376c6c29adcd4d5736b49ac2e6dc774ac520dbaf29d0d3e91aee21b0a37eb475

Sharing

Copy URL Twitter E-mail

General

Target

376c6c29adcd4d5736b49ac2e6dc774ac520dbaf29d0d3e91aee21b0a37eb475
Size

888KB
MD5

8633d696a78521453214540f625d94d0
SHA1

50100b312722495eaf294f0a2ba3b4386364b663
SHA256

376c6c29adcd4d5736b49ac2e6dc774ac520dbaf29d0d3e91aee21b0a37eb475
SHA512

0ff8d674fb4e49e9e5d0183d3eaba5fc26b3f1afebf36b76c41dbe3214985458a52b96bea7db2b676e38da0a434b6fb2272eea0b13fc7463174acfaa7b71ab98
SSDEEP

24576:aOZTrtkkGG+hFd9Z07e9AreU9GlMGxuVbfPH4VeZUMN//:aiPEzh9ZOKU9/GEAVAUM/

Score

N/A

Malware Config

Signatures

Files

376c6c29adcd4d5736b49ac2e6dc774ac520dbaf29d0d3e91aee21b0a37eb475
.exe windows x86

1c677af017b3b19a1488f70e70419c37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetLocalGroupGetInfo
NetUseDel
NetWkstaGetInfo
NetLocalGroupSetInfo
NetSessionDel
NetGroupSetInfo
NetGetJoinableOUs
NetMessageBufferSend
NetShareDel
NetLocalGroupGetMembers
DsGetDcNameWithAccountW
NetUserChangePassword
NetGroupGetUsers

advapi32

CheckTokenMembership
CreateRestrictedToken
GetSecurityDescriptorDacl
LsaOpenPolicy
AddAuditAccessAce
LsaNtStatusToWinError
SetTokenInformation
GetServiceDisplayNameA
RegCreateKeyExW
CryptEnumProvidersA
ImpersonateNamedPipeClient
RegEnumKeyW
RegSetValueW
RegSetValueExW
GetNamedSecurityInfoW
GetSecurityDescriptorGroup
AbortSystemShutdownW
RegFlushKey
AreAnyAccessesGranted
OpenSCManagerA
RegisterServiceCtrlHandlerW
LsaFreeMemory

comctl32

ImageList_Add
ImageList_Create
PropertySheetA
ImageList_GetIcon
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_DragLeave
ImageList_SetBkColor
CreateStatusWindowW
ImageList_DrawEx
DestroyPropertySheetPage
ImageList_Remove
ImageList_DragMove
ImageList_Draw
InitCommonControls

kernel32

GetDriveTypeA
ReadFile
GetQueuedCompletionStatus
FreeLibrary
GetSystemTimeAsFileTime
GetDiskFreeSpaceExW
SetConsoleOutputCP
FindCloseChangeNotification
OpenMutexA
InitializeCriticalSection
GlobalFree
GlobalReAlloc
FatalExit
VirtualAlloc
GetPrivateProfileStructW
SetConsoleKeyShortcuts
LoadResource

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DZbi
Size: 664KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c677af017b3b19a1488f70e70419c37

Headers

File Characteristics

Imports

netapi32

advapi32

comctl32

kernel32

Sections

.text Size: 50KB - Virtual size: 50KB

.DZbi Size: 664KB - Virtual size: 1.0MB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 514B

.text
Size: 50KB - Virtual size: 50KB

.DZbi
Size: 664KB - Virtual size: 1.0MB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 514B