9ac93978cde9955a7e0e22dea753b9a0e4ad5881c99a4c4fdb23649a54141c29

Sharing

Copy URL

Twitter E-mail

General

Target

9ac93978cde9955a7e0e22dea753b9a0e4ad5881c99a4c4fdb23649a54141c29
Size

174KB
MD5

fb7f199da26aea47616d06003aa5fb43
SHA1

0e268cc19dfd53efbf78aace647c6ea89b0361d6
SHA256

9ac93978cde9955a7e0e22dea753b9a0e4ad5881c99a4c4fdb23649a54141c29
SHA512

eb883fa5c609a4e84a4c48de5f902f2b8acb55cd73bda2c12a6c65b8190d5efa9424621ce864667dc2163b1d13cbca47fae466a4027806ba743248290887b4a6
SSDEEP

3072:+GLz6KZ2wsVo4R819Cy9+UfEjsy2SDI0fHHIjgI0qgyDAhMLPTMOVzsFLqrw:tz6KEVKT9rfEjP2KfHHIt0qgq2wbMOVV

Score

N/A

Malware Config

Signatures

Files

9ac93978cde9955a7e0e22dea753b9a0e4ad5881c99a4c4fdb23649a54141c29
.exe windows x86

76f72279526842a2cc493edf7ad9ddd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

GetImageConfigInformation

version

GetFileVersionInfoW

ole32

StringFromCLSID
CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
StringFromIID
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream

cryptui

CryptUIDlgViewCertificateW
CryptUIDlgSelectCertificateW

dnsapi

DnsNameCompareEx_W

shlwapi

PathIsUNCServerShareW
PathAppendW

ntdll

RtlNtStatusToDosError
RtlIdentifierAuthoritySid
RtlInitUnicodeString
RtlSubAuthoritySid
RtlSubAuthorityCountSid
NtQuerySystemTime

advapi32

InitializeAcl
LsaSetTrustedDomainInfoByName
FreeSid
OpenServiceW
SystemFunction040
CloseServiceHandle
GetSidSubAuthority
ImpersonateLoggedOnUser
LsaCreateTrustedDomainEx
MakeSelfRelativeSD
LsaClose
IsValidSid
RegSetValueExW
LsaQueryForestTrustInformation
CryptGenRandom
SetEntriesInAclW
LsaFreeMemory
LsaOpenPolicy
GetSidLengthRequired
LsaQueryTrustedDomainInfoByName
LsaNtStatusToWinError
RegCreateKeyExW
ImpersonateAnonymousToken
AllocateAndInitializeSid
SetNamedSecurityInfoW
EqualPrefixSid
RegDeleteKeyW
CryptAcquireContextW
RegOpenKeyExW
GetNamedSecurityInfoW
GetSidSubAuthorityCount
LsaOpenTrustedDomainByName
LogonUserW
RegCloseKey
LsaSetForestTrustInformation
LsaLookupSids
BuildTrusteeWithObjectsAndSidW
LsaOpenTrustedDomain
RevertToSelf
LsaQueryInformationPolicy
GetSidIdentifierAuthority
OpenSCManagerW
GetExplicitEntriesFromAclW
RegQueryValueExW
LsaQueryTrustedDomainInfo
GetSecurityDescriptorDacl
LsaRetrievePrivateData
SystemFunction041
GetSecurityDescriptorControl
LsaDelete
QueryServiceStatus
InitializeSecurityDescriptor
BuildTrusteeWithSidW
GetLengthSid
GetSecurityDescriptorLength
EqualSid
CryptReleaseContext

crypt32

CertOpenStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertFindCertificateInStore
CertCloseStore
CertFreeCertificateContext
CertDeleteCertificateFromStore
CertDuplicateStore
CertSaveStore
CertControlStore
CryptQueryObject
CertGetCertificateContextProperty
CryptFindOIDInfo
CertGetEnhancedKeyUsage
CertEnumSystemStore
CertGetNameStringW
CertAddCertificateContextToStore
CryptDecodeObject

gdi32

SetBkColor
CreateFontIndirectW
GetTextExtentPoint32W
SetTextColor
CreatePatternBrush
CreateBitmap
DeleteObject
GetDeviceCaps

credui

CredUIParseUserNameW
CredUIInitControls

dsprop

ADsPropSetHwnd
ADsPropShowErrorDialog
ADsPropGetInitInfo
ADsPropCreateNotifyObj
ADsPropSetHwndWithTitle
FindSheet
ADsPropSendErrorMessage

kernel32

VirtualAlloc
GetLastError

shell32

SHGetFolderPathW

apphelp

GetPermLayers

ntdsapi

DsUnBindW
DsCrackSpn3W
DsCrackNamesW
DsIsMangledDnW
DsFreeNameResultW
DsBindW

user32

SetFocus
SetForegroundWindow
GetDesktopWindow
FrameRect
SendDlgItemMessageW
GetParent
ScrollWindow
SetCursor
LoadCursorW
RegisterClassW
IsDlgButtonChecked
wsprintfW
DrawFocusRect
GetWindowTextW
ShowWindow
SetWindowContextHelpId
MessageBoxA
GetScrollInfo
CheckRadioButton
IsWindow
GetWindowThreadProcessId
GetWindowRect
SetScrollPos
SystemParametersInfoW
ReleaseDC
GetSysColor
SendMessageW
MessageBeep
EnableWindow
ScreenToClient
RegisterWindowMessageW
DialogBoxParamW
GetSysColorBrush
GetDlgItemTextW
WinHelpW
MapDialogRect
UpdateWindow
SetWindowPos
GetSystemMetrics
DestroyIcon
CallWindowProcW
SetWindowTextW
DrawIcon
SetScrollRange
PostMessageW
GetWindowTextLengthW
RegisterClipboardFormatW
SetScrollInfo
GetWindowLongW
DestroyWindow
GetDlgCtrlID
MessageBoxW
EndPaint
OffsetRect
LoadBitmapW
IsWindowEnabled
GetClientRect
InflateRect
FindWindowExW
DefWindowProcW
MoveWindow
CreateWindowExW
GetWindow
MapWindowPoints
LoadIconW
SetDlgItemTextW
LoadStringW
GetDC
CheckDlgButton
EndDialog
BeginPaint
GetDlgItem
SetWindowLongW

Sections

.text
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76f72279526842a2cc493edf7ad9ddd8

Headers

DLL Characteristics

File Characteristics

Imports

imagehlp

version

ole32

cryptui

dnsapi

shlwapi

ntdll

advapi32

crypt32

gdi32

credui

dsprop

kernel32

shell32

apphelp

ntdsapi

user32

Sections

.text Size: 512B - Virtual size: 412B

.idata Size: 6KB - Virtual size: 6KB

.rdata Size: 85KB - Virtual size: 85KB

.data Size: 24KB - Virtual size: 848KB

.rsrc Size: 56KB - Virtual size: 55KB

.reloc Size: 512B - Virtual size: 32B

.text
Size: 512B - Virtual size: 412B

.idata
Size: 6KB - Virtual size: 6KB

.rdata
Size: 85KB - Virtual size: 85KB

.data
Size: 24KB - Virtual size: 848KB

.rsrc
Size: 56KB - Virtual size: 55KB

.reloc
Size: 512B - Virtual size: 32B