271296de8213468cd93d1a375fe2dae7c207cb95401fcad53445eecdf95f78f9

Sharing

Copy URL Twitter E-mail

General

Target

271296de8213468cd93d1a375fe2dae7c207cb95401fcad53445eecdf95f78f9
Size

363KB
MD5

db69c3cf8951693e224bf23c8d2ec527
SHA1

8bfdddceab1ed0faf168a4d6405fc4850d7ede48
SHA256

271296de8213468cd93d1a375fe2dae7c207cb95401fcad53445eecdf95f78f9
SHA512

0337abf11c2061e49cbe9cc16a498e1ad67a74322593300892333bcbd36e56221b24307d4b7f495abee1fef16a18a40ecf7643d42eaf8dfe3dca4e45a8d7e339
SSDEEP

6144:xNrZzEy5gsd1AKI1DFsUCBuSwy5qAPNkkcEtdDFtvEHFNBkTGL2mcWfL:xNrey5g+1A51DFN2wyQmNkkcJ3CaLhfL

Score

N/A

Malware Config

Signatures

Files

271296de8213468cd93d1a375fe2dae7c207cb95401fcad53445eecdf95f78f9
.exe windows x86

329943647a26ffbb239ff02d16cca7bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetTopWindow
IsWindow
CreateWindowExA
BringWindowToTop
IsWindowVisible
ChildWindowFromPointEx
GetDesktopWindow
BeginDeferWindowPos
AdjustWindowRect
ShowWindow
SendDlgItemMessageA
CloseWindow
MapDialogRect

gdi32

EndDoc
GetBkMode
EnumObjects
DrawEscape
EqualRgn
CopyMetaFileW
ExtFloodFill
CopyEnhMetaFileW
GdiFlush
AngleArc

advapi32

OpenBackupEventLogA
OpenThreadToken
RegQueryValueA
AdjustTokenGroups
RegCloseKey
RegSaveKeyA
BackupEventLogW
BackupEventLogA
RegEnumValueA
PrivilegeCheck

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
LCMapStringA
GetUserDefaultLangID
ReleaseMutex
IsBadStringPtrA
HeapWalk
GlobalHandle
HeapCompact
HeapDestroy
PulseEvent
GlobalLock
ResetEvent
HeapLock
HeapUnlock
GetDateFormatA
GlobalMemoryStatus
GlobalFlags
WritePrivateProfileSectionA
GetProcAddress
GetACP
FreeEnvironmentStringsA
GetLastError
QueryPerformanceCounter
GetStartupInfoA
VirtualAllocEx
GetTickCount
GetStringTypeW
TlsSetValue
TlsGetValue
GetCommandLineA
GetStdHandle
GetModuleFileNameA
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
SetLastError
TlsAlloc
GetCurrentThreadId
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte

netapi32

NetServerTransportEnum
NetGetJoinableOUs
NetAuditWrite
NetFileClose
NetGetJoinInformation
NetConfigGet
NetAuditRead
NetGroupAddUser
NetGroupAdd
NetErrorLogRead
NetErrorLogClear
NetConfigGetAll
NetFileEnum
NetErrorLogWrite
NetGetDCName

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qfk
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

329943647a26ffbb239ff02d16cca7bf

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

netapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 110KB

.qfk Size: 324KB - Virtual size: 324KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 110KB

.qfk
Size: 324KB - Virtual size: 324KB

.rsrc
Size: 4KB - Virtual size: 4KB