b42def3136e3ef7185f27edb72c7f7bcb478710d3d7a9c7935b9149d0593b912

Sharing

Copy URL Twitter E-mail

General

Target

b42def3136e3ef7185f27edb72c7f7bcb478710d3d7a9c7935b9149d0593b912
Size

495KB
MD5

d0a9130ed2725d208849fb6770d54f99
SHA1

4331075d3dc5efb190e89dfb2cf29e5bf2da56cf
SHA256

b42def3136e3ef7185f27edb72c7f7bcb478710d3d7a9c7935b9149d0593b912
SHA512

330686ad3106994f5880b7df5a4a7be3fa2592c077a51f711b7a0447a58efba6ab27fb6bd673a88db09e3b1906abd7a3f1a6b6ab54275b8917fadd585181740a
SSDEEP

12288:JnAXXAYgkMMnMMMMMGSNM2+2AM7xpQxfziGqdJxW9u8:JWikMMnMMMMMt/+NM4xfB2DWo8

Score

N/A

Malware Config

Signatures

Files

b42def3136e3ef7185f27edb72c7f7bcb478710d3d7a9c7935b9149d0593b912
.exe windows x86

e1330a66943c2c32935a984ca962242a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawEnumerateA

samlib

SamRemoveMultipleMembersFromAlias
SamiEncryptPasswords
SamConnectWithCreds
SamTestPrivateFunctionsUser

advapi32

RegDeleteValueA

kernel32

SetEndOfFile
GetEnvironmentStringsW
GetFileTime
GetLastError
GlobalHandle
CreateProcessA
SetFileAttributesA
GetCommandLineA
CloseHandle
HeapDestroy
lstrcmpiW
_lclose
GetUserDefaultLCID
_lwrite
GlobalFree
CreateProcessW
GetStartupInfoA
GlobalAddAtomA
GetExitCodeProcess
CreateSemaphoreA
MoveFileA
IsDBCSLeadByte
InitializeCriticalSection
GetModuleHandleA
GetVersionExA
FindResourceA
ResumeThread
GetFileAttributesA
GetLocaleInfoA
InterlockedIncrement
CreateDirectoryA
FreeLibrary
SetErrorMode
GetWindowsDirectoryA
FreeEnvironmentStringsW
LoadLibraryA
GlobalReAlloc
FreeEnvironmentStringsA
EnterCriticalSection
HeapCreate
SystemTimeToFileTime
GetOEMCP
CompareStringW
Sleep
RaiseException
IsBadCodePtr
TlsSetValue
GetSystemDefaultLCID
CreateFileA
GetFileType
VirtualProtect
LoadResource
GetSystemTime
SetEvent
GetLocalTime
GetProcAddress
VirtualQuery
ExitProcess
FreeResource
TlsFree
UnlockFile
SetStdHandle
GetFullPathNameA
SizeofResource
GlobalUnlock
GlobalSize
SetFileTime
LockFile
GetCurrentProcessId
VirtualAlloc
GetCPInfo
SearchPathA
GetModuleFileNameA
HeapFree
WinExec
HeapAlloc
HeapReAlloc
ResetEvent
FindClose
GetStringTypeA
lstrcpynA
GetDateFormatA
GlobalAlloc
GetTickCount
LCMapStringA
GetSystemDirectoryA
GetTempFileNameA
FileTimeToLocalFileTime
LCMapStringW
GetACP
FlushInstructionCache
GetProfileStringA
SetEnvironmentVariableA
ExitThread
lstrcmpA
GetVersion
GetStdHandle
HeapSize
CreateMailslotA
_llseek
SetCurrentDirectoryA
FindNextFileA
VirtualFree
ReleaseSemaphore
TlsGetValue
WideCharToMultiByte
lstrcmpiA

mswsock

sethostname

user32

CallMsgFilterW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1330a66943c2c32935a984ca962242a

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

samlib

advapi32

kernel32

mswsock

user32

Sections

.text Size: 1KB - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.data Size: 153KB - Virtual size: 1024KB

.reloc Size: 512B - Virtual size: 72B

.rsrc Size: 130KB - Virtual size: 130KB

.rdata Size: 205KB - Virtual size: 204KB

.text
Size: 1KB - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.data
Size: 153KB - Virtual size: 1024KB

.reloc
Size: 512B - Virtual size: 72B

.rsrc
Size: 130KB - Virtual size: 130KB

.rdata
Size: 205KB - Virtual size: 204KB