9619c8b0b8b419a34143783297810835beb84df70a6903397883bb44941cc871

General

Target

9619c8b0b8b419a34143783297810835beb84df70a6903397883bb44941cc871
Size

915KB
MD5

553f2d070581707c9d886916d63eee20
SHA1

58c8cfea0d40d5574dff5aeadae39aa76021c8ff
SHA256

9619c8b0b8b419a34143783297810835beb84df70a6903397883bb44941cc871
SHA512

94937d1d16a8271bebd9bb2e2ff4372a0d8c1f678018cd6f6c62d8e123bffb91dd9b2d43079e1626636eb672a2e8e01fc94fefd7f0c70a877f7a006fe599451c
SSDEEP

24576:eS+vpRceasjG1npva7I37UzkcD13aPstvVB5:eBvpRP9Q7UzkIVXvB

Score

N/A

Malware Config

Signatures

Files

9619c8b0b8b419a34143783297810835beb84df70a6903397883bb44941cc871
.exe windows x86

2da5050bb90f42d29a3fd129650ab036

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

netapi32

NetShareCheck
NetApiBufferFree
NetGetAnyDCName
NetUserSetInfo
NetConnectionEnum
NetSessionDel
NetGroupGetInfo
NetUserModalsSet
NetLocalGroupSetInfo
NetMessageBufferSend

wintrust

WintrustLoadFunctionPointers
CryptCATGetMemberInfo
CryptCATCatalogInfoFromContext
CryptCATAdminAcquireContext
CryptCATClose
WinVerifyTrust
CryptCATAdminAddCatalog
CryptCATEnumerateCatAttr

kernel32

VirtualAlloc
HeapLock
FileTimeToSystemTime
CreateFileMappingW
GetUserDefaultUILanguage
MulDiv
GetVolumeNameForVolumeMountPointW
InitializeCriticalSectionAndSpinCount
GetVolumeInformationW
SwitchToThread
GetCurrentProcessId
CommConfigDialogA
GetConsoleScreenBufferInfo
GetSystemDefaultLangID
_hread
LockFile
GetDiskFreeSpaceExA
OutputDebugStringA
LoadLibraryExA
VirtualFree

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.KxOv
Size: 369KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zKW
Size: 327KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 38B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2da5050bb90f42d29a3fd129650ab036

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

wintrust

kernel32

Sections

.text Size: 79KB - Virtual size: 79KB

.KxOv Size: 369KB - Virtual size: 566KB

.zKW Size: 327KB - Virtual size: 509KB

.rsrc Size: 137KB - Virtual size: 137KB

.reloc Size: 512B - Virtual size: 38B

.text
Size: 79KB - Virtual size: 79KB

.KxOv
Size: 369KB - Virtual size: 566KB

.zKW
Size: 327KB - Virtual size: 509KB

.rsrc
Size: 137KB - Virtual size: 137KB

.reloc
Size: 512B - Virtual size: 38B