678c5008dcfc6528234bfe9f5da55fe8ef4c3302800a7519d4bd34ac32f366db

Sharing

Copy URL Twitter E-mail

General

Target

678c5008dcfc6528234bfe9f5da55fe8ef4c3302800a7519d4bd34ac32f366db
Size

46KB
MD5

c3064eca8ff4d4af00141372bfafbfe7
SHA1

1118d8cbf477510c1b53b9233d1b6a8816cf6fbb
SHA256

678c5008dcfc6528234bfe9f5da55fe8ef4c3302800a7519d4bd34ac32f366db
SHA512

a6925aa1470df2ae42e6d5fc516325923c905f03fad16f81975d4fe9cd2fbed4d1e3b32bcdd20922695d127f970068a6af53c6044eaff1e934d48dae13785ae5
SSDEEP

768:/HvvY+5FPv4UusOng0oDtyhIX1SPlm6r0mU889QjnMl/+yH90IoaxNKjvAuNQ39V:/YyPjOnloFYPlXU8hM0m90IoINKjvAuC

Score

N/A

Malware Config

Signatures

Files

678c5008dcfc6528234bfe9f5da55fe8ef4c3302800a7519d4bd34ac32f366db
.exe windows x86

d7e86aa10525e24fe0e376a49785e741

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

polstore

IPSecExportPolicies
IPSecCopyPolicyData
IPSecUnassignPolicy
IPSecAllocPolStr
IPSecCopyISAKMPData
IPSecFreeISAKMPData
IPSecEnumISAKMPData
IPSecDeleteNFAData
IPSecFreeNegPolData
IPSecCreateFilterData
IPSecCreateNegPolData
IPSecSetFilterData
IPSecSetPolicyData
IPSecOpenPolicyStore
IPSecSetNFAData

gdi32

GetICMProfileW
SetBitmapDimensionEx
GdiInitSpool
RectVisible
SetMetaFileBitsEx
CreateCompatibleBitmap
DdEntry20
FONTOBJ_pfdg
BeginPath
GetCharABCWidthsI
SetDIBits
GetEnhMetaFileHeader
EngLineTo
PolyTextOutW
GetTextExtentExPointI
SetVirtualResolution
GdiEntry1
GetClipBox
HT_Get8BPPFormatPalette
GetDIBColorTable

kernel32

GetStringTypeA
EnumCalendarInfoA
SetLastError
FileTimeToLocalFileTime
OutputDebugStringA
GetConsoleCharType
EnumResourceLanguagesA
InitializeCriticalSection
IsValidLocale
LoadLibraryA
GetWindowsDirectoryA
SetConsoleCursorPosition
GetGeoInfoA
MultiByteToWideChar
IsBadHugeReadPtr
VirtualAlloc
HeapQueryInformation
GetEnvironmentStringsW
GetConsoleFontSize
IsDebuggerPresent
GetConsoleKeyboardLayoutNameW
GetCPInfoExW

netapi32

DsRoleAbortDownlevelServerUpgrade
NetServerEnum
NetConfigSet
NetpGetFileSecurity
NetGroupGetInfo
NetpAddTlnFtinfoEntry
I_NetLogonControl
NetServerEnumEx
I_BrowserDebugCall
NetReplExportDirGetInfo
DsRoleUpgradeDownlevelServer
NetReplExportDirSetInfo
I_NetAccountSync
NetAuditWrite
DsGetDcNameWithAccountW
RxNetAccessEnum
NetRemoveAlternateComputerName

advapi32

WmiEnumerateGuids
CryptDeriveKey
CryptGetHashParam
GetUserNameW
LsaQueryForestTrustInformation
CredpDecodeCredential
TrusteeAccessToObjectW
RegEnumValueW
LsaOpenTrustedDomain
SetPrivateObjectSecurityEx
EnumerateTraceGuids
RegEnumValueA
GetMultipleTrusteeW
SaferiRecordEventLogEntry
BackupEventLogW
ElfReportEventW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7e86aa10525e24fe0e376a49785e741

Headers

DLL Characteristics

File Characteristics

Imports

polstore

gdi32

kernel32

netapi32

advapi32

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB