cd062baf4cbe00f3fddf1370c0571a4d40dbbf0387b1e280f0d9ff5669f660f7

Sharing

Copy URL

Twitter E-mail

General

Target

cd062baf4cbe00f3fddf1370c0571a4d40dbbf0387b1e280f0d9ff5669f660f7
Size

828KB
MD5

44be5e68041bed1d44e7741f4327800f
SHA1

f1c2a9777b2db51ddd15987106ff7afceeaf0b55
SHA256

cd062baf4cbe00f3fddf1370c0571a4d40dbbf0387b1e280f0d9ff5669f660f7
SHA512

d555ef8e1c22ab3a5ff8e3e76cb1f54f61356051fd16bbd6d40453aea44c065c00b4b489874fe818ec4e64a4860c5ab1e2faf4ab1e886af36895f4db91469fff
SSDEEP

12288:sl7BPN2H4Shb3crCQa0/beK6gVrEZsWmUvGiPk6XIua2cGE9NuSkOzMOZWz:uNs3b33XZlMQzmUvhkBRGE/uSdzPC

Score

N/A

Malware Config

Signatures

Files

cd062baf4cbe00f3fddf1370c0571a4d40dbbf0387b1e280f0d9ff5669f660f7
.exe windows x86

b006bfb6e06da1ea62d4d03718c20983

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsValidAcl
LsaQueryInformationPolicy
WriteEncryptedFileRaw
LsaEnumeratePrivilegesOfAccount
RegReplaceKeyW
InitiateSystemShutdownA
LsaEnumerateTrustedDomainsEx
SystemFunction041
CryptContextAddRef

kernel32

SetComPlusPackageInstallStatus
IsValidCodePage
PeekNamedPipe
FindFirstFileExW
BackupRead
CreateMailslotW
SetCommState
UTRegister
SetProcessPriorityBoost
VirtualLock
GetCurrentThread
Heap32ListNext
TlsAlloc
CreateSemaphoreW
WriteConsoleOutputAttribute
SetCommTimeouts
GetModuleHandleW
GetLocaleInfoW
EnumResourceNamesA
GlobalGetAtomNameW
Beep
QueryPerformanceCounter
EnumTimeFormatsW
GetNumberFormatW
LoadLibraryW
SetTimerQueueTimer
FlushViewOfFile
GetCompressedFileSizeA
ReleaseMutex

user32

BroadcastSystemMessageExA
mouse_event
SetWindowsHookExA
BringWindowToTop
DdeConnect
ReasonCodeNeedsBugID
GetClassInfoExW
GetTabbedTextExtentW
UnhookWindowsHookEx
GetCursor
GetWindowDC
DdeFreeStringHandle
SetDeskWallpaper

dnsapi

DnsWriteQuestionToBuffer_W
DnsValidateName_A
DnsQueryExW
DnsNameCompare_UTF8
Dns_ParsePacketRecord
DnsValidateName_UTF8
Dns_GetRandomXid
DnsFreeConfigStructure
DnsDhcpSrvRegisterInit
DnsApiHeapReset
DnsApiSetDebugGlobals
Dns_ResetNetworkInfo
DnsGlobals
DnsApiFree
DnsValidateUtf8Byte
QueryDirectEx
DnsCopyStringEx
Dns_WriteQuestionToMessage
DnsNameCompareEx_A
DnsCreateReverseNameStringForIpAddress
DnsQueryConfigDword
DnsReplaceRecordSetA
DnsIpv6AddressToString
BreakRecordsIntoBlob
DnsAsyncRegisterInit
DnsWriteQuestionToBuffer_UTF8
DnsFlushResolverCache
DnsUpdateTest_W
DnsDowncaseDnsNameLabel
Dns_FindAuthoritativeZoneLib
DnsModifyRecordsInSet_UTF8
DnsRegisterClusterAddress
DnsUpdateTest_UTF8
DnsReleaseContextHandle
DnsNameCompareEx_UTF8
DnsQuery_UTF8
DnsIsAMailboxType
DnsAsyncRegisterHostAddrs

atmlib

ATMGetVersionExA
ATMFontAvailable
ATMGetFontBBox
ATMGetMenuNameA
ATMBBoxBaseXYShowText
ATMGetVersionExW
ATMAddFontW
ATMSetFlags
ATMGetNtmFields
ATMEnumFontsW
ATMBBoxBaseXYShowTextA
ATMEnumMMFonts
ATMFontStatusA
ATMSelectEncoding
ATMGetBuildStrW
ATMGetPostScriptNameW
ATMAddFontExW
ATMAddFontExA
ATMGetGlyphListW
ATMXYShowTextW
ATMEnumFonts
ATMXYShowTextA
ATMRemoveSubstFontA

ws2_32

WSAJoinLeaf
WSACancelAsyncRequest
send
getsockname
WSALookupServiceNextA
listen
WSApSetPostRoutine
WSARecv
WSASetEvent

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b006bfb6e06da1ea62d4d03718c20983

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

dnsapi

atmlib

ws2_32

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 148KB - Virtual size: 147KB

.reloc Size: 1024B - Virtual size: 848B

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 148KB - Virtual size: 147KB

.reloc
Size: 1024B - Virtual size: 848B