9968935649a994ac48f1f8b5fa7abbf8e880c820792aec91ae0052870a9cd890

General

Target

9968935649a994ac48f1f8b5fa7abbf8e880c820792aec91ae0052870a9cd890
Size

59KB
MD5

ad334f951fabe0bdb7e59587ab540ac8
SHA1

6365f6b39711fda022d9290bd821278efb749980
SHA256

9968935649a994ac48f1f8b5fa7abbf8e880c820792aec91ae0052870a9cd890
SHA512

6201e0272f6c802fdc605dc48595547cc5012f301ff8633e7b51d781f6adbd710b14f5484c705fcfff83f503d9d191e3a9bf848f5b8137bc2a603461852b7932
SSDEEP

1536:oG+Jj+4yjVpyYhszURtGB3bp6baLymT4Xo:J+J+thxHgUmLyxo

Score

N/A

Malware Config

Signatures

Files

9968935649a994ac48f1f8b5fa7abbf8e880c820792aec91ae0052870a9cd890
.exe windows x86

e6f8a627050e4010376efc6f526bddd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiIsProductElevatedW
MsiCollectUserInfoA
MsiEnumComponentQualifiersW
MsiEnumComponentQualifiersA
MsiDatabaseMergeW
MsiIsProductElevatedA
MsiReinstallFeatureFromDescriptorA
MsiGetFileHashW
MsiSetFeatureAttributesW
MsiGetFileSignatureInformationW
MsiOpenPackageW
MsiEnumClientsA
MsiProvideComponentFromDescriptorW
MsiPreviewBillboardA
MsiDatabaseCommit
MsiRecordGetStringA
MsiGetFileHashA
MsiDatabaseImportA

winsta

ServerGetInternetConnectorStatus
WinStationEnumerateA
_WinStationBeepOpen
_WinStationCheckForApplicationName
_WinStationAnnoyancePopup
_WinStationWaitForConnect
WinStationReset
WinStationSendMessageW
WinStationVirtualOpen
WinStationActivateLicense
ServerLicensingClose
WinStationUnRegisterConsoleNotification
WinStationEnumerateLicenses
ServerLicensingDeactivateCurrentPolicy
ServerLicensingGetPolicyInformationW
WinStationSendMessageA
WinStationGetAllProcesses
_WinStationUpdateSettings
WinStationEnumerate_IndexedA

kernel32

GlobalAlloc
EraseTape
CopyLZFile
GetProcAddress
TlsAlloc
LoadLibraryA
IsValidLocale
DeleteFileA
lstrcmpW
GetStringTypeW
GetConsoleNlsMode
GetSystemTimeAsFileTime
GetACP

user32

UserRealizePalette
ShowCaret
RegisterServicesProcess
FlashWindow
CreateMDIWindowW
DlgDirListA

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6f8a627050e4010376efc6f526bddd6

Headers

DLL Characteristics

File Characteristics

Imports

msi

winsta

kernel32

user32

Sections

.text Size: 42KB - Virtual size: 42KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 10KB