501f936ded282d825d2017cbc176413345a4b7bbd049240594889ba6fdac3dc4

Sharing

Copy URL Twitter E-mail

General

Target

501f936ded282d825d2017cbc176413345a4b7bbd049240594889ba6fdac3dc4
Size

731KB
MD5

199fd6dcda7ef39c548f53b5606a21c0
SHA1

b6d39d830f3c7c20ab585ee3700297c1a5a3d565
SHA256

501f936ded282d825d2017cbc176413345a4b7bbd049240594889ba6fdac3dc4
SHA512

f009efd467c593fd24be1c3a5c1780d524d7f5f84115704b82b41db2cdd4e9f81d4af45c34fd0b04a4a4851e7ecab059ba4128c0be2a6735a31763af0c32bc93
SSDEEP

12288:dhZGyPtcWD5kIwI9LJHwudAjaSzGiruIGWiR6MDd:jUyPtcYSxIDhdAjl2IU8

Score

N/A

Malware Config

Signatures

Files

501f936ded282d825d2017cbc176413345a4b7bbd049240594889ba6fdac3dc4
.exe windows x86

6789284e7e056f4e4813ef1964e79320

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CM_Get_Parent_Ex
pSetupStringTableInitializeEx
SetupQueueCopyW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Res_Des_Data
SetupGetFieldCount
SetupDiBuildDriverInfoList
SetupDiOpenDeviceInterfaceRegKey
SetupCloseFileQueue
pSetupRealloc
SetupDiEnumDeviceInterfaces
SetupAddToSourceListW
SetupGetStringFieldA
SetupDiDestroyDeviceInfoList
SetupDiSetSelectedDevice
SetupDiCreateDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Device_ID_List_ExW

odbc32

CursorLibLockDesc
SearchStatusCode
PostODBCError
VRetrieveDriverErrorsRowCol
SQLBulkOperations
CursorLibTransact
LockHandle
CursorLibLockDbc
PostODBCComponentError
ValidateErrorQueue
VFreeErrors
CursorLibLockStmt

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetPrivateProfileStringW
ConnectNamedPipe
SetPriorityClass
LocalFree
SleepEx
BeginUpdateResourceW
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LocalReAlloc
VirtualAlloc
GetConsoleScreenBufferInfo
BindIoCompletionCallback
WritePrivateProfileSectionA
WriteConsoleW
SetWaitableTimer
GetProfileSectionA
GetCommConfig
GetThreadContext
GetSystemDefaultLangID
GetProfileIntW
FormatMessageA
GetConsoleWindow

advapi32

ReportEventA
RegNotifyChangeKeyValue
GetSecurityDescriptorOwner
GetUserNameW
GetSidSubAuthorityCount
AddAccessAllowedAce
SetFileSecurityA
InitiateSystemShutdownW
RegEnumValueW
ReadEventLogA
WmiQueryAllDataW
AdjustTokenPrivileges
GetCurrentHwProfileA
LsaClose
RevertToSelf
StartTraceW
LsaCreateAccount

userenv

GetUserProfileDirectoryA
GetProfilesDirectoryW
DestroyEnvironmentBlock
RsopResetPolicySettingStatus
RefreshPolicy
DeleteProfileW
ProcessGroupPolicyCompletedEx
RegisterGPNotification
ForceSyncFgPolicy
UnregisterGPNotification
GetAppliedGPOListW
UnloadUserProfile
FreeGPOListW
CreateEnvironmentBlock
GetAllUsersProfileDirectoryW
RsopSetPolicySettingStatus
LeaveCriticalPolicySection
ExpandEnvironmentStringsForUserW
GetProfileType
GetDefaultUserProfileDirectoryW
LoadUserProfileW
EnterCriticalPolicySection
ProcessGroupPolicyCompleted
GetUserProfileDirectoryW

netapi32

NetUserEnum
DsRoleGetPrimaryDomainInformation
NetUserSetInfo
NetServerSetInfo
NetSessionEnum
NetUseEnum
NetApiBufferAllocate
NetUserModalsGet
NetServerEnum
NetLocalGroupAddMembers
NetUnjoinDomain
NetShareCheck
NetServiceEnum
NetWkstaGetInfo
NetFileEnum
NetLocalGroupSetInfo
NetQueryDisplayInformation
NetLocalGroupDelMembers
NetShareDelSticky
NetLocalGroupAdd
NetWkstaUserGetInfo
NetUserDel
NetRemoteTOD
NetUseGetInfo
NetDfsSetClientInfo

Sections

.data
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 30KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 619KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6789284e7e056f4e4813ef1964e79320

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

odbc32

kernel32

advapi32

userenv

netapi32

Sections

.data Size: 512B - Virtual size: 129B

.text Size: 30KB - Virtual size: 399KB

BSS Size: 619KB - Virtual size: 988KB

.rsrc Size: 79KB - Virtual size: 79KB

.reloc Size: 512B - Virtual size: 320B

.data
Size: 512B - Virtual size: 129B

.text
Size: 30KB - Virtual size: 399KB

BSS
Size: 619KB - Virtual size: 988KB

.rsrc
Size: 79KB - Virtual size: 79KB

.reloc
Size: 512B - Virtual size: 320B