eef8bd75e93d7db38c56760976e91d3b4d4b366a409af98c4bc10685ee467f3d

Sharing

Copy URL Twitter E-mail

General

Target

eef8bd75e93d7db38c56760976e91d3b4d4b366a409af98c4bc10685ee467f3d
Size

740KB
MD5

3d34728643e4acaed1a919d41115f660
SHA1

d46720cfffa321c7bf4d837e01d36f971e68eb3b
SHA256

eef8bd75e93d7db38c56760976e91d3b4d4b366a409af98c4bc10685ee467f3d
SHA512

8e46a2c8cee7105ba719c0c21da96bbc8cf43e4c87a1db1ce94952610527585e4ff0c6874c1780ed844889251fae57ec438a92f4017849441623364daf4c1ce4
SSDEEP

12288:LBpgFzL6eecQ9g13g3yDuu5wfsH6XSIBIfDZWDORiXFxzRMP/NPIusUu3I3Loox:L+Wigg98/u5wfS6XPBI7IDOEXFf0/nso

Score

N/A

Malware Config

Signatures

Files

eef8bd75e93d7db38c56760976e91d3b4d4b366a409af98c4bc10685ee467f3d
.exe windows x86

997b914f42b08de3d085b248e9e2dcab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetStatisticsGet
NetUserDel
NetServiceEnum
NetUserGetInfo
NetGroupSetInfo
NetRenameMachineInDomain
NetUserSetInfo
NetUseAdd
NetShareEnum
NetUseDel
NetFileEnum
NetServiceInstall
NetUserGetGroups
DsEnumerateDomainTrustsW
NetpwPathType
DsRoleGetPrimaryDomainInformation
NetApiBufferAllocate
NetLocalGroupGetMembers

msvcrt

setvbuf
_mbspbrk
tolower
fopen
_strupr
wcscat
_wcsicoll
_wcmdln
rename
_strnicmp
mktime
_wopen
_i64toa
_wcsdup
sscanf
_wstrtime
_getmbcp
_getcwd

cfgmgr32

CM_Locate_DevNode_ExW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Next_Res_Des_Ex
CM_Get_Device_ID_Size
CM_Get_DevNode_Status
CM_Get_Sibling
CM_Set_HW_Prof_Flags_ExW
CM_Disconnect_Machine
CM_Get_HW_Prof_Flags_ExW
CM_Get_Device_ID_List_ExW
CM_Get_Child
CM_Get_Class_Name_ExW
CM_Open_Class_Key_ExW
CM_Get_Device_Interface_List_Size_ExW
CM_Get_Parent
CM_Get_Res_Des_Data_Size_Ex
CM_Get_DevNode_Status_Ex
CM_Enumerate_Classes_Ex
CM_Free_Log_Conf_Handle
CM_Get_Device_IDW
CM_Get_Device_ID_List_Size_ExW
CM_Open_DevNode_Key_Ex
CM_Get_Device_ID_ExW
CM_Get_DevNode_Registry_Property_ExW
CM_Locate_DevNodeW
CM_Get_First_Log_Conf_Ex
CM_Free_Res_Des_Handle
CM_Get_Device_Interface_List_ExW
CM_Get_Hardware_Profile_Info_ExW
CMP_WaitNoPendingInstallEvents
CM_Connect_MachineW
CM_Get_Parent_Ex

kernel32

LoadLibraryExA
GetThreadTimes
lstrcmpW
SetFileTime
SetThreadAffinityMask
FindNextVolumeW
CreateEventW
ReleaseMutex
ExpandEnvironmentStringsA
VerLanguageNameA
SetProcessAffinityMask
VirtualAlloc
UpdateResourceW
CreateMutexW
WriteConsoleOutputCharacterA
GetTempFileNameW
GetLastError
GlobalFindAtomW

winspool.drv

GetJobA
EnumPrintProcessorsW
AddPortW
FindFirstPrinterChangeNotification
DocumentPropertiesW
GetJobW
SetJobW
EnumPrinterDataExW
StartDocPrinterW
DeleteMonitorW
EnumFormsW
DeletePrinter
WritePrinter
DeviceCapabilitiesA
EnumJobsW
DeleteFormW
DocumentPropertySheets
GetPrinterA
GetPrinterDataExW
EnumPrintersA
DeletePrinterDataW
XcvDataW
AddPrinterW
AddMonitorW
OpenPrinterW
EndPagePrinter
SetPrinterDataExW
GetPrinterDataW
ClosePrinter

winmm

midiOutCacheDrumPatches
waveInOpen
mixerGetLineInfoA
mciGetErrorStringW
mmioSeek
waveInMessage
waveInGetDevCapsW
midiStreamOpen
waveInGetPosition
waveInGetDevCapsA
midiStreamPosition
PlaySoundW

user32

UpdateLayeredWindow
ScrollWindowEx
HideCaret
UnregisterDeviceNotification
PostThreadMessageA
DrawIconEx
LoadStringW
UnhookWindowsHookEx
SetCursorPos
SetWindowLongW
CreateDialogParamA
TranslateAcceleratorA
MenuItemFromPoint
wvsprintfW
BlockInput
CheckDlgButton
OpenIcon
SetMenuItemInfoW
SetWindowLongA
OemToCharBuffA
DefFrameProcA
CreateWindowExA
GetCursorPos
PrivateExtractIconsW
DialogBoxIndirectParamA
EnumWindows
SendMessageTimeoutA
DestroyCaret
SystemParametersInfoW
CharToOemBuffW
GetDlgItemTextW
TrackMouseEvent
mouse_event
SetDlgItemTextW
LoadImageW
AppendMenuW
SetActiveWindow
GetWindowDC
SendMessageA
CharUpperBuffW
SendNotifyMessageA
PrivateExtractIconExW
LoadKeyboardLayoutA
UserRealizePalette
CharUpperA
OpenWindowStationA
LoadLocalFonts
EnumChildWindows

crypt32

CertAddEncodedCertificateToStore

Sections

.text
Size: 13KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 167KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CRT
Size: 170KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 162KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

997b914f42b08de3d085b248e9e2dcab

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

msvcrt

cfgmgr32

kernel32

winspool.drv

winmm

user32

crypt32

Sections

.text Size: 13KB - Virtual size: 443KB

BSS Size: 167KB - Virtual size: 354KB

CRT Size: 170KB - Virtual size: 322KB

DATA Size: 162KB - Virtual size: 253KB

.rsrc Size: 226KB - Virtual size: 225KB

.reloc Size: 1024B - Virtual size: 460B

.text
Size: 13KB - Virtual size: 443KB

BSS
Size: 167KB - Virtual size: 354KB

CRT
Size: 170KB - Virtual size: 322KB

DATA
Size: 162KB - Virtual size: 253KB

.rsrc
Size: 226KB - Virtual size: 225KB

.reloc
Size: 1024B - Virtual size: 460B