12ed329e8cba78e020edd37628bd27bca91050e35adb44f0fac3e6e1baf7ecf4

Sharing

Copy URL Twitter E-mail

General

Target

12ed329e8cba78e020edd37628bd27bca91050e35adb44f0fac3e6e1baf7ecf4
Size

234KB
MD5

252c5dc20a50e59da3df2d75b40e4aa0
SHA1

1087cb8a19216da6ee9168fafce7d2abb760a9e5
SHA256

12ed329e8cba78e020edd37628bd27bca91050e35adb44f0fac3e6e1baf7ecf4
SHA512

b042fc29f10347dd14434a45427a7670b1d12af6bf6336c80942e1ba96f4354beafeba9c5a3718b49040651b499d61145bfee0cf958a01d20131fb8d78a2496e
SSDEEP

6144:/MhbvjTiiIQnNM9xjkx68Y5LI8VlubXf42gA89BpokpiG:/SxM9xjI2IElubXfrg5RonG

Score

N/A

Malware Config

Signatures

Files

12ed329e8cba78e020edd37628bd27bca91050e35adb44f0fac3e6e1baf7ecf4
.exe windows x86

1ae364536b6ae251dc7fb1cdee8bc6bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

OnlineClusterGroup
ClusterResourceEnum
ClusterResourceTypeOpenEnum
ClusterControl
OpenCluster
ClusterRegSetKeySecurity
GetClusterNetInterfaceState
ClusterGroupEnum
DeleteClusterResource
ClusterRegCreateKey
GetClusterQuorumResource
GetClusterNetworkId
ClusterOpenEnum
ClusterNetworkOpenEnum
SetClusterGroupNodeList

crtdll

tmpfile
_assert
_ismbcdigit
_strrev
_ismbcl2
_ismbblead
_y0
exit
labs
_makepath
_cputs
_mbsnbset
towupper
getchar
strpbrk
_spawnlp
_isatty
_mbsupr
setvbuf
_strdup
_snprintf
_get_osfhandle
_errno
strlen
_fpieee_flt
_rmtmp
_except_handler2
calloc
_stricoll
_heapchk
_loaddll
strxfrm
_strtime
iswlower
wcscpy
_chdrive
_unloaddll
iswgraph
_ultow
memset
_mbsicmp
_wcsrev
strrchr
clearerr
_wcsnicmp
_cexit
_environ_dll
_execlp
freopen
_CIcosh
fread
_CIcos
gets
iscntrl

winipsec

DeleteTransportFilter
EnumTransportFilters
GetQMPolicyByID
SPDApiBufferAllocate
EnumQMSAs
DeleteMMPolicy
GetMMPolicyByID
AddMMFilter
GetMMAuthMethods
OpenMMFilterHandle
MatchMMFilter
SetTransportFilter
MatchTunnelFilter
SetMMPolicy
GetTunnelFilter
GetMMPolicy
DeleteMMAuthMethods
EnumIPSecInterfaces
DeleteMMFilter
AddMMPolicy
GetTransportFilter
AddTunnelFilter
MatchTransportFilter
SetMMAuthMethods
OpenTransportFilterHandle
SetMMFilter
DeleteQMPolicy

kernel32

_hread
DnsHostnameToComputerNameA
GetBinaryTypeW
SetLastError
WriteFile
OpenJobObjectW
LCMapStringW
GetCurrentConsoleFont
PulseEvent
GetUserDefaultUILanguage
WritePrivateProfileStructA
LZOpenFileA
GetConsoleAliasExesA
GetFileInformationByHandle
SetDefaultCommConfigA
HeapAlloc
GetTimeZoneInformation
GetConsoleCharType
GetLocaleInfoW
LoadLibraryW
GetProfileStringA

msdart

?IsReadLocked@CCritSec@@QBE_NXZ
?WriteUnlock@CCritSec@@QAEXXZ
?SetDefaultSpinAdjustmentFactor@CSmallSpinLock@@SGXN@Z
?GetDefaultSpinAdjustmentFactor@CCritSec@@SGNXZ
?ApplyIf@CLKRHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@ZP6G?AW4LK_ACTION@@01@Z1W4LK_LOCKTYPE@@@Z
?_H0@CLKRLinearHashTable@@CGKKK@Z
?GetStatistics@CLKRHashTable@@QBE?AVCLKRHashTableStats@@XZ
??0CSpinLock@@QAE@XZ
?ReadUnlock@CFakeLock@@QAEXXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
??4CMdVersionInfo@@QAEAAV0@ABV0@@Z
?CreateHolder@@YGJPAUIGPDispenser@@HIPAPAUIGPHolder@@@Z
mpMalloc
?ConvertExclusiveToShared@CSmallSpinLock@@QAEXXZ
?IsWriteUnlocked@CSmallSpinLock@@QBE_NXZ
?IsValid@CLKRLinearHashTable@@QBE_NXZ
?SetSpinCount@CCritSec@@SGKPAPAVCCriticalSection@@K@Z
?IsWin9x@CMdVersionInfo@@SAHXZ
?sm_pfnSetCriticalSectionSpinCount@CCriticalSection@@0P6GKPAU_RTL_CRITICAL_SECTION@@K@ZA
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
??0CLockedSingleList@@QAE@XZ
??1CLKRLinearHashTable@@QAE@XZ

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ae364536b6ae251dc7fb1cdee8bc6bc

Headers

File Characteristics

Imports

clusapi

crtdll

winipsec

kernel32

msdart

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 45KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 2KB