100528a8eba9bb2f7a407b3fd66f6b4c4c7c57d40a3760e97e2f0d1cce2726d0

Sharing

Copy URL Twitter E-mail

General

Target

100528a8eba9bb2f7a407b3fd66f6b4c4c7c57d40a3760e97e2f0d1cce2726d0
Size

821KB
MD5

b4e03ba747338ec1ec2fb10813fdcb60
SHA1

70662e61d0edd1f7bfb9f710bc6b36cc6efacef3
SHA256

100528a8eba9bb2f7a407b3fd66f6b4c4c7c57d40a3760e97e2f0d1cce2726d0
SHA512

f2965bee85bf8ab218767f08de84fff1b964d70fbfe8cfb576f974b9592bfe044c64edd20af01957ef610f0d8c2572d053d2250ebcf3a3bb1db1f8c9f6d4c840
SSDEEP

24576:1y6Pv7ql7r3NWcTLZjBdreZhDjf9rrYQ:1yCvYpTLZ0JJrkQ

Score

N/A

Malware Config

Signatures

Files

100528a8eba9bb2f7a407b3fd66f6b4c4c7c57d40a3760e97e2f0d1cce2726d0
.exe windows x86

bd7d9b36bba9528596016770c635390c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetMailslotInfo
WriteFile
EnumResourceNamesA
lstrcatW
GetLogicalDrives
VirtualAlloc
ReadProcessMemory
WritePrivateProfileStructA
GetLogicalDriveStringsW
RtlUnwind
ResumeThread
GetSystemDefaultLangID
GetThreadLocale
CreateConsoleScreenBuffer
GlobalDeleteAtom
ConnectNamedPipe
GetVolumeNameForVolumeMountPointA

netapi32

NetUnregisterDomainNameChangeNotification
NetShareAdd
DsEnumerateDomainTrustsW
NetFileGetInfo
NetApiBufferFree
NetUserModalsSet
NetShareEnum
NetUseEnum
NetLocalGroupGetInfo
DsGetDcNameWithAccountW
NetLocalGroupDelMembers

rtutils

TraceDumpExA
TracePrintfExA
RouterLogEventDataA
TracePrintfExW
TraceDeregisterExA
RouterLogEventStringW
TraceVprintfExA
MprSetupProtocolFree

advapi32

ChangeServiceConfig2W
GetCurrentHwProfileA
RegSetKeySecurity
ImpersonateSelf
GetSidIdentifierAuthority
EqualPrefixSid
RegQueryMultipleValuesA
SetThreadToken
RegSetValueExA
ObjectCloseAuditAlarmW
GetTokenInformation

imagehlp

ImageUnload
ImageRvaToSection
ImageLoad
SymInitialize
ImageRvaToVa
ImageNtHeader
ImageDirectoryEntryToData
CheckSumMappedFile
ImageGetCertificateData
SymSetOptions

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 405KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7d9b36bba9528596016770c635390c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

netapi32

rtutils

advapi32

imagehlp

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 285KB - Virtual size: 417KB

.tls Size: 405KB - Virtual size: 692KB

.rsrc Size: 102KB - Virtual size: 101KB

.reloc Size: 512B - Virtual size: 272B

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 285KB - Virtual size: 417KB

.tls
Size: 405KB - Virtual size: 692KB

.rsrc
Size: 102KB - Virtual size: 101KB

.reloc
Size: 512B - Virtual size: 272B