a346b1955e88227be6ea4935f44ffb9de454090db17ea326acdab7d66a02ac69

Sharing

Copy URL Twitter E-mail

General

Target

a346b1955e88227be6ea4935f44ffb9de454090db17ea326acdab7d66a02ac69
Size

842KB
MD5

df46e7f8262f0e9cde14a5298f7b859d
SHA1

9af6e1a3f558410b1cbddba190765111e29f4030
SHA256

a346b1955e88227be6ea4935f44ffb9de454090db17ea326acdab7d66a02ac69
SHA512

951385baad11bb08dd09d91e1f2a5e1ca4f6a6076794385b52fea779550b52d131d83fe2f945472c446a60a01719f376c56eff4b3f039d84c3c3fe051f989b31
SSDEEP

12288:SiCMH9BHtLmMiCpo9o7sWjnae/L8OLqWVAl5ZsBsgdgYlai6HpZSxjGMvJM4/CeB:nf7H1xTjaen5ukBIc6HzSh1/3B

Score

N/A

Malware Config

Signatures

Files

a346b1955e88227be6ea4935f44ffb9de454090db17ea326acdab7d66a02ac69
.exe windows x86

7d6ddeabd3284622a4097b0883a5e12b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msasn1

ASN1BERDecOctetString
ASN1BERDecS16Val
ASN1BEREncRemoveZeroBits
ASN1BEREncEndOfContents
ASN1_Encode
ASN1intx_free
ASN1BEREncChar32String
ASN1CEREncCharString
ASN1utctime_cmp
ASN1BERDecObjectIdentifier2
ASN1BERDecDouble
ASN1BERDecU8Val
ASN1BERDecBool
ASN1BEREncDouble
ASN1BERDecEndOfContents
ASN1generalizedtime_cmp
ASN1objectidentifier_cmp
ASN1ztchar16string_free
ASN1BEREncU32
ASN1CEREncChar32String
ASN1BERDecFlush
ASN1_SetDecoderOption
ASN1BEREncUTF8String
ASN1bitstring_cmp

msdart

?SetSpinCount@CCritSec@@SGKPAPAVCCriticalSection@@K@Z
?IsReadUnlocked@CSpinLock@@QBE_NXZ
?_LockSpin@CReaderWriterLock@@AAEX_N@Z
?IsWin2k@CMdVersionInfo@@SAHXZ
??4CSmallSpinLock@@QAEAAV0@ABV0@@Z
?sm_dblDfltSpinAdjFctr@CSpinLock@@1NA
??4CLKRHashTableStats@@QAEAAV0@ABV0@@Z
?IsWinNT4@CMdVersionInfo@@SAHXZ
?IsReadUnlocked@CReaderWriterLock2@@QBE_NXZ
?InsertTail@CLockedDoubleList@@QAEXQAVCListEntry@@@Z
?TryWriteLock@CFakeLock@@QAE_NXZ
?FindKey@CLKRLinearHashTable@@QBE?AW4LK_RETCODE@@KPAPBX@Z
?ConvertSharedToExclusive@CLKRLinearHashTable@@QBEXXZ
?Push@CSingleList@@QAEXQAVCSingleListEntry@@@Z
?ConvertExclusiveToShared@CSpinLock@@QAEXXZ
?_Initialize@CLKRLinearHashTable@@AAE?AW4LK_RETCODE@@P6G?BKPBX@ZP6GKK@ZP6G_NKK@ZP6GX0H@ZPBDNK@Z
?ReadLock@CReaderWriterLock3@@QAEXXZ
mpMalloc
??1CLKRHashTable@@QAE@XZ
??4CReaderWriterLock2@@QAEAAV0@ABV0@@Z
?_InsertThisIntoGlobalList@CLKRHashTable@@AAEXXZ
?IsUnlocked@CLockedDoubleList@@QBE_NXZ
?IsUsable@CLKRHashTable@@QBE_NXZ
?IsValid@CLKRLinearHashTable@@QBE_NXZ

netapi32

I_NetlogonComputeClientDigest
DsEnumerateDomainTrustsW
I_NetServerAuthenticate3
NetReplExportDirLock
NetpCloseConfigData
NetGetDisplayInformationIndex
NetapipBufferAllocate
RxNetAccessAdd
DsGetDcOpenW
I_NetServerPasswordSet2
NlBindingAddServerToCache
DsAddressToSiteNamesExW
NetMessageNameGetInfo
NetErrorLogRead
NetGroupEnum
NetLocalGroupAddMember
NetUserGetInfo
NetpHexDump
NetGetJoinInformation
NetUserDel

kernel32

VirtualUnlock
CreateActCtxA
IsValidLocale
WritePrivateProfileStringA
GetLongPathNameW
UnhandledExceptionFilter
lstrcatA
InterlockedExchange
GetTempFileNameW
InitializeCriticalSection
LoadLibraryA
GetNumaProcessorNode
CmdBatNotification
DefineDosDeviceA
GetWriteWatch
DeactivateActCtx
VirtualAlloc
PrepareTape
FindNextFileA
GetComputerNameA
LocalShrink
GlobalGetAtomNameA

msvcrt

exit

Sections

.text
Size: 505KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 330KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d6ddeabd3284622a4097b0883a5e12b

Headers

DLL Characteristics

File Characteristics

Imports

msasn1

msdart

netapi32

kernel32

msvcrt

Sections

.text Size: 505KB - Virtual size: 504KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 330KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 348B

.text
Size: 505KB - Virtual size: 504KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 330KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 348B