5dc83f9156d74908803eb9e2f6a251062e97e6eef4b41f7c2b6c8893d94d1827

Sharing

Copy URL Twitter E-mail

General

Target

5dc83f9156d74908803eb9e2f6a251062e97e6eef4b41f7c2b6c8893d94d1827
Size

48KB
MD5

14bbb42d37ba06a35019bb730b3f0d80
SHA1

78d1b8add9d36e1fa1034d25cf15288785ee3628
SHA256

5dc83f9156d74908803eb9e2f6a251062e97e6eef4b41f7c2b6c8893d94d1827
SHA512

0cfd2ab4e555574da426041a8bb00f72ee0fffcc7c296a7a65bacc37de2fbc438152d7a29c033436646913e85ae2ad192015efe6dcd607bb16c99e8868000bc0
SSDEEP

768:H8/6ZkR2qahE3V+/V0r309pb+cMP1obqp2qyrZW2EwLva++JIm5/McyiljlE:T62T0+/6g96obqgRJLvhkIO/McySjlE

Score

N/A

Malware Config

Signatures

Files

5dc83f9156d74908803eb9e2f6a251062e97e6eef4b41f7c2b6c8893d94d1827
.exe windows x86

7bcc899559e1b2a571ea9b9a826670d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionStringW
CreateConsoleScreenBuffer
LZClose
RtlCaptureContext
SetThreadExecutionState
SetConsoleActiveScreenBuffer
_lcreat
SetConsoleNumberOfCommandsA
LoadLibraryA
GetDiskFreeSpaceW
FillConsoleOutputCharacterW
GetDefaultCommConfigW
CreateToolhelp32Snapshot
ReadFileEx
DebugBreak
FindClose
CopyFileExA
Module32Next
EnumCalendarInfoW
GetConsoleInputExeNameW
CancelIo
FindResourceA
SetHandleContext
GetNumaAvailableMemoryNode
GetModuleHandleA
WritePrivateProfileSectionW
FindNextFileA
SetConsoleTextAttribute
lstrcmpW
GetProfileSectionW
GetTickCount
GlobalFindAtomW
GenerateConsoleCtrlEvent
GetProcessHeap
CancelTimerQueueTimer
VirtualFree
SetDefaultCommConfigA
GetFileInformationByHandle
GetCPInfoExA
FindResourceExW
ReadProcessMemory
WriteProfileSectionW
GetConsoleKeyboardLayoutNameW
GetCommTimeouts
IsValidLocale
LocalAlloc
EnumUILanguagesW
SetFileShortNameW
SetClientTimeZoneInformation
SetLocalTime
VirtualAlloc
GetTapePosition
GetModuleHandleW
SetTimeZoneInformation
GetSystemWow64DirectoryW
GetConsoleFontSize
QueryActCtxW
GetStringTypeExA
SetConsoleWindowInfo
EnumResourceLanguagesW
FindActCtxSectionStringA
SetSystemTime

wintrust

CryptSIPGetInfo
WVTAsn1CatNameValueEncode
CryptCATGetMemberInfo
WVTAsn1SpcSigInfoDecode
WTHelperCertIsSelfSigned
WTHelperGetProvPrivateDataFromChain
CryptCATAdminAddCatalog
WintrustCertificateTrust
CryptSIPPutSignedDataMsg
CryptCATAdminResolveCatalogPath
TrustFindIssuerCertificate
CryptCATAdminEnumCatalogFromHash
AddPersonalTrustDBPages
CryptCATGetAttrInfo
CryptCATEnumerateCatAttr
SoftpubCheckCert
GenericChainFinalProv
SoftpubLoadDefUsageCallData
WTHelperGetFileHash
WVTAsn1CatNameValueDecode
WVTAsn1SpcPeImageDataEncode
CryptCATVerifyMember
SoftpubInitialize
WintrustAddActionID
CryptSIPGetSignedDataMsg
SoftpubCleanup
SoftpubLoadMessage
WVTAsn1SpcSpOpusInfoEncode
CryptCATCDFEnumMembersByCDFTag
CryptCATGetCatAttrInfo
WTHelperCertFindIssuerCertificate
CryptCATEnumerateMember
CryptCATAdminPauseServiceForBackup
mssip32DllRegisterServer

cfgmgr32

CM_Enumerate_Classes_Ex
CM_Get_HW_Prof_FlagsW
CM_Test_Range_Available
CM_Run_Detection
CM_Reenumerate_DevNode
CM_Get_Log_Conf_Priority
CM_Get_Device_ID_ListW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExA
CM_Get_Class_NameA
CM_Query_Arbitrator_Free_Size
CM_Enumerate_Classes
CM_Free_Res_Des
CM_Remove_SubTree_Ex
CM_Query_Remove_SubTree_Ex
CM_Is_Dock_Station_Present_Ex
CM_Get_Device_ID_List_SizeW
CM_Register_Device_InterfaceA
CM_Query_And_Remove_SubTreeW
CM_Set_DevNode_Problem_Ex
CM_Uninstall_DevNode_Ex
CM_Add_Range
CM_Get_Sibling_Ex
CM_Get_First_Log_Conf
CM_Get_HW_Prof_Flags_ExW
CM_Get_Child_Ex
CM_Enable_DevNode
CM_Request_Eject_PC
CM_Get_Hardware_Profile_Info_ExA
CM_Open_DevNode_Key_Ex
CM_Get_Class_Registry_PropertyA
CM_Open_Class_KeyW

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bcc899559e1b2a571ea9b9a826670d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wintrust

cfgmgr32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 260B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 260B

.rsrc
Size: 3KB - Virtual size: 2KB