5a96c9a20b72c085bbea18be8c482a4b4d7b2e02c38fce7535d7c89612209da8

General

Target

5a96c9a20b72c085bbea18be8c482a4b4d7b2e02c38fce7535d7c89612209da8
Size

719KB
MD5

5f51bcc8ce5ab7ab9475389801387d99
SHA1

94d2dbb61e84056048a85b1f213bc43364f45aa1
SHA256

5a96c9a20b72c085bbea18be8c482a4b4d7b2e02c38fce7535d7c89612209da8
SHA512

2d5ea6aad01ee1eae37acb2ced268979c5024d9b7cba521d11398cf8700c095dbb402c2fb431ffdbd1f6e3b68cd43f9b3ab3d37bda10e7ddb0368263541e98a4
SSDEEP

12288:G7OmmoYOSVGlSB2xVVLyUzSfHihKFBDyxFP4lhn3a4XnjseINO:GxyG0B2xVVHyaKFJyxtSVa4Ie

Score

N/A

Malware Config

Signatures

Files

5a96c9a20b72c085bbea18be8c482a4b4d7b2e02c38fce7535d7c89612209da8
.exe windows x86

a8217a14855982b69b5e2ff84f6fd729

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ReleaseCapture
CharToOemA
FlashWindowEx
SendMessageW
GetMenuCheckMarkDimensions
SetWindowPos
RegisterHotKey

netapi32

DsRoleFreeMemory
NetValidateName
NetUserChangePassword
NetSessionDel
NetGroupSetInfo
NetServerSetInfo
NetDfsSetClientInfo
NetGroupDel
NetpwPathCompare
DsGetDcNameW
NetUseAdd
NetWkstaUserGetInfo
NetGroupDelUser
NetShareDel
NetSessionEnum

oleaut32

VariantCopy
SysReAllocStringLen
VariantCopyInd
SysAllocStringByteLen
SafeArrayCreate
VariantClear

advapi32

RegisterEventSourceW
SetTokenInformation
RegisterTraceGuidsW
AbortSystemShutdownW
AreAnyAccessesGranted
CryptDuplicateKey
CryptHashData
CryptGenRandom
LsaGetSystemAccessAccount
RegSetValueExA
GetTokenInformation
RegEnumValueA
GetUserNameW
CryptVerifySignatureA
GetSidIdentifierAuthority

kernel32

CreateSemaphoreW
LocalFlags
ProcessIdToSessionId
GlobalAddAtomW
DeleteCriticalSection
GetComputerNameA
CommConfigDialogW
InterlockedIncrement
DeviceIoControl
GetLogicalDriveStringsA
VirtualAlloc

msvcrt

_wpopen
__p___initenv
_time64
_mkdir
qsort
_callnewh
isupper
__argv
__unDName
_mbsicmp
_localtime64
_close
_dup
toupper
_dup2
_mbscmp
putchar
wcscmp
__winitenv
_snprintf
wcscspn
sprintf

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 550KB - Virtual size: 898KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8217a14855982b69b5e2ff84f6fd729

Headers

File Characteristics

Imports

user32

netapi32

oleaut32

advapi32

kernel32

msvcrt

Sections

.text Size: 8KB - Virtual size: 7KB

.bss Size: 550KB - Virtual size: 898KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 140B

.text
Size: 8KB - Virtual size: 7KB

.bss
Size: 550KB - Virtual size: 898KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 140B