ddbd478cffef118a3c7c0b5bf771a583ac99b67027f48464cf6c598bfa64b12a

General

Target

ddbd478cffef118a3c7c0b5bf771a583ac99b67027f48464cf6c598bfa64b12a
Size

46KB
MD5

3d5aee004a5f51b677dbf977c825de0e
SHA1

e6c57715d465c8687f99116b3bedc93e451e0653
SHA256

ddbd478cffef118a3c7c0b5bf771a583ac99b67027f48464cf6c598bfa64b12a
SHA512

f9b78d371f878a9be3c1631d1c562bd833b79871cdb39e5c3d86949c4f793fe21d39aba88b0a1ae67b8889be698b4f28c6eca4ebff73ab2219c704632b66ac7b
SSDEEP

768:lLP48N0nOQ/OryEccwXnGHDMxwjbOe8STf0lXdeDn:lLPiOQWylcWGHDKpeH0n4n

Score

N/A

Malware Config

Signatures

Files

ddbd478cffef118a3c7c0b5bf771a583ac99b67027f48464cf6c598bfa64b12a
.exe windows x86

aeaa78f2003c83e23ab40e3251ea309a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetLogonNotify
WNetCloseEnum
WNetSetConnectionW
WNetLogonNotify
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetCloseEnum
WNetCloseEnum
WNetLogonNotify
WNetLogonNotify

kernel32

LoadLibraryExA
WriteProcessMemory
LoadLibraryExW
WaitForSingleObject
SleepEx
CreateFileA
WriteProcessMemory
CreateFileA
LoadLibraryExW
LoadLibraryExA
WaitForSingleObject
GetSystemTime
ReleaseMutex
GetSystemTimeAsFileTime
ReleaseMutex
VirtualProtect
LoadLibraryA
VirtualProtectEx
LoadLibraryA
SleepEx
LoadLibraryA
LoadLibraryA
WaitForSingleObject
GetSystemTimeAsFileTime
GetSystemTimeAsFileTime
LoadLibraryExW
LoadLibraryA
CreateProcessA
LoadLibraryA
CreateProcessW
GetProcAddress
LoadLibraryA
VirtualProtect
GetProfileIntW
GetBinaryTypeW
WriteProcessMemory
GetSystemTime
CreateProcessA
LoadLibraryA
CreateProcessW
VirtualProtect
CreateProcessA
CreateProcessW
VirtualProtectEx
LoadLibraryExW
ReadFile
LoadLibraryA
ReleaseMutex
LoadLibraryA
VirtualProtectEx
VirtualProtectEx
ReadProcessMemory
LoadLibraryExA
TerminateProcess
CreateProcessA
SleepEx
LoadLibraryExA
CreateFileA
GetStartupInfoW
VirtualProtectEx
VirtualProtectEx
VirtualProtect
GetStartupInfoA
CreateProcessW
CreateProcessA

Sections

.text
Size: 6KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ZV2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

AlD
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeaa78f2003c83e23ab40e3251ea309a

Headers

File Characteristics

Imports

mpr

kernel32

Sections

.text Size: 6KB - Virtual size: 1024KB

.data Size: 4KB - Virtual size: 8KB

ZV2 Size: 2KB - Virtual size: 4KB

AlD Size: 2KB - Virtual size: 4KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 6KB - Virtual size: 1024KB

.data
Size: 4KB - Virtual size: 8KB

ZV2
Size: 2KB - Virtual size: 4KB

AlD
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 30KB - Virtual size: 29KB