7785ea24dd18a7602cb6e2eeefea35a851aeecc56ab955653aa43066eaa304bb

Sharing

Copy URL Twitter E-mail

General

Target

7785ea24dd18a7602cb6e2eeefea35a851aeecc56ab955653aa43066eaa304bb
Size

1.4MB
MD5

8778c09a87714745618710db03720474
SHA1

c6441c3c3054b2c1d248ce01a3a84fb1609efc3f
SHA256

7785ea24dd18a7602cb6e2eeefea35a851aeecc56ab955653aa43066eaa304bb
SHA512

ea4804f55369d91dbd8aabec0390a0bfca58e62825fed8abd1e602556ae145d767b06f7e7e22e346fa85c3b3369a750fc98a5a22900adf57474c5ab636267d93
SSDEEP

24576:zvDoxZuGD4Z6a9GlToHPyYwySYrQlA2shqbD9gUjWRIU6t:zboGvX9GlYKwSYrgsgSiDU6

Score

N/A

Malware Config

Signatures

Files

7785ea24dd18a7602cb6e2eeefea35a851aeecc56ab955653aa43066eaa304bb
.exe windows x86

208eae0f43a3bf471bc69ce8692fcbc5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

iphlpapi

GetUdpTable
SendARP
CreateProxyArpEntry
GetInterfaceInfo
InternalDeleteIpForwardEntry
GetTcpStatistics
GetUdpStatistics
AllocateAndGetIpAddrTableFromStack
InternalCreateIpForwardEntry
InternalGetIpForwardTable
FlushIpNetTable
InternalSetIpStats
GetIpNetTable
GetBestInterface
GetIfEntry
DeleteProxyArpEntry

imagehlp

ImageNtHeader
ImageUnload
SymSetOptions
ImageRvaToVa
ImageEnumerateCertificates
ImageDirectoryEntryToData
ImageLoad
ImageRvaToSection
SymInitialize
CheckSumMappedFile
ImageGetCertificateData
EnumerateLoadedModules64

kernel32

GetProcAddress
PeekConsoleInputA
GetPrivateProfileStructA
CreateIoCompletionPort
GetLocaleInfoA
SetMailslotInfo
GetSystemDefaultLCID
_lcreat
SetCalendarInfoA
FindFirstVolumeMountPointA
lstrcmpA
ReleaseMutex
GetPrivateProfileStringW
GetExitCodeThread
WinExec
SetMessageWaitingIndicator
GetSystemDefaultLangID
GlobalAddAtomA
GetThreadSelectorEntry
DosDateTimeToFileTime
SetLocaleInfoA
GetConsoleMode
VirtualAlloc
SetConsoleActiveScreenBuffer
GetProcessPriorityBoost
GetTempFileNameA
GetFileAttributesW

netapi32

NetGroupAddUser
NetLocalGroupEnum
NetGetDCName
NetLocalGroupDel
NetWkstaGetInfo
NetMessageBufferSend
NetLocalGroupAddMembers
NetShareCheck
NetUserSetInfo
NetUnjoinDomain
NetGroupDel
NetServiceControl
NetLocalGroupDelMembers
NetServerEnum
NetUnregisterDomainNameChangeNotification
NetDfsSetClientInfo
NetServerDiskEnum

advapi32

LsaNtStatusToWinError
AddAccessAllowedAce
QueryUsersOnEncryptedFile
RegQueryValueW
GetSidSubAuthority
AreAllAccessesGranted
SetSecurityDescriptorSacl
DuplicateToken
GetKernelObjectSecurity
MakeAbsoluteSD
ImpersonateNamedPipeClient
EncryptFileW

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pYsDTk
Size: 124KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uggq
Size: 482KB - Virtual size: 770KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rCbfWJ
Size: 471KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

208eae0f43a3bf471bc69ce8692fcbc5

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

imagehlp

kernel32

netapi32

advapi32

Sections

.text Size: 220KB - Virtual size: 220KB

.pYsDTk Size: 124KB - Virtual size: 276KB

.uggq Size: 482KB - Virtual size: 770KB

.rCbfWJ Size: 471KB - Virtual size: 628KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 220KB - Virtual size: 220KB

.pYsDTk
Size: 124KB - Virtual size: 276KB

.uggq
Size: 482KB - Virtual size: 770KB

.rCbfWJ
Size: 471KB - Virtual size: 628KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 3KB - Virtual size: 2KB