b9b6250592f9e3d6e33e3e33f944b8551bf56db362e1e8f29bc3eb8c5440095c

Sharing

Copy URL Twitter E-mail

General

Target

b9b6250592f9e3d6e33e3e33f944b8551bf56db362e1e8f29bc3eb8c5440095c
Size

824KB
MD5

ea94fb44daa31139540d31ff57481fa7
SHA1

cf26a6198b8c54e8fbe963f3735f872d769538da
SHA256

b9b6250592f9e3d6e33e3e33f944b8551bf56db362e1e8f29bc3eb8c5440095c
SHA512

ee092d0a050edb6d8082b22f90cf98611ba6e76d80c3a948f5df81f7647f8ca779e9b751d79d19f6971d3ea2632f55040b2eab708ae30da9bda5b9b8ca331353
SSDEEP

12288:An1HJPps4ntjapkJ3fA1fyiL5tFcym2RpLqVUBoEHoN7R56mMt44ykYV:0h6LWifR5Llm2RtHoN7Ryt44RYV

Score

N/A

Malware Config

Signatures

Files

b9b6250592f9e3d6e33e3e33f944b8551bf56db362e1e8f29bc3eb8c5440095c
.exe windows x86

547db0420c9876155ff5b33ad41d29e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

EncryptMessage
ImportSecurityContextA
InitSecurityInterfaceA
QuerySecurityPackageInfoA
SecpTranslateName
TranslateNameA
AddCredentialsW
LsaRegisterLogonProcess
SaslAcceptSecurityContext
MakeSignature
CredMarshalTargetInfo
ImportSecurityContextW
EnumerateSecurityPackagesA
GetUserNameExW
GetSecurityUserInfo
UnsealMessage
LsaEnumerateLogonSessions
AddSecurityPackageA
SetContextAttributesA
CredUnmarshalTargetInfo
LsaRegisterPolicyChangeNotification
LsaGetLogonSessionData
ApplyControlToken
VerifySignature

uxtheme

GetWindowTheme
IsThemeDialogTextureEnabled
GetThemeSysColorBrush
GetThemePosition
GetThemeMargins
HitTestThemeBackground
EnableTheming
GetThemeIntList
OpenThemeData
GetThemeBackgroundRegion
GetThemeInt
GetThemeTextMetrics
GetThemeBackgroundContentRect
DrawThemeIcon
GetThemeSysSize
EnableThemeDialogTexture
GetThemeDocumentationProperty
GetThemePartSize
GetThemePropertyOrigin

imm32

ImmEnumRegisterWordW
ImmConfigureIMEW
ImmAssociateContext
ImmDisableIme
ImmCreateContext
ImmGetConversionStatus
ImmConfigureIMEA
ImmGetDescriptionW
ImmUnregisterWordW
ImmCallImeConsoleIME
ImmGetRegisterWordStyleW
ImmIsIME
ImmGetCandidateListA
ImmCreateSoftKeyboard
ImmLoadIME
ImmFreeLayout
ImmSetCompositionStringA

wldap32

ldap_modrdn2
ldap_create_vlv_controlW
ber_peek_tag
ldap_free_controlsW
ldap_modifyW
ldap_get_valuesA
ldap_search_ext_s
ldap_next_reference
ldap_modrdn_sA
ber_bvfree
ldap_sslinit
ldap_modify_ext_sW
ldap_next_entry
ldap_search_s
ldap_modrdn_sW
ldap_err2string
ldap_compare_ext_sA
ldap_parse_extended_resultW
ldap_add_sW
ldap_simple_bind_sW
ldap_search_ext_sA
ldap_search_st
ldap_search_extW
ldap_modify_sW

kernel32

LoadLibraryW
GetFileAttributesW
GetModuleHandleW
LocalShrink
CreatePipe
QueryPerformanceCounter
QueryDepthSList
lstrcpynA
GetLocaleInfoW
SetCommTimeouts
EnumResourceLanguagesA
GetCurrentThread
LocalHandle
SetLastConsoleEventActive
ReadConsoleA
HeapSize
Thread32Next
GetCurrentDirectoryA
SetSystemPowerState
GetTimeFormatW

cfgmgr32

CM_Enumerate_Enumerators_ExW
CM_Delete_Class_Key
CMP_WaitServicesAvailable
CM_Set_HW_Prof_Ex
CMP_RegisterNotification
CM_Get_Next_Res_Des
CM_Delete_Class_Key_Ex
CM_Locate_DevNode_ExA
CM_Get_Depth_Ex
CM_Enumerate_Classes_Ex
CM_Get_Resource_Conflict_Count
CM_Get_Resource_Conflict_DetailsW
CM_Move_DevNode_Ex
CM_Add_ID_ExA

Sections

.text
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

547db0420c9876155ff5b33ad41d29e5

Headers

DLL Characteristics

File Characteristics

Imports

secur32

uxtheme

imm32

wldap32

kernel32

cfgmgr32

Sections

.text Size: 405KB - Virtual size: 404KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 106KB - Virtual size: 105KB

.reloc Size: 1024B - Virtual size: 864B

.text
Size: 405KB - Virtual size: 404KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 106KB - Virtual size: 105KB

.reloc
Size: 1024B - Virtual size: 864B