b4ce4c048d89e4321b7624bb8b0afc0b55663b76ae43828dbfd8234c95433635

Sharing

Copy URL Twitter E-mail

General

Target

b4ce4c048d89e4321b7624bb8b0afc0b55663b76ae43828dbfd8234c95433635
Size

1022KB
MD5

4d00ca310189bf0977797608f2612550
SHA1

595c1abe28ea8ecd46979a1da41a35e539546df2
SHA256

b4ce4c048d89e4321b7624bb8b0afc0b55663b76ae43828dbfd8234c95433635
SHA512

2a854b376dc6f7e52cddf9b614fa7c8afae8f246a261e604acffe23357319de437b67a955b9bfcc6a91a104a8e1918454115b9059d6e49657afc69028cd7182e
SSDEEP

12288:ym5f44BbBW0DFaTg/PQJA7Xn7RYljpuaRlCV1PbGnV6SSUxLMTV3z2EiW9VoPm8F:Z80DwTg/uAT7RCpbQ1iVzxLMTV3GQ98

Score

N/A

Malware Config

Signatures

Files

b4ce4c048d89e4321b7624bb8b0afc0b55663b76ae43828dbfd8234c95433635
.exe windows x86

84dd5ea452898239d636129bff55e291

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ulib

??0FLAG_ARGUMENT@@QAE@XZ
?DoParsing@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Stricmp@WSTRING@@SGHPAG0@Z
?DeleteChAt@WSTRING@@QAEXKK@Z
?Strcat@WSTRING@@QAEEPBV1@@Z
?HasWildCard@PATH@@QBEEXZ
?IsValueSet@ARGUMENT@@QAEEXZ
??1ARRAY@@UAE@XZ
??0TIMEINFO@@QAE@XZ
?Initialize@PATH@@QAEEPBV1@E@Z
??0DSTRING@@QAE@XZ
?QueryCurrentDosDriveName@SYSTEM@@SGEPAVWSTRING@@@Z
?QueryWCExpansion@PATH@@QAEPAV1@PAV1@@Z
??0PROGRAM@@IAE@XZ

advapi32

WmiOpenBlock
PrivilegeCheck
LsaSetDomainInformationPolicy
CreateServiceA
ReadEncryptedFileRaw
GetNamedSecurityInfoW
AccessCheck
EnumServiceGroupW
CryptDestroyHash
RegisterEventSourceW

kernel32

CreateHardLinkW
GetMailslotInfo
VirtualAlloc
WaitForMultipleObjects
SetVDMCurrentDirectories
BeginUpdateResourceW
CreateSemaphoreA
GetConsoleMode
GetLogicalDriveStringsA
WaitForSingleObject
AddAtomW
SetConsoleDisplayMode
GetFileSize
ChangeTimerQueueTimer
GetPrivateProfileSectionA
FlushFileBuffers

netapi32

DsGetDcNameWithAccountW
NetShareAdd
NetErrorLogRead
NetGroupAdd
NetQueryDisplayInformation
NetLocalGroupDelMembers
NetLocalGroupDel
DsGetDcNameW
NetSessionEnum
NetShareGetInfo
DsGetSiteNameW
NetUseEnum
NetpwNameValidate
NetWkstaUserGetInfo
NetRegisterDomainNameChangeNotification
NetpwPathType

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
InitCommonControlsEx
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_SetBkColor
ImageList_DrawEx
ImageList_GetDragImage
ImageList_Read

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Oh
Size: 177KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lsh
Size: 215KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QqUoE
Size: 243KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Ue
Size: 124KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84dd5ea452898239d636129bff55e291

Headers

DLL Characteristics

File Characteristics

Imports

ulib

advapi32

kernel32

netapi32

comctl32

Sections

.text Size: 125KB - Virtual size: 124KB

.Oh Size: 177KB - Virtual size: 293KB

.lsh Size: 215KB - Virtual size: 337KB

.QqUoE Size: 243KB - Virtual size: 302KB

.Ue Size: 124KB - Virtual size: 240KB

.rsrc Size: 135KB - Virtual size: 134KB

.reloc Size: 1024B - Virtual size: 978B

.text
Size: 125KB - Virtual size: 124KB

.Oh
Size: 177KB - Virtual size: 293KB

.lsh
Size: 215KB - Virtual size: 337KB

.QqUoE
Size: 243KB - Virtual size: 302KB

.Ue
Size: 124KB - Virtual size: 240KB

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 1024B - Virtual size: 978B