ed922c2f8e0470f1c58f86420219ea7b33e225c3ca8358f228b688aa490e9dd7

Sharing

Copy URL Twitter E-mail

General

Target

ed922c2f8e0470f1c58f86420219ea7b33e225c3ca8358f228b688aa490e9dd7
Size

231KB
MD5

e51f1f9aea50b470df81197f78e22b6a
SHA1

6e6b63a58f10df3d1192acc9e4f39c1594d24c0d
SHA256

ed922c2f8e0470f1c58f86420219ea7b33e225c3ca8358f228b688aa490e9dd7
SHA512

09f5e80f14708ddfad56926e51c58d8802176882ff811500ae9a2ec70a1ed71ccaa41edfdcd583a42f52c1788184e4c5d988eb0159e0599954f768095391c893
SSDEEP

6144:b3eK6hiOcqN/cFvvx93VR1Xv3j3eNloSf:b3bqiOZNUFnFR1/3iNl5

Score

N/A

Malware Config

Signatures

Files

ed922c2f8e0470f1c58f86420219ea7b33e225c3ca8358f228b688aa490e9dd7
.dll windows x86

677f654cc7fd71bde2d308206eaa5834

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedCompareExchange
MultiByteToWideChar
GetUserDefaultLCID
ConvertDefaultLocale
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
SetCriticalSectionSpinCount
EnterCriticalSection
SleepEx
SwitchToThread
GetLastError
GetCurrentThread
GetSystemInfo
GetVersionExW
GetSystemDirectoryW
RaiseException
WaitForSingleObjectEx
GetOverlappedResult
GetComputerNameExW
SetLastError
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
QueryPerformanceFrequency
DuplicateHandle
GetThreadTimes
VirtualQuery
TlsAlloc
TlsFree
TlsSetValue
FileTimeToLocalFileTime
SystemTimeToFileTime
GetModuleHandleA
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
DebugBreak
GetProcessHeap
HeapAlloc
HeapSize
HeapReAlloc
HeapFree
HeapValidate
VirtualAlloc
VirtualFree
HeapCreate
SetThreadIdealProcessor
HeapDestroy
HeapCompact
GlobalMemoryStatusEx
OutputDebugStringA
DeleteCriticalSection
InterlockedExchange
SetEvent
GetCurrentDirectoryW
GetFullPathNameW
GetLongPathNameW
GetFileAttributesW
GetEnvironmentVariableW
GetLocalTime
FormatMessageW
LoadLibraryExW
LocalFree
IsDebuggerPresent
OutputDebugStringW
GetStartupInfoW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
TryEnterCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateEventW
GetDiskFreeSpaceW
ReleaseSemaphore
SetThreadPriority
WaitForMultipleObjects
CreateToolhelp32Snapshot
Thread32First
Thread32Next
ReadFile
WriteFile
ReadFileScatter
WriteFileGather
GetFileAttributesExW
MoveFileExW
CopyFileW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
ChangeTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueueEx
CreateTimerQueue
CreateTimerQueueTimer
PulseEvent
GlobalMemoryStatus
FindResourceA
FreeResource
_llseek
_lclose
_hread
IsDBCSLeadByte
_lread
_lopen
InitializeCriticalSection
ReadProcessMemory
GetVersionExA
GetDiskFreeSpaceExW
GetLocaleInfoA
GetACP
TlsGetValue
CreateSemaphoreW
CancelIo
SetFilePointerEx
GetFileSize
GetFileInformationByHandle
FlushFileBuffers
SetEndOfFile
SetFilePointer
MoveFileW
RemoveDirectoryW
DeleteFileW
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetFileType
CreateFileW
GetSystemDirectoryA
LoadLibraryA
lstrlenW
SetThreadLocale
GetThreadLocale
ConvertThreadToFiber
ResumeThread
PostQueuedCompletionStatus
GetQueuedCompletionStatus
QueueUserWorkItem
CreateIoCompletionPort
BindIoCompletionCallback
UnregisterWait
UnregisterWaitEx
RegisterWaitForSingleObject
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
FreeLibrary
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
LoadLibraryW
LeaveCriticalSection
CloseHandle
FileTimeToSystemTime
GetTickCount
ResetEvent

ole32

CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitializeEx
StringFromGUID2
IIDFromString

oleaut32

VariantClear
VarBstrFromI4
SysStringByteLen
SysFreeString
SysAllocStringLen
SysStringLen
VarParseNumFromStr
VarR8FromCy
VarCyFromR8
VariantChangeTypeEx
VarPow
VarDiv
VarCyAdd
VariantChangeType
VariantCopy
VarI4FromStr
VarUI4FromStr
GetErrorInfo
VarBstrFromDate
VarBstrFromCy
VarBstrFromR8
VarBstrFromR4
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromI2
VarBstrFromUI1
VarBstrFromI1
VarBstrFromBool
VariantTimeToSystemTime
SystemTimeToVariantTime
VarFormatFromTokens
VarTokenizeFormatString
SysAllocString
VarCmp
VarFix
VarMul
VarSu
VarCySu
VarAdd

secur32

LsaRegisterLogonProcess
LsaConnectUntrusted
TranslateNameW
LsaFreeReturnBuffer
LsaLookupAuthenticationPackage
LsaDeregisterLogonProcess
LsaLogonUser

ntdsapi

DsMakeSpnW

psapi

GetProcessMemoryInfo

wsock32

ntohs
getservbyport
WSAGetLastError
gethostbyname
inet_addr
htonl
ioctlsocket
getservbyname
htons
gethostbyaddr
WSAStartup
WSACleanup
WSASetLastError
socket
connect
closesocket

Sections

CODE
Size: 182KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.abss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.atls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677f654cc7fd71bde2d308206eaa5834

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

secur32

ntdsapi

psapi

wsock32

Sections

CODE Size: 182KB - Virtual size: 440KB

.abss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.atls Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 25KB - Virtual size: 25KB

CODE
Size: 182KB - Virtual size: 440KB

.abss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.atls
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 25KB - Virtual size: 25KB