d738ac93cc0199ac90e8f973297f4a2449653cfd3bfad23ef2ebb1e04a4758ba

Sharing

Copy URL

Twitter E-mail

General

Target

d738ac93cc0199ac90e8f973297f4a2449653cfd3bfad23ef2ebb1e04a4758ba
Size

792KB
MD5

6488d1a1ef5b3d0be4f7700a956412c0
SHA1

0dd54e6bb42d75f390785f1c1c7b6d8367ed3f5c
SHA256

d738ac93cc0199ac90e8f973297f4a2449653cfd3bfad23ef2ebb1e04a4758ba
SHA512

4648cd74ca29cff97cf34b2b5c9fe59afdf7ce36582041e012a3d3100023fa0e21075bf68daf024fa935b6c31f1f38cb61d763dd072961f679baa118b33a996c
SSDEEP

24576:zL0PKPDAe44DLwtVL54olRolaImjtUATC0:MPK7K14olRo0TGwb

Score

N/A

Malware Config

Signatures

Files

d738ac93cc0199ac90e8f973297f4a2449653cfd3bfad23ef2ebb1e04a4758ba
.exe windows x86

0718780f2a0f32479ab2bb61b0ea5c8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

ElfReportEventW
QueryUsersOnEncryptedFile
AddAuditAccessAceEx
AreAllAccessesGranted
StartTraceW
AreAnyAccessesGranted
RegQueryMultipleValuesA
WmiCloseBlock
EnumDependentServicesA
LsaFreeMemory
WmiQuerySingleInstanceW
InitializeSid
PrivilegeCheck
RegEnumValueA

msvcrt

__RTDynamicCast
iswdigit
_tempnam
_fmode
bsearch
_ismbcalpha
_stricmp
_waccess
__mb_cur_max
vfprintf
_filelengthi64
_endthread
_wgetenv
_errno
_mbsrev

kernel32

EnumSystemLocalesW
SetConsoleCtrlHandler
GlobalFindAtomW
DuplicateHandle
SetConsoleMode
GetBinaryType
VirtualAlloc
GetDiskFreeSpaceW
SetFileTime
LockFile
CreateProcessW
AreFileApisANSI
CreateToolhelp32Snapshot
ConvertDefaultLocale

rasapi32

RasGetCustomAuthDataW
RasEnumConnectionsW
RasGetSubEntryPropertiesW
RasGetConnectStatusW
RasGetHport
RasGetEntryPropertiesW

netapi32

NetUserGetInfo
NetServerTransportEnum
NetGroupSetInfo
NetGroupGetInfo
NetLocalGroupAdd
NetGroupAdd
NetUserAdd
NetUserEnum
NetWkstaTransportEnum
Netbios
NetUseAdd
NetServiceInstall
NetUseDel
NetLocalGroupAddMember
NetUserModalsGet

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uRuN
Size: 206KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wuf
Size: 136KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nWuN
Size: 273KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0718780f2a0f32479ab2bb61b0ea5c8f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

kernel32

rasapi32

netapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.uRuN Size: 206KB - Virtual size: 345KB

.wuf Size: 136KB - Virtual size: 238KB

.nWuN Size: 273KB - Virtual size: 343KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 512B - Virtual size: 38B

.text
Size: 101KB - Virtual size: 100KB

.uRuN
Size: 206KB - Virtual size: 345KB

.wuf
Size: 136KB - Virtual size: 238KB

.nWuN
Size: 273KB - Virtual size: 343KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 512B - Virtual size: 38B