bd8224b335cce817d65d2f36d669ba7ad399636814cc4d0042b37c9a9612d9eb

Sharing

Copy URL Twitter E-mail

General

Target

bd8224b335cce817d65d2f36d669ba7ad399636814cc4d0042b37c9a9612d9eb
Size

695KB
MD5

e17768497499d69bc97d08531f942135
SHA1

9fcddfa9fa7a4061a9546608886c45e6741fff2a
SHA256

bd8224b335cce817d65d2f36d669ba7ad399636814cc4d0042b37c9a9612d9eb
SHA512

2f53381a6f751d4a8c98025512d39a82e82cd22dad1c69eef4c694dbcbf81962df982dc9523e40dc49fd34df412f3fc18fe948679f60b7c6ebfcb4fa9bcd4cd3
SSDEEP

12288:7xdGknBSvoK/sjQ4UL7KoKOJiyc8/MVYHPo/:7VmoqsU2OJi7IHPG

Score

N/A

Malware Config

Signatures

Files

bd8224b335cce817d65d2f36d669ba7ad399636814cc4d0042b37c9a9612d9eb
.exe windows x86

a54e8965128709e7cb9d1fac7fedc573

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EnumResourceNamesA
GetOEMCP
CreateSemaphoreW
SetHandleInformation
CreateWaitableTimerA
GetSystemWindowsDirectoryW
VirtualAlloc
GetDiskFreeSpaceW
WaitCommEvent
MulDiv
ProcessIdToSessionId
lstrcpynA
LocalFree
DuplicateHandle
GetLongPathNameA
SetEvent
SetComputerNameExW
SetCommState
GetCommProperties

netapi32

I_NetServerReqChallenge
I_NetServerSetServiceBitsEx
Netbios
DsRoleFreeMemory
NetGroupAddUser
NetUserEnum
NetServerTransportEnum
NetLocalGroupEnum
NetFileClose
NetShareSetInfo
NetpwNameValidate
NetLocalGroupAddMembers
NetUserModalsSet
NetMessageBufferSend
NetUseDel
NetShareEnum

msvcrt

islower
_CIlog10
__crtCompareStringA
_ismbblead
strlen
_snwprintf
tolower

user32

DialogBoxParamW
GetClipboardData
GetTaskmanWindow
InvalidateRect
DrawFocusRect
DestroyCaret
SetCaretPos
SetCapture
PeekMessageW

advapi32

GetUserNameA
GetSecurityDescriptorDacl
RegFlushKey
SetSecurityDescriptorOwner
LsaRetrievePrivateData
CryptCreateHash
RegUnLoadKeyA
GetTraceLoggerHandle
RegCreateKeyExA
GetSidSubAuthority
TraceMessage
FreeEncryptionCertificateHashList

imagehlp

EnumerateLoadedModules64
ImageGetCertificateData
ImageLoad
SymInitialize
CheckSumMappedFile
ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa

userenv

GetAllUsersProfileDirectoryW
GetProfileType
GetUserProfileDirectoryW
ProcessGroupPolicyCompletedEx
LeaveCriticalPolicySection
UnregisterGPNotification
ForceSyncFgPolicy

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 170KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 351KB - Virtual size: 707KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a54e8965128709e7cb9d1fac7fedc573

Headers

File Characteristics

Imports

kernel32

netapi32

msvcrt

user32

advapi32

imagehlp

userenv

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 170KB - Virtual size: 300KB

.bss Size: 351KB - Virtual size: 707KB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 116B

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 170KB - Virtual size: 300KB

.bss
Size: 351KB - Virtual size: 707KB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 116B