e7bd1f0496aa21c7a2348304c2b1bc0edc2235ca67225f8ab6a0deaf317f30b9

Sharing

Copy URL

Twitter E-mail

General

Target

e7bd1f0496aa21c7a2348304c2b1bc0edc2235ca67225f8ab6a0deaf317f30b9
Size

41KB
MD5

0b2e6f6c60f4cc0973200cf38e31b81c
SHA1

0693b31d772be60f7362d6b704c38fd6f1c228ce
SHA256

e7bd1f0496aa21c7a2348304c2b1bc0edc2235ca67225f8ab6a0deaf317f30b9
SHA512

9f1886f79aafcd42d081d41178efac4e64bc6c63d507e977df6d1b8e164daf3685c3d1c5c0c75a595146c280d22981a2db80636403cfd1c4907da2b38974a023
SSDEEP

768:OtBI0QSCN/8Xpn7OUFJZMyUT7c+Nd5WFsDej/mR0v8KqnKh5/Y98n8p68W7jTQDH:OtBIq8wpn7OGZF+Nd5ksDu/25LcuOn85

Score

N/A

Malware Config

Signatures

Files

e7bd1f0496aa21c7a2348304c2b1bc0edc2235ca67225f8ab6a0deaf317f30b9
.exe windows x86

d6565b316e08d90d480c1ddfaecf9383

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateActCtxA
SwitchToFiber
GetFileAttributesExA
SetConsoleOutputCP
BaseCheckAppcompatCache
SetNamedPipeHandleState
GetNumberOfConsoleMouseButtons
TransactNamedPipe
GetPrivateProfileIntW
AddConsoleAliasW
DeviceIoControl
GlobalFindAtomW
HeapSize
GetSystemDefaultUILanguage
SetCalendarInfoA
IsValidLocale
WaitForDebugEvent
CreateHardLinkW
CreateHardLinkA
RegisterWaitForInputIdle
CommConfigDialogA
FreeResource
_lopen
VirtualAlloc
RtlUnwind
SetSystemPowerState
GetConsoleNlsMode
ReadFileScatter
FindFirstVolumeMountPointW
ReadConsoleInputExW
SetComputerNameExW
SetLastError
CreateThread
LoadLibraryA
FindActCtxSectionGuid
GetTapeParameters
GetACP
SetEvent
GetCurrentThread
SetConsoleCtrlHandler
GetModuleHandleA
GetComputerNameExA
SetLocaleInfoW
GlobalAlloc
GetMailslotInfo
GetStartupInfoA
CreateToolhelp32Snapshot
FindNextFileA
IsProcessorFeaturePresent
IsBadHugeReadPtr
GetModuleFileNameA
EnumCalendarInfoA
IsBadHugeWritePtr
GetCommProperties
GetDiskFreeSpaceA
FileTimeToDosDateTime
GetProfileStringA
GetTimeFormatW
SetFileValidData
VirtualQueryEx
CreateJobObjectA
GetEnvironmentStrings

samlib

SamGetCompatibilityMode
SamQueryDisplayInformation
SamQueryInformationDomain
SamOpenGroup
SamCloseHandle
SamQueryInformationGroup
SamConnectWithCreds
SamiEncryptPasswords
SamGetDisplayEnumerationIndex
SamLookupIdsInDomain
SamCreateAliasInDomain
SamSetInformationDomain
SamCreateUserInDomain
SamTestPrivateFunctionsDomain
SamGetAliasMembership
SamEnumerateGroupsInDomain
SamGetMembersInGroup
SamSetInformationAlias
SamRemoveMemberFromAlias
SamiSetBootKeyInformation
SamSetMemberAttributesOfGroup
SamAddMemberToAlias
SamLookupDomainInSamServer
SamOpenAlias
SamiChangeKeys

msvcrt

??1__non_rtti_object@@UAE@XZ
_daylight
_ultow
_wfindnext
_ui64tow
__p__wpgmptr
modf
fprintf
_snwscanf
??_V@YAXPAX@Z
_wcsupr
_wremove
_CIlog10
?_query_new_handler@@YAP6AHI@ZXZ
_mbsnbset
??1type_info@@UAE@XZ
fgetc
floor
_wexecl
_mbclen
??0bad_cast@@QAE@ABQBD@Z
__CxxQueryExceptionSize
_fcloseall
_mbsbtype
_findnext
exit
_strnicmp
wctomb
_mbslen
mbstowcs
_spawnlp
_wctime64
_wutime

user32

PostQuitMessage
RegisterClassA
DefWindowProcA

upnp

HrRehydratorCreateServiceObject
HrRehydratorInvokeServiceAction

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6565b316e08d90d480c1ddfaecf9383

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

samlib

msvcrt

user32

upnp

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 6KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB