076_Lord_AJ[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

076_Lord_AJ.exe
Size

466KB
MD5

6716b904a1a1509331e2afd9fc47c1d4
SHA1

3b4843a8002d70d38215f77254178053ec3cf81e
SHA256

b65f3c500bc5e108c233a36714b480be0a2be143dcfd87f1bb1c10cde596d458
SHA512

6c215f8e56ee30d6f355196d4b37f957bc9b8caf8c46ce3403b734738c904202e774f3564e14bc372e77276326cc9826f800c11b2986e1d6d5479ac8faa0f8de
SSDEEP

12288:FJB9/HQRmTMga6JzQdrAVzDtpzO9LZvYmS:FCRmwgza2VzSLZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
076_Lord_AJ.exe

Files

076_Lord_AJ.exe
.exe windows x86

fc22a526c18358f987f144e2ac31d338

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetUserGetGroups
NetUserGetLocalGroups

rpcrt4

UuidFromStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

LCMapStringA
GetConsoleMode
GetConsoleCP
GetModuleHandleA
DebugBreak
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
LCMapStringW
GetModuleFileNameA
GetStdHandle
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
GetStringTypeA
GetCurrentThreadId
SetLastError
TlsFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ResumeThread
ExitThread
HeapSize
HeapAlloc
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
ExpandEnvironmentStringsA
GetProcessHeap
HeapFree
WideCharToMultiByte
lstrlenA
WriteFile
FileTimeToLocalFileTime
GetCurrentProcess
FreeLibrary
GetSystemInfo
GetLastError
Sleep
GetSystemTimeAsFileTime
MultiByteToWideChar
CreateFileW
ReadFile
GetSystemDirectoryW
OutputDebugStringW
GetFileSize
TlsAlloc
FormatMessageW
TlsSetValue
GetUserDefaultLangID
TlsGetValue
GetSystemDefaultLangID
LocalAlloc
LocalFree
GetTimeZoneInformation
FileTimeToSystemTime
GetTimeFormatW
CompareFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetDateFormatW
DeleteFileW
CloseHandle
DeleteCriticalSection
CreateFileMappingW
GlobalFree
EnterCriticalSection
GetProcAddress
GlobalUnlock
CompareStringW
GetModuleFileNameW
GetFileAttributesW
LeaveCriticalSection
GetVersionExW
LoadLibraryW
GlobalAlloc
InitializeCriticalSection
GetTickCount
GetModuleHandleW
GlobalLock
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
GetCommandLineW
SetStdHandle
FlushFileBuffers
VirtualQuery
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

DispatchMessageW
MoveWindow
CheckMenuItem
MsgWaitForMultipleObjects
DrawTextW
PostMessageW
SetCapture
LoadImageW
TrackPopupMenu
PostQuitMessage
GetMessageW
GetWindowRect
ScreenToClient
GetDlgItemInt
TranslateAcceleratorW
CloseClipboard
GetWindowTextLengthW
SetCursor
SetWindowPlacement
DestroyWindow
ClientToScreen
EndPaint
DialogBoxIndirectParamW
CopyIcon
IsZoomed
GetSubMenu
DeleteMenu
GetFocus
DialogBoxParamW
GetParent
LoadCursorW
MessageBeep
MenuItemFromPoint
GetClientRect
SetFocus
GetMenuItemInfoW
BeginPaint
PtInRect
SetPropW
InsertMenuItemW
TranslateMessage
LoadAcceleratorsW
InflateRect
ChildWindowFromPoint
SetDlgItemInt
GetMenu
IsDialogMessageW
DefWindowProcW
CallWindowProcW
GetPropW
DrawFrameControl
EndDeferWindowPos
DestroyIcon
SetWindowTextW
DestroyMenu
SetClipboardData
RegisterClassExW
LoadIconW
GetWindowPlacement
OffsetRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
PeekMessageW
GetClassNameW
EnableMenuItem
EmptyClipboard
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
GetSysColor
SetWindowPos
CheckDlgButton
EnumChildWindows
ShowWindow
CreatePopupMenu
GetSysColorBrush
IsDlgButtonChecked
CreateDialogParamW
DrawMenuBar
GetActiveWindow
GetMenuItemCount
CreateWindowExW
SetMenuDefaultItem
OpenClipboard
DeferWindowPos
MessageBoxW
ReleaseCapture
BeginDeferWindowPos
GetSystemMetrics
IsWindowVisible
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
MapWindowPoints
UpdateWindow
EnableWindow

gdi32

SetBkColor
ExtTextOutW
EndPage
StartPage
GetDeviceCaps
SetMapMode
SetTextColor
CreateFontIndirectW
SetBkMode
SelectObject
GetObjectW
EndDoc
GetStockObject
StartDocW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

advapi32

GetSecurityDescriptorLength
RegDeleteValueW
RegCreateKeyW
RegEnumValueW
RegSetValueExW
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetLengthSid
ConvertSidToStringSidW
ConvertSecurityDescriptorToStringSecurityDescriptorW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
IsValidSid
GetSecurityDescriptorOwner
GetSidIdentifierAuthority
GetSidSubAuthority
MapGenericMask
GetSidSubAuthorityCount
EqualSid
GetAce
LookupAccountSidW
AllocateAndInitializeSid
RegCloseKey

shell32

CommandLineToArgvW
ShellExecuteW

ole32

CoInitialize
CreateBindCtx
CoUninitialize
CoCreateInstance
IIDFromString
StringFromGUID2

oleaut32

SafeArrayAccessData
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetUBound
SysFreeString
SafeArrayGetElement
VarDateFromStr
VariantChangeType
VariantInit
SysAllocStringByteLen
VariantClear
SafeArrayGetLBound
SysStringLen
SysAllocString

comctl32

ImageList_Draw
CreateToolbarEx
CreatePropertySheetPageW
ImageList_Create
ImageList_ReplaceIcon
ImageList_EndDrag
ImageList_DragMove
ImageList_BeginDrag
ImageList_DragLeave
ImageList_DragEnter
ord17
CreateStatusWindowW
PropertySheetW

activeds

ord9
ord20
ord15
ord12
ord13
ord7

wldap32

ord155
ord118
ord14
ord73
ord145
ord13
ord188
ord88

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc22a526c18358f987f144e2ac31d338

Headers

File Characteristics

Imports

netapi32

rpcrt4

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

activeds

wldap32

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 41KB - Virtual size: 49KB

.rsrc Size: 45KB - Virtual size: 45KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 41KB - Virtual size: 49KB

.rsrc
Size: 45KB - Virtual size: 45KB