2881446aa5a128408a8a0803324996b47faf05fe15d70cb1b2a70c8dbcca3a2e

Sharing

Copy URL Twitter E-mail

General

Target

2881446aa5a128408a8a0803324996b47faf05fe15d70cb1b2a70c8dbcca3a2e
Size

932KB
MD5

6d039fbb617bfd94ab5a93dbb862c940
SHA1

90665f00639401ccf304532c129387a2f587a871
SHA256

2881446aa5a128408a8a0803324996b47faf05fe15d70cb1b2a70c8dbcca3a2e
SHA512

446c60e85851e79c73c980fbb1f5a7afda33c1fc9037e9b982c2bcf51c1201c8aa6258f41849ba0bbf85d288fe12cdb6c3a83f547962a7bfdefd0d0bb27f450d
SSDEEP

12288:gmDfRirSN3JejWUZeE1HOQ0yoZVITXvYIddu7buKrDD9KNoeTD7fjcPb6:focJejWwO7yoZVKgBvuKz9clTXjcPb6

Score

N/A

Malware Config

Signatures

Files

2881446aa5a128408a8a0803324996b47faf05fe15d70cb1b2a70c8dbcca3a2e
.exe windows x86

d380319f78042558eefeac166597ff11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetCurrentHwProfileA
AddAccessAllowedObjectAce
RegQueryMultipleValuesA
CryptDestroyKey
SetFileSecurityW
EnableTrace
LsaFreeMemory
WriteEncryptedFileRaw

kernel32

lstrcatA
GetDriveTypeA
GetConsoleAliasA
IsBadCodePtr
WaitForSingleObject
WideCharToMultiByte
EnumTimeFormatsW
SetUnhandledExceptionFilter
ReleaseSemaphore
LockFile
DosPathToSessionPathW
EnumResourceTypesW
ReadConsoleInputA
SetLocalTime
MoveFileW
LocalSize
WriteFileGather
VerLanguageNameA
LocalCompact
VirtualAlloc
IsDBCSLeadByte
SetProcessAffinityMask
IsDBCSLeadByteEx
SetVolumeLabelA

ulib

?DeleteChAt@WSTRING@@QAEXKK@Z
??1HMEM@@UAE@XZ
?Initialize@CONT_MEM@@QAEEPAXK@Z
??1PATH@@UAE@XZ
?GetWSTR@WSTRING@@QBEPBGXZ
?Initialize@MACHINE@@QAEEXZ
??1PATH_ARGUMENT@@UAE@XZ
?QueryInvalidArgument@ARGUMENT_LEXEMIZER@@QAEPAVWSTRING@@XZ
??0HMEM@@QAE@XZ

netapi32

NetServerTransportEnum
DsGetSiteNameW
NetUseDel
DsEnumerateDomainTrustsW
NetMessageBufferSend
NetAuditRead
NetGroupGetInfo
NetpIsRemote
NetpwNameValidate

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cftB
Size: 191KB - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AXwnz
Size: 254KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YoAu
Size: 124KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d380319f78042558eefeac166597ff11

Headers

File Characteristics

Imports

advapi32

kernel32

ulib

netapi32

Sections

.text Size: 198KB - Virtual size: 198KB

.cftB Size: 191KB - Virtual size: 433KB

.AXwnz Size: 254KB - Virtual size: 400KB

.YoAu Size: 124KB - Virtual size: 238KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 198KB - Virtual size: 198KB

.cftB
Size: 191KB - Virtual size: 433KB

.AXwnz
Size: 254KB - Virtual size: 400KB

.YoAu
Size: 124KB - Virtual size: 238KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 2KB - Virtual size: 2KB