6f2e8cca335b8d2e9412659c1130eb442dcd602ac322c77735271bbadd7add85

Sharing

Copy URL Twitter E-mail

General

Target

6f2e8cca335b8d2e9412659c1130eb442dcd602ac322c77735271bbadd7add85
Size

827KB
MD5

08a299672172d2feaef45de7664852e6
SHA1

b32bba998c5377247c766511571e953f6ba49ea2
SHA256

6f2e8cca335b8d2e9412659c1130eb442dcd602ac322c77735271bbadd7add85
SHA512

880c54fd3ae2e0f7e2439ada8c57d894b54f58d1d97ac39829ecc148a71fb941115629daa8037b50b694953fe7ab4f603438b99ce4709fc55b64793a3893cfa9
SSDEEP

24576:HWefFaZDfMnYYFQQeFX9g+GbwWOSBhHZ5z:HlFaZ7EHQvg+GyQHZ5z

Score

N/A

Malware Config

Signatures

Files

6f2e8cca335b8d2e9412659c1130eb442dcd602ac322c77735271bbadd7add85
.exe windows x86

ef3999c09aa52116008e45632beff8ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
OpenWaitableTimerW
ClearCommError
GetComputerNameA
TzSpecificLocalTimeToSystemTime
MoveFileExA
ReplaceFile
GetConsoleTitleW
DebugSetProcessKillOnExit
FreeEnvironmentStringsA
GetFileInformationByHandle
GetVolumeNameForVolumeMountPointW
DeleteTimerQueueTimer
PeekConsoleInputW
GetProcessTimes
TerminateThread
GetConsoleProcessList
LockResource
GetComputerNameExW
CreateWaitableTimerA
EnumResourceNamesW
EnumSystemLocalesA
MultiByteToWideChar
GetProcessAffinityMask
FindActCtxSectionStringA
ResetEvent
LoadLibraryW
LocalLock
DeviceIoControl
DebugActiveProcessStop
GetExitCodeProcess
LCMapStringA
CreateFileA
GetSystemDefaultLCID
SetConsoleNumberOfCommandsA
SetConsoleCtrlHandler
GetNumberOfConsoleInputEvents
GetTickCount
GetTimeZoneInformation
HeapLock
_llseek
lstrcmpiW
GetComputerNameW
GlobalAlloc
GetNumberOfConsoleFonts
SetConsoleInputExeNameW
IsBadHugeWritePtr
SetLastError
GetStringTypeW
BuildCommDCBAndTimeoutsW
GlobalGetAtomNameA
GlobalMemoryStatus
EraseTape
GetCommandLineW
OutputDebugStringA

scecli

SceConfigureSystem
SceConfigureConvertedFileSecurity
SceGetTimeStamp
SceGetDatabaseSetting
SceGetObjectSecurity
DllUnregisterServer
SceDcPromoteSecurityEx
SceCopyBaseProfile
SceSetupGenerateTemplate
SceSetupUpdateSecurityFile
SceSvcSetInfo
SceWriteSecurityProfileInfo
SceRollbackTransaction
SceIsSystemDatabase
SceAnalyzeSystem
SceSetupUpdateSecurityService
SceCreateDirectory
SceAddToNameList
SceOpenPolicy
SceDcPromoCreateGPOsInSysvol
SceFreeProfileMemory
SceAddToNameStatusList
SceSvcFree
SceEnumerateServices
SceGetDbTime
SceGetSecurityProfileInfo
SceGenerateRollback
SceOpenProfile

shlwapi

PathUnquoteSpacesW
UrlCreateFromPathA
PathMakePrettyW
PathCommonPrefixA
ColorHLSToRGB
PathUnquoteSpacesA
UrlUnescapeA
PathCanonicalizeA
PathRemoveBackslashA
UrlGetPartW
PathGetCharTypeA
SHReleaseThreadRef
StrToIntExA

sqlunirl

_CreateDesktop_@24
_CallMsgFilter_@8
_GetProfileInt_@12
_ExtractIcon_@12
_FindAtom_@4
_PrintDlg_@4
_LogonUser_@24
_OpenDesktop_@16
_EnumResourceTypes_@12
_DrawText@20
_FindResource@12
_QueryServiceConfig_@16
_NDdeGetShareSecurity_@24
_BeginUpdateResource_@8
_GetFileVersionInfoSize_@8
_CreateFile@28
_SetFileAttributes_@8

dpnet

DirectPlay8Create
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef3999c09aa52116008e45632beff8ea

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

scecli

shlwapi

sqlunirl

dpnet

Sections

.text Size: 359KB - Virtual size: 358KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 197KB - Virtual size: 1.6MB

.rsrc Size: 136KB - Virtual size: 136KB

.reloc Size: 1024B - Virtual size: 868B

.text
Size: 359KB - Virtual size: 358KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 197KB - Virtual size: 1.6MB

.rsrc
Size: 136KB - Virtual size: 136KB

.reloc
Size: 1024B - Virtual size: 868B