b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f

General

Target

b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f
Size

163KB
MD5

32a678bbd6eedab3232e50a3378e0391
SHA1

2dda667fb3de88dad5ab2609dcf55ea1504726d2
SHA256

b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f
SHA512

0a52904d696283aead58fa0c66286a2acae7765b7072438f592bb3b6eabb106570cc36379fde6ecdbe8118f25afdab764fbc35897f2b056d1a748d78d8d70296
SSDEEP

3072:3m4azbjjC9C+q+bAgFwIpOLKOAwWxWK7xYOOQbHoPl8qBYQVl7Bp:3mp+q+bAgFwt/5+WiYOOQbIiqCQV

Score

N/A

Malware Config

Signatures

Files

b5476ccbfe4347afa745481b7577b056e34891c01760fc6d378f696f4e87e11f
.exe windows x86

3dc592b93b14a6322647a9f8f3a18550

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
AddConsoleAliasA
AddAtomA
TerminateProcess
VirtualAlloc
AddConsoleAliasW

ntshrui

IsPathSharedA
DllCanUnloadNow
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPath
GetLocalPathFromNetResourceW

dxtmsft

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer
DllEnumClassObjects

wups

DllUnregisterServer
DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllMain

mtxlegih

TryLegInterfaceFirst

user32

GetMessagePos
EnumWindowStationsW
FindWindowA
SetWindowsHookExA
GetWindowRect

mtxclu

MtxCluIsClusterPresent
MtxCluBringOnlineDTCW
MtxCluIsClusterPresentExW
MtxCluGetComputerNameW
MtxCluGetDTCStatusW

snmpapi

SnmpUtilOctetsFree
SnmpUtilOctetsNCmp
SnmpUtilOidFree
SnmpUtilMemAlloc
SnmpSvcSetLogLevel

usp10

ScriptStringValidate
ScriptStringOut
ScriptIsComplex
ScriptCPtoX
ScriptGetProperties

pdh

PdhGetRawCounterArrayA
PdhSelectDataSourceW
PdhVbCreateCounterPathList
PdhExpandWildCardPathW
PdhCollectQueryDataEx

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dc592b93b14a6322647a9f8f3a18550

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntshrui

dxtmsft

wups

mtxlegih

user32

mtxclu

snmpapi

usp10

pdh

Sections

.text Size: 16KB - Virtual size: 16KB

.data Size: 145KB - Virtual size: 145KB

.reloc Size: 1024B - Virtual size: 752B

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 145KB - Virtual size: 145KB

.reloc
Size: 1024B - Virtual size: 752B