de9d2aeb71021eb02c0c4b8379394003d044c3e51a580c93610a51c7878f8e1b

Sharing

Copy URL Twitter E-mail

General

Target

de9d2aeb71021eb02c0c4b8379394003d044c3e51a580c93610a51c7878f8e1b
Size

1022KB
MD5

8c457880dbc8388aab9bbaa00bc8c4b0
SHA1

0781053175d007aade96847d1cb6a8190daee9b9
SHA256

de9d2aeb71021eb02c0c4b8379394003d044c3e51a580c93610a51c7878f8e1b
SHA512

3f3806bc78326e763cbc5d9ec844851ea8a925079d2b1cc1782ea6688ccabced4be1e591e3403b09db087a9bfbf67acd764306d521bc68f0052bcb55039b6e73
SSDEEP

12288:Hm5f44BbBW0DFaTg/PQJA7Xn7RYljpuaRlCV1PbGnV6SSUxLMTV3z2EiW9VoPm8F:u80DwTg/uAT7RCpbQ1iVzxLMTV3GQ98

Score

N/A

Malware Config

Signatures

Files

de9d2aeb71021eb02c0c4b8379394003d044c3e51a580c93610a51c7878f8e1b
.exe windows x86

84dd5ea452898239d636129bff55e291

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ulib

??0FLAG_ARGUMENT@@QAE@XZ
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Stricmp@WSTRING@@SGHPAG0@Z
?DeleteChAt@WSTRING@@QAEXKK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
?HasWildCard@PATH@@QBEEXZ
?IsValueSet@ARGUMENT@@QAEEXZ
??1ARRAY@@UAE@XZ
??0TIMEINFO@@QAE@XZ
?Initialize@PATH@@QAEEPBV1@E@Z
??0DSTRING@@QAE@XZ
?QueryCurrentDosDriveName@SYSTEM@@SGEPAVWSTRING@@@Z
?QueryWCExpansion@PATH@@QAEPAV1@PAV1@@Z
??0PROGRAM@@IAE@XZ

advapi32

WmiOpenBlock
PrivilegeCheck
LsaSetDomainInformationPolicy
CreateServiceA
ReadEncryptedFileRaw
GetNamedSecurityInfoW
AccessCheck
EnumServiceGroupW
CryptDestroyHash
RegisterEventSourceW

kernel32

CreateHardLinkW
GetMailslotInfo
VirtualAlloc
WaitForMultipleObjects
SetVDMCurrentDirectories
BeginUpdateResourceW
CreateSemaphoreA
GetConsoleMode
GetLogicalDriveStringsA
WaitForSingleObject
AddAtomW
SetConsoleDisplayMode
GetFileSize
ChangeTimerQueueTimer
GetPrivateProfileSectionA
FlushFileBuffers

netapi32

DsGetDcNameWithAccountW
NetShareAdd
NetErrorLogRead
NetGroupAdd
NetQueryDisplayInformation
NetLocalGroupDelMembers
NetLocalGroupDel
DsGetDcNameW
NetSessionEnum
NetShareGetInfo
DsGetSiteNameW
NetUseEnum
NetpwNameValidate
NetWkstaUserGetInfo
NetRegisterDomainNameChangeNotification
NetpwPathType

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
InitCommonControlsEx
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetDragImage
ImageList_Read

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Oh
Size: 177KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsh
Size: 215KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QqUoE
Size: 243KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ue
Size: 124KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84dd5ea452898239d636129bff55e291

Headers

DLL Characteristics

File Characteristics

Imports

ulib

advapi32

kernel32

netapi32

comctl32

Sections

.text Size: 125KB - Virtual size: 124KB

.Oh Size: 177KB - Virtual size: 293KB

.lsh Size: 215KB - Virtual size: 337KB

.QqUoE Size: 243KB - Virtual size: 302KB

.Ue Size: 124KB - Virtual size: 240KB

.rsrc Size: 135KB - Virtual size: 134KB

.reloc Size: 1024B - Virtual size: 978B

.text
Size: 125KB - Virtual size: 124KB

.Oh
Size: 177KB - Virtual size: 293KB

.lsh
Size: 215KB - Virtual size: 337KB

.QqUoE
Size: 243KB - Virtual size: 302KB

.Ue
Size: 124KB - Virtual size: 240KB

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 1024B - Virtual size: 978B