ebbaba89e4cf90f3feff7e84919b781c6ca3f14e27c0bd28e6fb7d0494da0619

Sharing

Copy URL

Twitter E-mail

General

Target

ebbaba89e4cf90f3feff7e84919b781c6ca3f14e27c0bd28e6fb7d0494da0619
Size

1.0MB
MD5

43714ee344fe37b8efa1edb7778c8367
SHA1

9c16e491f36ebe73ea296634b555dcee6b6ddb17
SHA256

ebbaba89e4cf90f3feff7e84919b781c6ca3f14e27c0bd28e6fb7d0494da0619
SHA512

97ac3e6cbbcb4d5fd75f1ae2a17f796780155187924f57107339c11a0668d0db4b8ce7c1134e17827c66d0735b89933cc4c7ce1e6a4e91a6ad16054c379c08a0
SSDEEP

24576:Bb5bBGipJ3GjXfxpdIMRXGcBckT39iNoqIdoFd:BNbBGUZgfndP1GHW9iNom

Score

N/A

Malware Config

Signatures

Files

ebbaba89e4cf90f3feff7e84919b781c6ca3f14e27c0bd28e6fb7d0494da0619
.exe windows x86

e2c83c8b9fba2e8aaf6676281408b92e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WaitForMultipleObjects
GetConsoleMode
CreateSemaphoreA
CreateFileMappingW
GetFileSize
AddAtomW
WaitForSingleObject
GetSystemDefaultLangID
CreateHardLinkW
GetPrivateProfileSectionA
BeginUpdateResourceW
GetUserDefaultUILanguage
FlushFileBuffers
VirtualAlloc

secur32

LsaDeregisterLogonProcess
LsaCallAuthenticationPackage
LsaFreeReturnBuffer
LsaUnregisterPolicyChangeNotification
LsaRegisterPolicyChangeNotification
GetUserNameExW
QuerySecurityContextToken
DecryptMessage
LsaLogonUser
LsaRegisterLogonProcess
LsaGetLogonSessionData
InitializeSecurityContextW
QueryContextAttributesW
LsaConnectUntrusted
AcquireCredentialsHandleW
GetComputerObjectNameW

netapi32

NetGroupAdd
NetShareCheck
NetWkstaUserGetInfo
NetShareGetInfo
NetUseEnum
NetpwNameValidate
NetShareAdd
NetSessionEnum
DsGetDcNameW
NetQueryDisplayInformation
NetLocalGroupDel
NetRegisterDomainNameChangeNotification
DsGetSiteNameW
NetLocalGroupDelMembers
DsGetDcNameWithAccountW
NetpwPathType

comctl32

PropertySheetW
InitCommonControlsEx
DestroyPropertySheetPage
CreateStatusWindowW
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Create
_TrackMouseEvent
PropertySheetA
ImageList_DragMove
ImageList_GetIconSize
ImageList_DragLeave
CreateStatusWindowA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Oh
Size: 459KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsh
Size: 406KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2c83c8b9fba2e8aaf6676281408b92e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

secur32

netapi32

comctl32

Sections

.text Size: 44KB - Virtual size: 43KB

.Oh Size: 459KB - Virtual size: 715KB

.lsh Size: 406KB - Virtual size: 642KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 512B - Virtual size: 30B

.text
Size: 44KB - Virtual size: 43KB

.Oh
Size: 459KB - Virtual size: 715KB

.lsh
Size: 406KB - Virtual size: 642KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 512B - Virtual size: 30B