallParamsW
CM_Get_Device_IDW
SetupDiGetClassImageIndex
CM_Enumerate_Classes
SetupDiCreateDeviceInfoW
SetupInstallServicesFromInfSectionW

netapi32

NetStatisticsGet
NetUserModalsSet
NetLocalGroupDelMembers
NetServerSetInfo
NetUserAdd
Netbios
NetServerGetInfo
NetUserModalsGet
NetUserEnum
NetUserDel
NetShareGetInfo
NetWkstaUserGetInfo
NetWkstaGetInfo
DsGetDcNameWithAccountW
NetFileEnum
NetRenameMachineInDomain
NetShareAdd
NetLocalGroupAddMember
NetUseGetInfo
NetShareEnum
NetUnregisterDomainNameChangeNotification

kernel32

CreateEventW
GetStringTypeExA
GetUserDefaultLangID
GetTempPathA
GetTempFileNameW
GetTimeZoneInformation
FileTimeToLocalFileTime
CreateSemaphoreW
GetBinaryType
MoveFileExA
HeapQueryInformation
CommConfigDialogW
VirtualAlloc
SetErrorMode

advapi32

RegQueryValueA
LsaSetSecret
AreAllAccessesGranted
RegQueryMultipleValuesA
LookupAccountNameW
SetNamedSecurityInfoW
GetSidSubAuthorityCount
OpenSCManagerW
SystemFunction036
CryptGetDefaultProviderW
StartServiceA
QueryServiceLockStatusA
LsaEnumerateAccountRights
LsaFreeMemory
RegEnumValueW
OpenProcessToken

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ZNVk
Size: 204KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UrUd
Size: 138KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fC
Size: 276KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 46B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80f209f9df257aff1b850c247595cbbf

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

netapi32

kernel32

advapi32

Sections

.text Size: 58KB - Virtual size: 57KB

.ZNVk Size: 204KB - Virtual size: 377KB

.UrUd Size: 138KB - Virtual size: 263KB

.fC Size: 276KB - Virtual size: 362KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 512B - Virtual size: 46B

.text
Size: 58KB - Virtual size: 57KB

.ZNVk
Size: 204KB - Virtual size: 377KB

.UrUd
Size: 138KB - Virtual size: 263KB

.fC
Size: 276KB - Virtual size: 362KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 512B - Virtual size: 46B