0f3bb820adf6d3bba54988ef40d8188ae48b34b757277e86728bdb8441d01ea2

Resubmissions

22-02-2023 03:33

230222-d4e96shf67 10

Sharing

Copy URL

Twitter E-mail

General

Target

0f3bb820adf6d3bba54988ef40d8188ae48b34b757277e86728bdb8441d01ea2
Size

75KB
MD5

78f011f6196ab070e05e7e363a0c02f1
SHA1

8d31d3e523d1e11631d05f01c410340cef780bfc
SHA256

0f3bb820adf6d3bba54988ef40d8188ae48b34b757277e86728bdb8441d01ea2
SHA512

a4122de0328bd4f42ccb47b70eb444eac0b63e3f736223dbfca9e43169ee28c542f768ef7a35daf3f50def72a07c579a01241fd162fb0a00d184a270c7617706
SSDEEP

768:FbzkUtPX9DUetap1YOc8tmmSuDsCHJexou+nPp18vjILhussGdamRv5qmppQHUd:SaX1LGfDpRRuI0PuvtOuSG4z

Score

1^/10

Malware Config

Signatures

Files

0f3bb820adf6d3bba54988ef40d8188ae48b34b757277e86728bdb8441d01ea2
.exe windows x64

200928216c27c7644c19b0beec4e3fd5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysAllocString
SysFreeString

mpr

WNetCancelConnection2W
WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum
WNetAddConnection2W

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity

user32

wsprintfW

netapi32

NetApiBufferFree
NetShareEnum
NetGetJoinInformation
NetGetDCName

ntdll

RtlGetNativeSystemInformation
RtlVirtualUnwind
RtlGetVersion
ZwQuerySystemInformation

advapi32

GetUserNameW
LookupAccountSidW
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
StartServiceW
QueryServiceStatusEx
OpenServiceA
OpenSCManagerW
OpenSCManagerA
EnumServicesStatusA
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW

activeds

ord9

msvcrt

feof
fgetws
_getch
fclose
_vsnwprintf
memset
_wfopen

shell32

CommandLineToArgvW
ord680

shlwapi

StrStrIW
SHRegSetUSValueW
StrChrW
StrCmpIW
StrStrIA
StrCmpNIW

kernel32

DeleteFileW
GlobalMemoryStatus
CopyFileW
GetStdHandle
WaitForSingleObject
CreateEventA
CreateThread
GetTickCount64
CreateSemaphoreA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
AllocConsole
WriteConsoleW
GetConsoleScreenBufferInfo
SetFileAttributesW
DeviceIoControl
lstrcmpiW
ResetEvent
TerminateThread
GetFileSizeEx
ReadFile
SetConsoleCursorPosition
GetComputerNameW
lstrcmpiA
GetSystemInfo
CreateProcessW
GetTempPathW
GetModuleFileNameW
SetEndOfFile
OpenProcess
TerminateProcess
GetComputerNameA
lstrlenA
TlsAlloc
SetErrorMode
ExitProcess
ReleaseSemaphore
SetEvent
GetCommandLineW
GetDriveTypeW
TlsSetValue
TlsGetValue
SetFilePointerEx
SetFileInformationByHandle
GetCurrentProcess
HeapAlloc
GetProcessHeap
lstrcpyW
lstrcatW
lstrlenW
FindClose
FindFirstFileW
FindNextFileW
GetVolumeInformationW
GetLastError
HeapFree
CreateFileW
WriteFile
CloseHandle
SetLastError
HeapReAlloc
GetCurrentProcessId
WideCharToMultiByte
Sleep
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

200928216c27c7644c19b0beec4e3fd5

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

mpr

ole32

user32

netapi32

ntdll

advapi32

activeds

msvcrt

shell32

shlwapi

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.c Size: 23KB - Virtual size: 23KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.r Size: 18KB - Virtual size: 17KB

.d Size: 18KB - Virtual size: 17KB

.reloc Size: 512B - Virtual size: 348B

.text
Size: 6KB - Virtual size: 6KB

.c
Size: 23KB - Virtual size: 23KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.r
Size: 18KB - Virtual size: 17KB

.d
Size: 18KB - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 348B