8e66cefa79e287d7c44667afe48c654cb94efe0a8122812ca85bb5cc118c2971

Sharing

Copy URL Twitter E-mail

General

Target

8e66cefa79e287d7c44667afe48c654cb94efe0a8122812ca85bb5cc118c2971
Size

41KB
MD5

0ddc64ab3409044e918607c539ddc16b
SHA1

3fb11e917009180670fcf8b21cfc176f17274ad5
SHA256

8e66cefa79e287d7c44667afe48c654cb94efe0a8122812ca85bb5cc118c2971
SHA512

a241551ca0a3763bcda4e013ec87320748020bb6d14bc63e684dae112aa85b9fb72d50882881aab2e93a2d1fcaef8ac10d157d8b99afe5ac91b34f7b4b2133ba
SSDEEP

768:H4jrdgBnYXJYXDVnE4E7/wytmeRahrVGwVzFL6XZG5:HKrdgmyzVf9ytROr8wVz96JG5

Score

N/A

Malware Config

Signatures

Files

8e66cefa79e287d7c44667afe48c654cb94efe0a8122812ca85bb5cc118c2971
.exe windows x86

80bdc2e5e6cb0bc40ed275330372e289

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaClose
RegFlushKey
CredGetTargetInfoA
OpenSCManagerA
SystemFunction004
QueryAllTracesW
AddAccessAllowedAceEx
CryptExportKey
ConvertStringSDToSDRootDomainA
CredReadW
LsaQuerySecret
MD4Update
SetSecurityInfoExW
EnumDependentServicesW
GetAuditedPermissionsFromAclW
SetEntriesInAccessListW
LsaDeleteTrustedDomain
GetPrivateObjectSecurity
CredpConvertTargetInfo
GetSecurityDescriptorControl
FreeSid
MSChapSrvChangePassword
ChangeServiceConfig2W
CryptDestroyKey
WmiExecuteMethodA
SystemFunction003
WmiFileHandleToInstanceNameA
GetFileSecurityA
AccessCheckByTypeResultList

winmm

timeKillEvent
mmioStringToFOURCCA
WOW32ResolveMultiMediaHandle
mixerGetID
mciGetDriverData
mci32Message
waveInMessage
mmioSetBuffer
timeBeginPeriod
auxGetDevCapsA
midiOutShortMsg
midiStreamOut
mciSetDriverData
tid32Message
midiOutGetID
mixerGetDevCapsW
midiInUnprepareHeader
midiOutOpen
mmGetCurrentTask
midiInGetID
mixerGetLineControlsA
waveInStop
mmsystemGetVersion
mciDriverYield
DefDriverProc
mmioSendMessage

kernel32

SetConsoleScreenBufferSize
CreateNamedPipeA
GetCompressedFileSizeW
AddAtomA
DosDateTimeToFileTime
SetFileApisToOEM
EnumSystemLocalesW
EraseTape
WaitCommEvent
DeleteVolumeMountPointW
ClearCommBreak
SetThreadExecutionState
DefineDosDeviceA
HeapWalk
EnumSystemGeoID
_lclose
CreatePipe
GetSystemInfo
UnlockFile
CreateIoCompletionPort
VirtualAlloc
GetConsoleAliasExesW
ReadDirectoryChangesW
SetMailslotInfo
WaitNamedPipeW
GetModuleHandleW
LZOpenFileW
InterlockedPushEntrySList
SetComputerNameExA
LoadLibraryA
GetModuleHandleA
GetCommState

avifil32

EditStreamCut
AVIStreamSetFormat
CreateEditableStream
AVIPutFileOnClipboard
AVIStreamGetFrame
AVIStreamInfo
AVIBuildFilterW
AVIMakeFileFromStreams
EditStreamPaste
AVIMakeCompressedStream
AVIFileGetStream
AVIFileAddRef
IID_IGetFrame
AVIStreamCreate
AVIBuildFilterA
AVIFileEndRecord
AVIStreamFindSample
AVISaveOptionsFree
IID_IAVIEditStream
AVIStreamGetFrameOpen
AVIFileCreateStreamA
AVISave
AVIFileReadData
AVIStreamEndStreaming
AVIStreamWrite
AVIStreamAddRef
AVIFileExit
AVIStreamLength

rpcrt4

RpcServerUseAllProtseqs
RpcErrorClearInformation
double_from_ndr
NdrPointerUnmarshall
UuidCreateNil
I_RpcServerUseProtseqEp2A
NdrpCreateStub
I_RpcServerUseProtseqEp2W
NdrNsGetBuffer
NdrAllocate
NdrClientInitialize
tree_size_ndr
RpcIfInqId
NdrProxySendReceive
NdrPointerBufferSize
I_RpcTransServerNewConnection
RpcBindingInqAuthInfoExA
RpcSmClientFree
NDRSContextMarshallEx
RpcServerUnregisterIf
MesEncodeFixedBufferHandleCreate
RpcEpRegisterNoReplaceW
NdrProxyFreeBuffer
UuidHash
NdrSendReceive

serialui

drvCommConfigDialogA
drvCommConfigDialogW
drvGetDefaultCommConfigA
drvSetDefaultCommConfigW
drvGetDefaultCommConfigW
drvSetDefaultCommConfigA

comsnap

DllCanUnloadNow
DllGetClassObject
InstallDsExtension
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1024B - Virtual size: 654B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80bdc2e5e6cb0bc40ed275330372e289

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

winmm

kernel32

avifil32

rpcrt4

serialui

comsnap

Sections

.text Size: 1024B - Virtual size: 654B

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 1024B - Virtual size: 654B

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 60B