78d975959ac55aed357fe359fe1a7cf66ade21e8dfe90a464cd3fdb60161f603

Sharing

Copy URL Twitter E-mail

General

Target

78d975959ac55aed357fe359fe1a7cf66ade21e8dfe90a464cd3fdb60161f603
Size

234KB
MD5

5d53aba6ab3520ce14705dd734a38d20
SHA1

c25aeb0d96ae23655f4c2a9e5180dc950d681ee1
SHA256

78d975959ac55aed357fe359fe1a7cf66ade21e8dfe90a464cd3fdb60161f603
SHA512

e483daffc9f359f4a6ffd1d9dc6c14ca16a5a4e5d3f4b568942a41494b086bcd86ce5048a6bd42dfb64b33c6ff84bfef28ad82b41acc7b3b9b5ab0fb4b0f127e
SSDEEP

6144:/MhbvjTiiIQnNM9xjkx68Y5LI8VlubXf42gA89Bpokpir:/SxM9xjI2IElubXfrg5Ronr

Score

N/A

Malware Config

Signatures

Files

78d975959ac55aed357fe359fe1a7cf66ade21e8dfe90a464cd3fdb60161f603
.exe windows x86

1ae364536b6ae251dc7fb1cdee8bc6bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

OnlineClusterGroup
ClusterResourceEnum
ClusterResourceTypeOpenEnum
ClusterControl
OpenCluster
ClusterRegSetKeySecurity
GetClusterNetInterfaceState
ClusterGroupEnum
DeleteClusterResource
ClusterRegCreateKey
GetClusterQuorumResource
GetClusterNetworkId
ClusterOpenEnum
ClusterNetworkOpenEnum
SetClusterGroupNodeList

crtdll

tmpfile
_assert
_ismbcdigit
_strrev
_ismbcl2
_ismbblead
_y0
exit
labs
_makepath
_cputs
_mbsnbset
towupper
getchar
strpbrk
_spawnlp
_isatty
_mbsupr
setvbuf
_strdup
_snprintf
_get_osfhandle
_errno
strlen
_fpieee_flt
_rmtmp
_except_handler2
calloc
_stricoll
_heapchk
_loaddll
strxfrm
_strtime
iswlower
wcscpy
_chdrive
_unloaddll
iswgraph
_ultow
memset
_mbsicmp
_wcsrev
strrchr
clearerr
_wcsnicmp
_cexit
_environ_dll
_execlp
freopen
_CIcosh
fread
_CIcos
gets
iscntrl

winipsec

DeleteTransportFilter
EnumTransportFilters
GetQMPolicyByID
SPDApiBufferAllocate
EnumQMSAs
DeleteMMPolicy
GetMMPolicyByID
AddMMFilter
GetMMAuthMethods
OpenMMFilterHandle
MatchMMFilter
SetTransportFilter
MatchTunnelFilter
SetMMPolicy
GetTunnelFilter
GetMMPolicy
DeleteMMAuthMethods
EnumIPSecInterfaces
DeleteMMFilter
AddMMPolicy
GetTransportFilter
AddTunnelFilter
MatchTransportFilter
SetMMAuthMethods
OpenTransportFilterHandle
SetMMFilter
DeleteQMPolicy

kernel32

_hread
DnsHostnameToComputerNameA
GetBinaryTypeW
SetLastError
WriteFile
OpenJobObjectW
LCMapStringW
GetCurrentConsoleFont
PulseEvent
GetUserDefaultUILanguage
WritePrivateProfileStructA
LZOpenFileA
GetConsoleAliasExesA
GetFileInformationByHandle
SetDefaultCommConfigA
HeapAlloc
GetTimeZoneInformation
GetConsoleCharType
GetLocaleInfoW
LoadLibraryW
GetProfileStringA

msdart

?IsReadLocked@CCritSec@@QBE_NXZ
?WriteUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinAdjustmentFactor@CSmallSpinLock@@SGXN@Z
?GetDefaultSpinAdjustmentFactor@CCritSec@@SGNXZ
?ApplyIf@CLKRHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@ZP6G?AW4LK_ACTION@@01@Z1W4LK_LOCKTYPE@@@Z
?_H0@CLKRLinearHashTable@@CGKKK@Z
?GetStatistics@CLKRHashTable@@QBE?AVCLKRHashTableStats@@XZ
??0CSpinLock@@QAE@XZ
?ReadUnlock@CFakeLock@@QAEXXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
??4CMdVersionInfo@@QAEAAV0@ABV0@@Z
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
mpMalloc
?ConvertExclusiveToShared@CSmallSpinLock@@QAEXXZ
?IsWriteUnlocked@CSmallSpinLock@@QBE_NXZ
?IsValid@CLKRLinearHashTable@@QBE_NXZ
?SetSpinCount@CCritSec@@SGKPAPAVCCriticalSection@@K@Z
?IsWin9x@CMdVersionInfo@@SAHXZ
?sm_pfnSetCriticalSectionSpinCount@CCriticalSection@@0P6GKPAU_RTL_CRITICAL_SECTION@@K@ZA
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
??0CLockedSingleList@@QAE@XZ
??1CLKRLinearHashTable@@QAE@XZ

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ae364536b6ae251dc7fb1cdee8bc6bc

Headers

File Characteristics

Imports

clusapi

crtdll

winipsec

kernel32

msdart

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 2KB