f159b7e383ee14f0dabf339fa6c408e7936d37ab3faa2c44b2e1b4a4774e44d5

Sharing

Copy URL

Twitter E-mail

General

Target

f159b7e383ee14f0dabf339fa6c408e7936d37ab3faa2c44b2e1b4a4774e44d5
Size

45KB
MD5

607d6014e17a5bd98fd3bd7a033082e9
SHA1

ad578a4650454a89e4d2cb19f39e2d6ad868cfd3
SHA256

f159b7e383ee14f0dabf339fa6c408e7936d37ab3faa2c44b2e1b4a4774e44d5
SHA512

20e1f81d58c582b089397e0faf4ec75da2397873127297a712bfd7dc45c3921888570a2ed2c46894fea8a33dd20ac97d8137a876c794132946a3b57333c311a4
SSDEEP

768:Jj9CNijecM/7VWrTEJKZjO7HJKYgdzRo61I4lCOFdgzOObQMdFO2+M:GNiDC7srTEJca7kBW61UOqOOJdFQM

Score

N/A

Malware Config

Signatures

Files

f159b7e383ee14f0dabf339fa6c408e7936d37ab3faa2c44b2e1b4a4774e44d5
.exe windows x86

2b81cd32979074b17fd1c31e569bfaff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterRegDeleteKey
ClusterEnum
GetClusterNotify
ClusterRegQueryInfoKey
GetClusterResourceNetworkName
ClusterResourceCloseEnum
ClusterNetworkEnum
GetClusterFromResource
ClusterNodeControl
ClusterGroupCloseEnum
ClusterRegSetKeySecurity
ClusterNetworkGetEnumCount
GetClusterResourceTypeKey
OpenClusterNetwork
CloseCluster
CloseClusterNotifyPort
AddClusterResourceNode
GetClusterNetworkId
OpenClusterGroup
CreateClusterResource
GetClusterNetworkKey
SetClusterGroupName
BackupClusterDatabase
GetNodeClusterState
OfflineClusterGroup
ClusterRegQueryValue
ClusterNetworkControl
ClusterNetworkCloseEnum
CloseClusterNode
RemoveClusterResourceNode
SetClusterName
ClusterCloseEnum
GetClusterGroupKey
GetClusterNetInterface
DeleteClusterGroup

msasn1

ASN1CEREncZeroMultibyteString
ASN1BERDecExplicitTag
ASN1BERDecU16Val
ASN1charstring_free
ASN1_Decode
ASN1_CreateDecoder
ASN1_FreeDecoded
ASN1_GetDecoderOption
ASN1DecAlloc
ASN1BEREncLength
ASN1bitstring_cmp
ASN1BERDecChar32String
ASN1BERDecU8Val
ASN1_SetDecoderOption
ASN1CEREncNewBlkElement
ASN1ztcharstring_cmp
ASN1BEREncOpenType
ASN1_CloseEncoder
ASN1CEREncBitString
ASN1BERDecObjectIdentifier
ASN1ztcharstring_free
ASN1BEREncEndOfContents
ASN1BERDecCheck
ASN1CEREncCharString
ASN1BERDecChar16String
ASN1BEREoid2DotVal
ASN1BEREncDouble

kernel32

ReadConsoleOutputA
RegisterWaitForInputIdle
SetSystemTimeAdjustment
SetLastError
GetCalendarInfoA
GetCurrentProcess
SetLastConsoleEventActive
GetACP
lstrcatA
Heap32ListNext
GetStartupInfoA
GetMailslotInfo
LocalShrink
GetSystemWow64DirectoryW
RtlCaptureStackBackTrace
lstrcpy
LoadLibraryA
lstrcpyn
FindNextFileW
CreateFileW
GetLastError
GetComputerNameW
GetDevicePowerState
VirtualAlloc
FileTimeToLocalFileTime
EnumSystemLocalesA
GlobalAlloc
GetModuleHandleA
GetConsoleFontInfo
GetVolumeNameForVolumeMountPointA
DebugBreak
lstrlenA
GetUserGeoID
GetConsoleDisplayMode
GetVolumePathNamesForVolumeNameW

inetcomm

MimeOleSMimeCapAddSMimeCap
MimeOleSetPropW
MimeOleGetBodyPropW
CreateNNTPTransport
HrGetLastOpenFileDirectoryW
MimeOleCreateHashTable
MimeOleUnEscapeStringInPlace
HrSaveAttachmentAs
MimeEditDocumentFromStream
MimeOleStripHeaders
MimeEditIsSafeToRun
MimeOleGenerateCID
EssReceiptDecodeEx
MimeOleCreateMessage
MimeOleGetContentTypeExt
MimeOleEncodeHeader
MimeOleGetCertsFromThumbprints
CreateRangeList
MimeOleClearDirtyTree
HrGetAttachIcon
EssReceiptRequestEncodeEx
MimeOleGetCodePageCharset
HrAthGetFileNameW
MimeOleFindCharset
MimeOleCreateByteStream
HrGetAttachIconByFile
MimeOleCreateMessageParts
MimeOleGetPropertySchema
MimeOleOpenFileStream
MimeOleParseRfc822Address
MimeOleGetPropW
HrDoAttachmentVerb
MimeOleSMimeCapsFromDlg

ntdll

ZwTranslateFilePath
RtlUpcaseUnicodeStringToCountedOemString
LdrUnlockLoaderLock
NtQueryKey
RtlActivateActivationContext
RtlLockBootStatusData
RtlAnsiCharToUnicodeChar
isgraph
RtlSetControlSecurityDescriptor
RtlSetSecurityObjectEx
RtlLargeIntegerArithmeticShift
RtlAreBitsSet
RtlQueryTagHeap
ZwWriteFile
RtlFillMemory
NtDisplayString
_wtoi64
NtQueryFullAttributesFile
LdrFindEntryForAddress
RtlGetDaclSecurityDescriptor
NtQueryEvent
ZwTraceEvent
RtlSplay
ZwSetEvent
ZwLockVirtualMemory
ZwOpenTimer
ZwWriteRequestData

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b81cd32979074b17fd1c31e569bfaff

Headers

DLL Characteristics

File Characteristics

Imports

clusapi

msasn1

kernel32

inetcomm

ntdll

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB