d27e6b919a17ece1c2e7506761ddcb5bc5fb687fa794486e806133acc4e9b559

Sharing

Copy URL Twitter E-mail

General

Target

d27e6b919a17ece1c2e7506761ddcb5bc5fb687fa794486e806133acc4e9b559
Size

792KB
MD5

36fb06c68b0735bc3cc0df632f486240
SHA1

b6d7b8a08ca9c1f4c5cc278e60ed61767ca2616f
SHA256

d27e6b919a17ece1c2e7506761ddcb5bc5fb687fa794486e806133acc4e9b559
SHA512

9a998fbc9189208bf75caeb9f33c29c16ff672f097e5b51701725d8ec60d8af4ff804499e4dba46b14d299d6614a296037e7739fd88873c8cedaf9fb4ad5ba30
SSDEEP

24576:LL0PKPDAe44DLwtVL54olRolaImjtUATC0:EPK7K14olRo0TGwb

Score

N/A

Malware Config

Signatures

Files

d27e6b919a17ece1c2e7506761ddcb5bc5fb687fa794486e806133acc4e9b559
.exe windows x86

0718780f2a0f32479ab2bb61b0ea5c8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

ElfReportEventW
QueryUsersOnEncryptedFile
AddAuditAccessAceEx
AreAllAccessesGranted
StartTraceW
AreAnyAccessesGranted
RegQueryMultipleValuesA
WmiCloseBlock
EnumDependentServicesA
LsaFreeMemory
WmiQuerySingleInstanceW
InitializeSid
PrivilegeCheck
RegEnumValueA

msvcrt

__RTDynamicCast
iswdigit
_tempnam
_fmode
bsearch
_ismbcalpha
_stricmp
_waccess
__mb_cur_max
vfprintf
_filelengthi64
_endthread
_wgetenv
_errno
_mbsrev

kernel32

EnumSystemLocalesW
SetConsoleCtrlHandler
GlobalFindAtomW
DuplicateHandle
SetConsoleMode
GetBinaryType
VirtualAlloc
GetDiskFreeSpaceW
SetFileTime
LockFile
CreateProcessW
AreFileApisANSI
CreateToolhelp32Snapshot
ConvertDefaultLocale

rasapi32

RasGetCustomAuthDataW
RasEnumConnectionsW
RasGetSubEntryPropertiesW
RasGetConnectStatusW
RasGetHport
RasGetEntryPropertiesW

netapi32

NetUserGetInfo
NetServerTransportEnum
NetGroupSetInfo
NetGroupGetInfo
NetLocalGroupAdd
NetGroupAdd
NetUserAdd
NetUserEnum
NetWkstaTransportEnum
Netbios
NetUseAdd
NetServiceInstall
NetUseDel
NetLocalGroupAddMember
NetUserModalsGet

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uRuN
Size: 206KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wuf
Size: 136KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nWuN
Size: 273KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0718780f2a0f32479ab2bb61b0ea5c8f

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

msvcrt

kernel32

rasapi32

netapi32

Sections

.text Size: 101KB - Virtual size: 100KB

.uRuN Size: 206KB - Virtual size: 345KB

.wuf Size: 136KB - Virtual size: 238KB

.nWuN Size: 273KB - Virtual size: 343KB

.rsrc Size: 74KB - Virtual size: 73KB

.reloc Size: 512B - Virtual size: 38B

.text
Size: 101KB - Virtual size: 100KB

.uRuN
Size: 206KB - Virtual size: 345KB

.wuf
Size: 136KB - Virtual size: 238KB

.nWuN
Size: 273KB - Virtual size: 343KB

.rsrc
Size: 74KB - Virtual size: 73KB

.reloc
Size: 512B - Virtual size: 38B