d95cf831d7439418f1f043bc2ab5b0056a242113b294ff66cc43c176b8fc93ee

Sharing

Copy URL Twitter E-mail

General

Target

d95cf831d7439418f1f043bc2ab5b0056a242113b294ff66cc43c176b8fc93ee
Size

420KB
MD5

212de9e08c505ea265975baee64fed03
SHA1

d753846b97335e931bb6729384e855a02f069134
SHA256

d95cf831d7439418f1f043bc2ab5b0056a242113b294ff66cc43c176b8fc93ee
SHA512

ce74885b4218a3474cd23e85a1f4ac4f143ba307fe9ca0e76ab4a6cbbf016336b9665575ccf3731cc70ada41cb2f0f255867fa6d90319c384b30bb3d5213bbd7
SSDEEP

6144:toipRWm3w/Cs30sq1T5bkZGk0XtuBSmthyCow/pBOTvYkL9dxZAhg1L:toipQK1Z4GVXtkHDyp8pCvV9LZJ

Score

N/A

Malware Config

Signatures

Files

d95cf831d7439418f1f043bc2ab5b0056a242113b294ff66cc43c176b8fc93ee
.exe windows x86

fc22a526c18358f987f144e2ac31d338

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetUserGetGroups
NetUserGetLocalGroups

rpcrt4

UuidFromStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

LCMapStringA
GetConsoleMode
GetConsoleCP
GetModuleHandleA
DebugBreak
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
GetStringTypeA
GetCurrentThreadId
SetLastError
TlsFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ResumeThread
ExitThread
HeapSize
HeapAlloc
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
ExpandEnvironmentStringsA
GetProcessHeap
HeapFree
WideCharToMultiByte
lstrlenA
WriteFile
FileTimeToLocalFileTime
GetCurrentProcess
FreeLibrary
GetSystemInfo
GetLastError
Sleep
GetSystemTimeAsFileTime
MultiByteToWideChar
CreateFileW
ReadFile
GetSystemDirectoryW
OutputDebugStringW
GetFileSize
TlsAlloc
FormatMessageW
TlsSetValue
GetUserDefaultLangID
TlsGetValue
GetSystemDefaultLangID
LocalAlloc
LocalFree
GetTimeZoneInformation
FileTimeToSystemTime
GetTimeFormatW
CompareFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetDateFormatW
DeleteFileW
CloseHandle
DeleteCriticalSection
CreateFileMappingW
GlobalFree
EnterCriticalSection
GetProcAddress
GlobalUnlock
CompareStringW
GetModuleFileNameW
GetFileAttributesW
LeaveCriticalSection
GetVersionExW
LoadLibraryW
GlobalAlloc
InitializeCriticalSection
GetTickCount
GetModuleHandleW
GlobalLock
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetCommandLineW
SetStdHandle
FlushFileBuffers
VirtualQuery
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

DispatchMessageW
MoveWindow
CheckMenuItem
MsgWaitForMultipleObjects
DrawTextW
PostMessageW
SetCapture
LoadImageW
TrackPopupMenu
PostQuitMessage
GetMessageW
GetWindowRect
ScreenToClient
GetDlgItemInt
TranslateAcceleratorW
CloseClipboard
GetWindowTextLengthW
SetCursor
SetWindowPlacement
DestroyWindow
ClientToScreen
EndPaint
DialogBoxIndirectParamW
CopyIcon
IsZoomed
GetSubMenu
DeleteMenu
GetFocus
DialogBoxParamW
GetParent
LoadCursorW
MessageBeep
MenuItemFromPoint
GetClientRect
SetFocus
GetMenuItemInfoW
BeginPaint
PtInRect
SetPropW
InsertMenuItemW
TranslateMessage
LoadAcceleratorsW
InflateRect
ChildWindowFromPoint
SetDlgItemInt
GetMenu
IsDialogMessageW
DefWindowProcW
CallWindowProcW
GetPropW
DrawFrameControl
EndDeferWindowPos
DestroyIcon
SetWindowTextW
DestroyMenu
SetClipboardData
RegisterClassExW
LoadIconW
GetWindowPlacement
OffsetRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
PeekMessageW
GetClassNameW
EnableMenuItem
EmptyClipboard
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
GetSysColor
SetWindowPos
CheckDlgButton
EnumChildWindows
ShowWindow
CreatePopupMenu
GetSysColorBrush
IsDlgButtonChecked
CreateDialogParamW
DrawMenuBar
GetActiveWindow
GetMenuItemCount
CreateWindowExW
SetMenuDefaultItem
OpenClipboard
DeferWindowPos
MessageBoxW
ReleaseCapture
BeginDeferWindowPos
GetSystemMetrics
IsWindowVisible
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
UpdateWindow
EnableWindow

gdi32

SetBkColor
ExtTextOutW
EndPage
StartPage
GetDeviceCaps
SetMapMode
SetTextColor
CreateFontIndirectW
SetBkMode
SelectObject
GetObjectW
EndDoc
GetStockObject
StartDocW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

advapi32

GetSecurityDescriptorLength
RegDeleteValueW
RegCreateKeyW
RegEnumValueW
RegSetValueExW
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetLengthSid
ConvertSidToStringSidW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
IsValidSid
GetSecurityDescriptorOwner
GetSidIdentifierAuthority
GetSidSubAuthority
MapGenericMask
GetSidSubAuthorityCount
EqualSid
GetAce
LookupAccountSidW
AllocateAndInitializeSid
RegCloseKey

shell32

CommandLineToArgvW
ShellExecuteW

ole32

CoInitialize
CreateBindCtx
CoUninitialize
CoCreateInstance
IIDFromString
StringFromGUID2

oleaut32

SafeArrayAccessData
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetUBound
SysFreeString
SafeArrayGetElement
VarDateFromStr
VariantChangeType
VariantInit
SysAllocStringByteLen
VariantClear
SafeArrayGetLBound
SysStringLen
SysAllocString

comctl32

ImageList_Draw
CreateToolbarEx
CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragLeave
ImageList_DragEnter
ord17
CreateStatusWindowW
PropertySheetW

activeds

ord9
ord20
ord15
ord12
ord13
ord7

wldap32

ord155
ord118
ord14
ord73
ord145
ord13
ord188
ord88

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc22a526c18358f987f144e2ac31d338

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

rpcrt4

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

activeds

wldap32

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 41KB - Virtual size: 49KB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 41KB - Virtual size: 49KB

.rsrc
Size: 41KB - Virtual size: 40KB