1d725cbd074bc11af2760006bd9c6d41005254fb9d1fc38ef9ed36a7f07daf01

Sharing

Copy URL

Twitter E-mail

General

Target

1d725cbd074bc11af2760006bd9c6d41005254fb9d1fc38ef9ed36a7f07daf01
Size

1.0MB
MD5

81c78ff6ff0a77966984cabfd4362471
SHA1

63f95b97d71ebb9e0b913050229d1d6f06d7bfd6
SHA256

1d725cbd074bc11af2760006bd9c6d41005254fb9d1fc38ef9ed36a7f07daf01
SHA512

ba76c8238fef3fefa966fb42078badd81480609a6904f82d2e9fc5058d4dc3b48a26d98acbd2b295950f3b56609e98277794b844b1dd05223bc647d9163a9ca6
SSDEEP

24576:wZKJj9RS1CFBuLUBwhsDO4QwbNo+as63ewum1rpxRNRKCSvDpFQPd1hqn:wZK59RSQFBuLUBSsBQwbJaHeSrpxRN3M

Score

N/A

Malware Config

Signatures

Files

1d725cbd074bc11af2760006bd9c6d41005254fb9d1fc38ef9ed36a7f07daf01
.exe windows x86

d35c4f658711b828a1469223e58cf488

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetEnvironmentVariableW
SetConsoleCursorInfo
ContinueDebugEvent
OpenFileMappingA
FindFirstFileW
WritePrivateProfileStringA
VirtualAlloc
ConvertThreadToFiber
GetOverlappedResult
SetVolumeLabelW
GetThreadPriorityBoost
GetCommConfig
LocalSize
GetConsoleAliasA
WritePrivateProfileSectionA
CreateFileW
EscapeCommFunction
GetFileAttributesExA
GlobalUnlock

advapi32

RegOpenKeyExW
LsaEnumerateAccountRights
RegSetValueA
EnumDependentServicesA
OpenTraceW
WmiExecuteMethodW
SystemFunction029
RegQueryMultipleValuesA
RegOpenCurrentUser
LookupAccountSidW
CloseServiceHandle
ObjectCloseAuditAlarmW
OpenSCManagerA
RegCreateKeyExW
GetTraceLoggerHandle
GetSidLengthRequired
GetSecurityDescriptorLength
RegSetValueExW
RegEnumValueA
RegOpenKeyExA
CheckTokenMembership
CryptHashData
ImpersonateSelf
RevertToSelf
GetServiceDisplayNameW
GetSidSubAuthorityCount
QueryServiceObjectSecurity
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
PrivilegeCheck
LookupAccountNameA
GetSidSubAuthority
SetSecurityInfo
SetSecurityDescriptorDacl

winmm

mixerGetDevCapsW
midiStreamPosition
waveInUnprepareHeader
waveOutMessage
waveOutUnprepareHeader
mciSendStringW
waveOutGetNumDevs
waveInOpen
CloseDriver
mciDriverNotify
mciGetErrorStringW

netapi32

NetWkstaGetInfo
NetRemoteTOD
DsRoleGetPrimaryDomainInformation
NetUseAdd
NetLocalGroupEnum
NetDfsSetClientInfo
NetUserSetInfo
NetapipBufferAllocate
NetLocalGroupDel
NetUnjoinDomain
NetUserGetGroups
NetUseDel
NetServerDiskEnum
NetSessionEnum

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pXK
Size: 166KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IAbCB
Size: 132KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qAzzj
Size: 82KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SeRyqw
Size: 301KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d35c4f658711b828a1469223e58cf488

Headers

File Characteristics

Imports

kernel32

advapi32

winmm

netapi32

Sections

.text Size: 201KB - Virtual size: 201KB

.pXK Size: 166KB - Virtual size: 238KB

.IAbCB Size: 132KB - Virtual size: 282KB

.qAzzj Size: 82KB - Virtual size: 190KB

.SeRyqw Size: 301KB - Virtual size: 445KB

.rsrc Size: 141KB - Virtual size: 141KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 201KB - Virtual size: 201KB

.pXK
Size: 166KB - Virtual size: 238KB

.IAbCB
Size: 132KB - Virtual size: 282KB

.qAzzj
Size: 82KB - Virtual size: 190KB

.SeRyqw
Size: 301KB - Virtual size: 445KB

.rsrc
Size: 141KB - Virtual size: 141KB

.reloc
Size: 3KB - Virtual size: 2KB