d9cc3fb7853cb6fc4023e2c6835864c0653405c47c9ec3d3d739c81281e4c3fa

Sharing

Copy URL

Twitter E-mail

General

Target

d9cc3fb7853cb6fc4023e2c6835864c0653405c47c9ec3d3d739c81281e4c3fa
Size

200KB
MD5

6d59e8096aaca5d8c4dd487176fb86e6
SHA1

9a05dbfbe5638655ab2d94aa4019f1306a4cac01
SHA256

d9cc3fb7853cb6fc4023e2c6835864c0653405c47c9ec3d3d739c81281e4c3fa
SHA512

a797508d201a4696fb5d91b640ccdaecc425b2804626360b9a6d2b64f913ccce56e9a1fe61a479182d12019ecc71d02e30d0a48f334b30ee9d2d0eb5fb7b1aba
SSDEEP

3072:YVwWMEf8hU9QuO8BHO7dXcYjwyhuuWQvKgTon861ocAF+kV2ZBVvc9JA+3eaEt4:YVwWAU9c8BafO8mOJ2Zzvc4aEt4

Score

N/A

Malware Config

Signatures

Files

d9cc3fb7853cb6fc4023e2c6835864c0653405c47c9ec3d3d739c81281e4c3fa
.exe windows x86

df0c8bbdf7575177e7296c6ed8b41d8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
GetCommModemStatus
SetComputerNameA
GetProcessTimes
HeapCreate
SetLastConsoleEventActive
HeapDestroy
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
EnumResourceTypesA
PeekConsoleInputA
SetEnvironmentVariableA
LoadLibraryA
CreateSocketHandle
LocalAlloc
RegisterConsoleOS2
CreateEventW
BindIoCompletionCallback
lstrcpyW
GetExitCodeThread
GetQueuedCompletionStatus
GetCurrentThread
ProcessIdToSessionId
FindNextVolumeMountPointA
IsBadHugeReadPtr
DosPathToSessionPathW
VirtualAlloc
SetConsoleInputExeNameA
FindResourceW
GetTimeFormatW
CommConfigDialogW

advapi32

LsaLookupPrivilegeValue
GetTrusteeFormA
ChangeServiceConfig2A
IsValidSid
LsaQueryTrustedDomainInfo
LookupPrivilegeDisplayNameA
SaferCreateLevel
LsaSetSecret
GetWindowsAccountDomainSid
PrivilegedServiceAuditAlarmA
GetServiceDisplayNameA
CloseEncryptedFileRaw
IsValidAcl
QueryServiceConfig2A
EncryptFileA
SetSecurityDescriptorSacl
SystemFunction041
LookupPrivilegeNameW
DuplicateTokenEx
DeleteService
OpenEventLogA
ControlService
LsaRemovePrivilegesFromAccount
UninstallApplication
SetSecurityDescriptorDacl
ConvertToAutoInheritPrivateObjectSecurity
AddAuditAccessObjectAce
GetCurrentHwProfileA
RegQueryValueA
CredMarshalCredentialA
FreeInheritedFromArray

gdi32

SetFontEnumeration
CreateFontIndirectExW
CreateEnhMetaFileW
SetTextAlign
EngFillPath
GetTextCharsetInfo
DdEntry7
FONTOBJ_cGetAllGlyphHandles
GetEnhMetaFileBits
GdiResetDCEMF
GetTextExtentPointI
EqualRgn
SetICMMode
GdiQueryFonts
SetBrushOrgEx
SetColorSpace
PlayEnhMetaFile
CreateDIBitmap
SetWindowExtEx
ModifyWorldTransform
CreateEllipticRgnIndirect
CreateScalableFontResourceW
OffsetRgn
GetSystemPaletteEntries
FillPath
ExtCreatePen
PolyPolygon
ResetDCW

rastapi

DeviceSetDevConfig
DeviceListen
DeviceGetDevConfigEx
PortSend
PortCompressionSetInfo
AddPorts
PortGetInfo
DeviceEnum
PortClose
DeviceGetDevConfig
SetCommSettings
EnableDeviceForDialIn
PortOpen
PortGetPortState
PortGetIOHandle
PortConnect
DeviceSetInfo
PortSetFraming
PortEnum
RemovePort
UnloadRastapiDll
PortReceive
DeviceDone
RastapiSetCalledID
PortSetInfo
DeviceWork
PortInit
PortDisconnect
PortTestSignalState
RastapiGetCalledID
PortReceiveComplete
DeviceGetInfo

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df0c8bbdf7575177e7296c6ed8b41d8c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

gdi32

rastapi

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 338B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 338B

.rsrc
Size: 2KB - Virtual size: 1KB