95816af9d6cb87cfb978b021a33f3e6358152e6616dc510931d958ec832ed1d3

General

Target

95816af9d6cb87cfb978b021a33f3e6358152e6616dc510931d958ec832ed1d3
Size

49KB
MD5

20861995aa6d6e7ffe906f635d8345de
SHA1

e54c9b2baf3b04a3701f26bc73dc93ff856c5c48
SHA256

95816af9d6cb87cfb978b021a33f3e6358152e6616dc510931d958ec832ed1d3
SHA512

37a2ee1525e9665003cb9cffa0aa83aef8c7e7313c2f4843a13306a2967a1278e0ec6abbfc4f665315a7e8b3616f47b4291f7af2e6720d3d7cb2b76d05c9e4bd
SSDEEP

1536:atggonUdmApIDmEStkv5bG5xhblJeRAlEjfG:atNon+mwIB5YA5jfG

Score

N/A

Malware Config

Signatures

Files

95816af9d6cb87cfb978b021a33f3e6358152e6616dc510931d958ec832ed1d3
.exe windows x86

5d76f236a033b9f930c53232dce641dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetProcAddress
SetLastError
ResumeThread
GetCurrentConsoleFont
GetDriveTypeW
InterlockedFlushSList
ExpungeConsoleCommandHistoryA
SetTimeZoneInformation
EnumLanguageGroupLocalesA
GlobalFindAtomW
LoadLibraryA
lstrcmpiA

samlib

SamOpenUser
SamDeleteUser
SamQuerySecurityObject
SamRemoveMemberFromForeignDomain
SamLookupNamesInDomain
SamiSetBootKeyInformation
SamTestPrivateFunctionsUser
SamAddMemberToAlias
SamOpenAlias
SamRemoveMemberFromAlias

gdi32

ColorMatchToTarget
STROBJ_bGetAdvanceWidths
GetCharWidth32A
SetColorAdjustment
SelectClipPath
GdiResetDCEMF
SetBkColor
CreateDCW
EngAssociateSurface
DdEntry52
BRUSHOBJ_hGetColorTransform
IntersectClipRect
GetCharacterPlacementA

msvcrt

__getmainargs
__set_app_type
__p__commode
exit

msdtcprx

DTC_XaEnd
DTC_XaCommit
DTC_XaOpen
DllGetDTCConnectionManager
ContactToNameObject
DTC_XaForget
DllGetDTCProxy

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d76f236a033b9f930c53232dce641dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

samlib

gdi32

msvcrt

msdtcprx

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB