67875443ca06c21aa9cdfdc3cd14d60c47a304e13959d05b5dcdd6d87c9bb9a5

Sharing

Copy URL Twitter E-mail

General

Target

67875443ca06c21aa9cdfdc3cd14d60c47a304e13959d05b5dcdd6d87c9bb9a5
Size

46KB
MD5

1adefbada868c5ff0640180829de11de
SHA1

2d29883141685beb7972511873d2b22afba59f70
SHA256

67875443ca06c21aa9cdfdc3cd14d60c47a304e13959d05b5dcdd6d87c9bb9a5
SHA512

ab7439883176db50e017b3b934a7720f17320f8372bf5f889e985404df2ef6052d9819fa12630a39b993d46e838a6fa4d801d8d6b6b529b78c6d1c0aaad47c76
SSDEEP

768:+VYZY6whlyfw1bZyjZzQWHNSBtbkSPF9HGmKhOHzRzoLyfR68iaDOorkSkSkzXB:+VYxw1b8h4rKmKhqFz4KeB

Score

N/A

Malware Config

Signatures

Files

67875443ca06c21aa9cdfdc3cd14d60c47a304e13959d05b5dcdd6d87c9bb9a5
.exe windows x86

b9a7335a0cae37f54a91e11cee99bbf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

utildll

InitializeAnonymousUserCompareList
StrProcessState
RegGetNetworkDeviceName
FormDecoratedAsyncDeviceName
WinEnumerateDevices
StrSystemWaitReason
NetworkDeviceEnumerate
ParseDecoratedAsyncDeviceName
CurrentDateTimeString
GetUnknownString
StrConnectState
AsyncDeviceEnumerate
StrSdClass
CtxGetAnyDCName
CalculateDiffTime
ElapsedTimeString
DateTimeString
StrAsyncConnectState
NetBIOSDeviceEnumerate
GetSystemMessageW
QueryCurrentWinStation
StandardErrorMessage
HaveAnonymousUsersChanged
GetUserFromSid
TestUserForAdmin
CalculateElapsedTime
GetSystemMessageA
ConfigureModem
SetupAsyncCdConfig
EnumerateMultiUserServers
CachedGetUserFromSid

advapi32

LsaQueryInformationPolicy
SetEntriesInAuditListW
SaferCreateLevel
SystemFunction021
SystemFunction003
ConvertStringSecurityDescriptorToSecurityDescriptorA
SetThreadToken
CreateCodeAuthzLevel
QueryServiceConfig2W
EqualSid
CreateServiceW
BuildTrusteeWithNameA
RegEnumValueW
ConvertSecurityDescriptorToStringSecurityDescriptorA
RegReplaceKeyW
LsaLookupNames
WriteEncryptedFileRaw
SystemFunction010
GetSecurityInfoExA
ConvertSecurityDescriptorToAccessA
BuildTrusteeWithSidW
GetLocalManagedApplicationData
TrusteeAccessToObjectA
ControlTraceA
AddAuditAccessObjectAce
CryptSignHashA
CloseTrace
LsaLookupSids
LsaGetRemoteUserName
DuplicateEncryptionInfoFile
ConvertStringSDToSDDomainA
LsaOpenTrustedDomain
GetKernelObjectSecurity

user32

ChangeClipboardChain
DestroyCursor
MapVirtualKeyA
DrawMenuBarTemp
PaintDesktop
MonitorFromWindow
GetKeyboardType
IMPQueryIMEA
LockWindowStation
CharLowerBuffW
ReasonCodeNeedsComment
MessageBoxTimeoutW
UserLpkTabbedTextOut
SetMenuItemInfoW
CallNextHookEx
RemovePropW
IsClipboardFormatAvailable
ExcludeUpdateRgn
UnregisterHotKey
CharUpperBuffA
SetInternalWindowPos
GetMenuStringW
GetKeyNameTextA
SetActiveWindow
User32InitializeImmEntryTable
BroadcastSystemMessageExA
GetKeyboardLayoutList
GetWindowLongW
GetWindowTextA
CloseClipboard
LoadCursorFromFileA
DdeAccessData
PeekMessageW
EnumDesktopWindows
SetMessageQueue
SetMenu
IsHungAppWindow
GetComboBoxInfo
EnumDisplaySettingsExA
DialogBoxIndirectParamAorW
ShowCaret
ReplyMessage
IsCharUpperW
GetAltTabInfoW
GetClassNameW
IsCharAlphaW
OpenDesktopW
OemToCharA
DeviceEventWorker
DestroyAcceleratorTable
UserHandleGrantAccess
GetDoubleClickTime
SetClipboardViewer
IsCharUpperA
DdeGetData
GetFocus
SetShellWindow
GetDlgItemTextA
DlgDirListComboBoxW
ScreenToClient
EqualRect
SetScrollRange
SetRect
ValidateRgn
ToUnicode
IsChild
UnregisterClassA
UserRealizePalette
EnumDisplayMonitors
GetScrollPos
CreateDialogIndirectParamAorW
FindWindowA
SetDeskWallpaper
EnableWindow
CreateIconIndirect
GetClassInfoW
CreateMDIWindowA
SetPropA
PostMessageW
GetWindowTextLengthA
GetCaretPos
DdePostAdvise
VkKeyScanW
GetClassInfoExW
MapVirtualKeyExW
GetDlgCtrlID
SetUserObjectInformationW
MsgWaitForMultipleObjects
LockWindowUpdate
UpdatePerUserSystemParameters
SetMenuDefaultItem
ClientThreadSetup
RegisterDeviceNotificationW
GetOpenClipboardWindow
UnhookWinEvent
GetMonitorInfoW
BroadcastSystemMessage
GetMenuState
CharUpperA

kernel32

SetThreadPriority
IsDBCSLeadByte
GetConsoleAliasA
QueryDosDeviceW
CreateHardLinkW
LoadLibraryExA
GetProfileSectionW
EnumResourceLanguagesA
GetProfileStringW
BaseCleanupAppcompatCacheSupport
LocalReAlloc
FillConsoleOutputAttribute
GetCompressedFileSizeW
SetEndOfFile
GetModuleHandleA
VirtualAlloc
SetHandleContext
DeleteFileW
LocalSize
CloseHandle
GetFileInformationByHandle
LoadLibraryA
GetConsoleCursorInfo
GetModuleHandleW
ActivateActCtx
GetLocaleInfoA
FindFirstFileW
CompareFileTime
GetTickCount
CreateFileA
GetEnvironmentVariableA
RegisterWowExec

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9a7335a0cae37f54a91e11cee99bbf3

Headers

DLL Characteristics

File Characteristics

Imports

utildll

advapi32

user32

kernel32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 338B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 338B

.rsrc
Size: 3KB - Virtual size: 2KB