a133572823565a3a7262862c5da1a51d0a4eededae78f1d9c77f0c50e96ebe8f

Sharing

Copy URL Twitter E-mail

General

Target

a133572823565a3a7262862c5da1a51d0a4eededae78f1d9c77f0c50e96ebe8f
Size

41KB
MD5

14a3bd460c69f9de8683a54e62fb01d2
SHA1

e99ff0cf842a927bda100a088c2e631bf739443e
SHA256

a133572823565a3a7262862c5da1a51d0a4eededae78f1d9c77f0c50e96ebe8f
SHA512

dc387c33604e128276c0d3e79ddd6db874b8fe56c1ea775a51c48c09624ba799b0b619e3b5219a214e94c5944e8be7de94ef888a1606bbe20eaf2886033fb450
SSDEEP

768:7YO/8U7YG9k1pjbLDL4Pub8SKxh3fceQgZfopkmDIrB8zYfFhn8nEobh/HoxIt9V:7Y4J7W1NvDT8TvUeQ6SzuFOEoNIU9

Score

N/A

Malware Config

Signatures

Files

a133572823565a3a7262862c5da1a51d0a4eededae78f1d9c77f0c50e96ebe8f
.exe windows x86

577aa4d3a7122946cb966937937ca7c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprAdminPortReset
MprAdminInterfaceGetInfo
MprAdminMIBEntryGet
MprAdminUpgradeUsers
MprConfigTransportSetInfo
MprAdminConnectionEnum
MprDomainRegisterRasServer
MprConfigTransportEnum
MprDomainQueryRasServer
MprConfigBufferFree
MprAdminServerConnect
MprInfoDelete
MprAdminEstablishDomainRasServer
MprConfigInterfaceTransportGetHandle
MprAdminPortDisconnect
MprAdminInterfaceGetHandle
MprAdminIsDomainRasServer
MprConfigServerBackup
MprAdminServerSetCredentials

msasn1

ASN1BEREncObjectIdentifier
ASN1intx_sub
ASN1BEREncS32
ASN1BEREncChar32String
ASN1char32string_cmp
ASN1_Decode
ASN1BEREncSX
ASN1BERDecExplicitTag
ASN1BERDecOpenType2
ASN1BEREncBool
ASN1BEREncU32
ASN1BERDecUTCTime
ASN1BERDecObjectIdentifier2
ASN1BERDecOpenType
ASN1_FreeDecoded

kernel32

GetSystemTimeAsFileTime
GetSystemInfo
LZStart
ExpungeConsoleCommandHistoryW
CreateDirectoryExW
LocalHandle
Process32Next
GetEnvironmentVariableW
GetEnvironmentStringsW
GetLongPathNameW
_lopen
FoldStringA
SwitchToThread
LoadLibraryA
GetUserDefaultLCID
DeleteFileA
EnumDateFormatsW
DefineDosDeviceA
GetConsoleCommandHistoryLengthA
LZDone
InvalidateConsoleDIBits
EnumResourceNamesA

crypt32

I_CryptUninstallOssGlobal
CryptHashToBeSigned
CryptInstallOIDFunctionAddress
CryptDecodeObject
CertSetEnhancedKeyUsage
CertCompareCertificate
CertAlgIdToOID
CryptBinaryToStringA
CertFindChainInStore
CertAddEnhancedKeyUsageIdentifier
CertStrToNameW
CryptMsgGetParam

hhsetup

?GetFindMergedCHMS@CCollection@@QAEHXZ
?SetVolume@CLocation@@QAEXPBG@Z
?GetNextFolder@CFolder@@QAEPAV1@XZ
?DeleteLocation@CCollection@@AAEKPAVCLocation@@@Z
?SetId@CLocation@@QAEXPBG@Z
?SetPath@CLocation@@QAEXPBD@Z
?AddChildFolder@CFolder@@QAEPAV1@PBDKPAKG@Z
?GetCollectionFileNameW@CCollection@@QAEPBGXZ
??0CFolder@@QAE@XZ

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

577aa4d3a7122946cb966937937ca7c3

Headers

DLL Characteristics

File Characteristics

Imports

mprapi

msasn1

kernel32

crypt32

hhsetup

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 488B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 488B

.rsrc
Size: 4KB - Virtual size: 3KB