cd997add21fae8913026670f330a28ca62ca47070bdd02c187250ae6c478e5b9

Sharing

Copy URL

Twitter E-mail

General

Target

cd997add21fae8913026670f330a28ca62ca47070bdd02c187250ae6c478e5b9
Size

44KB
MD5

3f821b0146a29a0a3a6523944147c3d1
SHA1

d656dbcdde1e8551ef04575f114685e861abc006
SHA256

cd997add21fae8913026670f330a28ca62ca47070bdd02c187250ae6c478e5b9
SHA512

10c7284946a60194ef3b3f7a56d1876e4113c3b0da9db10e2213d1ba3e3d086ea8e7e08e0c544febe652588d7a0270d3051fea02adeafd775524aa027e873033
SSDEEP

768:cZBam6yIBTk5Jx3tgd7QJ9UeGpqn2UnW71cBbgk+PZXQeq87wXZAZElWZ:Q6TFGJxdgdU3W71igLnpZsWZ

Score

N/A

Malware Config

Signatures

Files

cd997add21fae8913026670f330a28ca62ca47070bdd02c187250ae6c478e5b9
.exe windows x86

e521a8a1700667533a0c00d3e9564edf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EngUnicodeToMultiByteN
Polyline
ResetDCA
ModifyWorldTransform
GetCharABCWidthsFloatA
DdEntry11
SelectClipRgn
MaskBlt
GdiReleaseDC
CreateHatchBrush
GetTextExtentPointA
CreateCompatibleDC
Ellipse
EngCreateClip
ChoosePixelFormat
GdiEntry1
CLIPOBJ_bEnum
CreatePatternBrush
CreateRectRgnIndirect
EngMultiByteToUnicodeN
PolyPolygon
GetWorldTransform

kernel32

DisconnectNamedPipe
QueryPerformanceCounter
GetCurrentThread
GetModuleHandleW
SetCommTimeouts
GetLocaleInfoW
WriteConsoleOutputW
GetVolumeNameForVolumeMountPointW
LZStart
FindFirstFileExA
GetConsoleTitleW
LoadLibraryW
EndUpdateResourceW
IsDBCSLeadByte

ntmarta

AccProvGetCapabilities
AccProvGetAccessInfoPerObjectType
AccRewriteSetEntriesInAcl
AccRewriteSetHandleRights
AccProvHandleGetTrusteesAccess
AccProvRevokeAuditRights
AccProvGetTrusteesAccess
AccGetExplicitEntries
AccConvertAccessToSD
AccFreeIndexArray
AccProvHandleGetAllRights
AccProvHandleGetAccessInfoPerObjectType
AccRewriteSetNamedRights
AccProvCancelOperation
AccGetInheritanceSource
AccLookupAccountName
AccProvIsAccessAudited
AccRewriteGetExplicitEntriesFromAcl
AccProvIsObjectAccessible
AccRewriteGetNamedRights
AccProvHandleRevokeAccessRights
AccProvHandleSetAccessRights
AccLookupAccountTrustee
AccSetEntriesInAList
AccLookupAccountSid
AccConvertAccessMaskToActrlAccess
AccProvHandleGrantAccessRights
AccProvGetOperationResults
AccRewriteGetHandleRights

ntdll

DbgUiRemoteBreakin
_ui64toa
RtlEnterCriticalSection
RtlCopyString
RtlFindActivationContextSectionGuid
_snwprintf
RtlActivateActivationContextUnsafeFast
NtQueryAttributesFile
__iscsymf
RtlIsGenericTableEmpty

advapi32

GetKernelObjectSecurity
CryptGenKey
GetServiceDisplayNameA
CryptDuplicateHash
EnumServicesStatusExW
StartServiceA
GetManagedApplicationCategories
SetSecurityInfoExA
ElfReadEventLogW
WmiQueryAllDataMultipleW
ElfOpenBackupEventLogA
ReportEventW
GetAclInformation
SetInformationCodeAuthzPolicyW
WmiDevInstToInstanceNameA

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e521a8a1700667533a0c00d3e9564edf

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ntmarta

ntdll

advapi32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB