edf7c1f8eeacc6488b621bafd733ee8b5744ebc76f2bfd2607aeba5cc8b2602a

Sharing

Copy URL

Twitter E-mail

General

Target

edf7c1f8eeacc6488b621bafd733ee8b5744ebc76f2bfd2607aeba5cc8b2602a
Size

74KB
MD5

f6ae7a37bae4e80f6514c14695b9cc38
SHA1

42987e66bd73418085e798a60f8ae1e0f1e02119
SHA256

edf7c1f8eeacc6488b621bafd733ee8b5744ebc76f2bfd2607aeba5cc8b2602a
SHA512

7827b6bc56f358ea09b02232ce7f41493d69f3aa9e65c0eb58fb6b696ac13cbed894774ffd9e39a084abfc50c459201e727619fd54b612ea62211a69f1d40700
SSDEEP

1536:daXbNVxTe67EXHnD5Pvs5VlEJkFs0jCp0:ubNVDgmJEJkFLCK

Score

1^/10

Malware Config

Signatures

Files

edf7c1f8eeacc6488b621bafd733ee8b5744ebc76f2bfd2607aeba5cc8b2602a
.dll windows x64

74805d10733a7276e8a5edc7c2c6742c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

SysFreeString
SysAllocString

ntdll

ZwQuerySystemInformation
RtlGetVersion
RtlGetNativeSystemInformation
RtlVirtualUnwind

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

advapi32

CryptImportKey
GetUserNameW
LookupAccountSidW
GetTokenInformation
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
StartServiceW
QueryServiceStatusEx
OpenServiceA
OpenSCManagerW
OpenSCManagerA
EnumServicesStatusA
DeleteService
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
ControlService
CryptEncrypt
CloseServiceHandle
CreateServiceW

netapi32

NetApiBufferFree
NetShareEnum
NetGetJoinInformation
NetGetDCName

shell32

ord680
CommandLineToArgvW

user32

wsprintfW

msvcrt

memcpy
_wfopen
fgetws
_getch
_vsnwprintf
memset
fclose
feof

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket

kernel32

ReadFile
SetEndOfFile
SetFileInformationByHandle
SetFilePointerEx
TlsGetValue
TlsSetValue
LeaveCriticalSection
DeleteCriticalSection
AllocConsole
WriteConsoleW
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
GetDriveTypeW
GetVolumeInformationW
GetFileSizeEx
TerminateThread
ResetEvent
lstrcmpiW
DeviceIoControl
EnterCriticalSection
InitializeCriticalSection
GetStdHandle
CopyFileW
DeleteFileW
GetComputerNameW
GlobalMemoryStatus
GetSystemInfo
CreateProcessW
GetTempPathW
GetModuleFileNameW
lstrcmpiA
OpenProcess
TerminateProcess
GetComputerNameA
lstrlenA
TlsAlloc
SetErrorMode
ExitProcess
HeapAlloc
GetProcessHeap
lstrcpyW
lstrcatW
lstrlenW
FindClose
FindFirstFileW
FindNextFileW
SetFileAttributesW
GetLastError
HeapFree
CreateFileW
WriteFile
CloseHandle
SetLastError
HeapReAlloc
GetCurrentProcessId
WideCharToMultiByte
Sleep
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
SetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventA
CreateThread
GetTickCount64
CreateSemaphoreA
GetCommandLineW

activeds

ord9

shlwapi

StrStrIA
SHRegSetUSValueW
StrChrW
StrCmpNIW
StrCmpIW
StrStrIW

Exports

Exports

RunW
runW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.r
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74805d10733a7276e8a5edc7c2c6742c

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

ntdll

mpr

advapi32

netapi32

shell32

user32

msvcrt

ole32

kernel32

activeds

shlwapi

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.c Size: 23KB - Virtual size: 23KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1KB - Virtual size: 1KB

.r Size: 16KB - Virtual size: 16KB

.d Size: 17KB - Virtual size: 17KB

.reloc Size: 512B - Virtual size: 204B

.text
Size: 6KB - Virtual size: 6KB

.c
Size: 23KB - Virtual size: 23KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1KB - Virtual size: 1KB

.r
Size: 16KB - Virtual size: 16KB

.d
Size: 17KB - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 204B