b96bbbb2ad8ca402413ca4096fff8d264b903007e7860ff4e8e27248aef7aef0

Sharing

Copy URL Twitter E-mail

General

Target

b96bbbb2ad8ca402413ca4096fff8d264b903007e7860ff4e8e27248aef7aef0
Size

41KB
MD5

c05880ae346b4f65150ac633d212a733
SHA1

d79c39ec37750261cc2f05d487e585ab7c6a5a97
SHA256

b96bbbb2ad8ca402413ca4096fff8d264b903007e7860ff4e8e27248aef7aef0
SHA512

58f409a799edb93a7c60f4c566b1716d03113f3532337d1bf41f293441b9ae83470a4cb7ef16ad69429f71c8d1320cb4d8ed93afe15d3b20fafc3b5c1ecb824b
SSDEEP

768:k5k4Z9B8Pr5ZR7JiyYFyVc3wGiSFMzVOer1kaDZzhES7:kNnB8Pr5rJ/YYc3wGiSmzVOykaDn3

Score

N/A

Malware Config

Signatures

Files

b96bbbb2ad8ca402413ca4096fff8d264b903007e7860ff4e8e27248aef7aef0
.exe windows x86

635f902a4be5e687ad0b1952383f09b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

scecli

SceSvcConvertTextToSD
SceGetTimeStamp
SceSetupRootSecurity
SceIsSystemDatabase
SceRegisterRegValues
SceConfigureConvertedFileSecurity
SceAppendSecurityProfileInfo
SceGenerateGroupPolicy
SceLookupPrivRightName
SceGetServerProductType
SceSetupMoveSecurityFile
SceUpdateObjectInfo
SceSetupUnwindSecurityFile
SceSvcGetInformationTemplate
SceNotifyPolicyDelta
SceGetAnalysisAreaSummary
SceGetAreas
SceOpenProfile
SceProcessSecurityPolicyGPOEx
SceSetupConfigureServices
SceSysPrep
SceGetDbTime
SceDcPromoCreateGPOsInSysvol
SceRollbackTransaction
InitializeChangeNotify
SceFreeProfileMemory
SceStartTransaction
SceCloseProfile
SceAddToNameList
SceSvcConvertSDToText

kernel32

WriteConsoleOutputW
SetThreadExecutionState
GetModuleHandleExA
LoadLibraryW
GetConsoleAliasA
LocalFree
AllocateUserPhysicalPages
GetSystemTime
RemoveDirectoryA
DosPathToSessionPathA
Process32NextW
SetHandleInformation
GetConsoleCharType
GetConsoleScreenBufferInfo
FindFirstFileExW
GetOEMCP
CreateMailslotW
BaseUpdateAppcompatCache
CreateWaitableTimerW
GetComPlusPackageInstallStatus
GetModuleHandleA
QueueUserAPC
GetTempPathW
GetLongPathNameA
DeleteFileW
SetComputerNameW
WaitForSingleObjectEx
GetPrivateProfileSectionW
CreateDirectoryA
MoveFileWithProgressW
LocalUnlock
GetFileAttributesW
SetStdHandle
FatalExit
FlushInstructionCache
UnlockFileEx
ChangeTimerQueueTimer
IsBadStringPtrA
SetLocalPrimaryComputerNameA
ReadConsoleInputExW

shlwapi

SHRegGetUSValueA
PathCompactPathW
UrlGetPartW
StrRetToStrA
SHLoadIndirectString
SHDeleteValueA
SHDeleteOrphanKeyA
PathSetDlgItemPathW
SHQueryInfoKeyA
StrRChrW
PathCanonicalizeW

crtdll

_mbctolower
_dup2
_abnormal_termination
strerror
strspn
_CItan
_ismbstrail
isupper
_tempnam
isspace
__fpecode
_loaddll
ceil
sscanf
_chsize
log10
wcstod
_ismbcl0
strstr

msvcrt

_CItanh
_wfsopen
_ismbbkprint
_utime64
__p__commode
__getmainargs
_fpclass
_vsnprintf
_getwche
_strcmpi
__set_app_type
__crtLCMapStringW
exit
_cabs

netapi32

DsGetDcSiteCoverageW
NetShareCheck
NetAlertRaise
NetLocalGroupAddMember
I_NetLogonUasLogoff
NetServerGetInfo
I_NetAccountDeltas
NetRenameMachineInDomain
DsAddressToSiteNamesW
NetUserAdd
NetLocalGroupAdd
NetLocalGroupSetInfo
NetReplImportDirGetInfo
I_NetLogonControl2
I_NetDfsGetVersion
DsValidateSubnetNameW
NetLocalGroupDelMember
NetQueryDisplayInformation
NetUserModalsSet
NetDfsEnum
NetWkstaTransportAdd

rasapi32

RasFreeEapUserIdentityA
RasGetProjectionInfoA
RasEnumDevicesW
RasSetEntryDialParamsW
RasScriptGetIpAddress
RasHangUpA
RasGetCustomAuthDataW
RasGetEntryPropertiesW
RasEnumDevicesA

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

635f902a4be5e687ad0b1952383f09b3

Headers

DLL Characteristics

File Characteristics

Imports

scecli

kernel32

shlwapi

crtdll

msvcrt

netapi32

rasapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 160B

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 160B

.rsrc
Size: 4KB - Virtual size: 4KB