lockoutstatus[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

lockoutstatus.exe
Size

51KB
MD5

7d1f8eb96344261b225e80ac241ef10b
SHA1

2ba65ac14bc70fe6496f22f2e6a2403b37613a57
SHA256

d09e1034999356be721a11f260330dc444c0fc643736f54263d79d2d1b487542
SHA512

5b251c6a5bc87f1011adb1cadde30f7da85f10c68af1ff28135d1908af520e26a3adbb9ec6c491e37745b36d873c3878d4f0a2fae55ea0e0f78d3ce3c3b49ff7
SSDEEP

1536:0xQE/mMb50L+rDe//RSy+XGrtlUhtG0n:0xQmmMbyL+rDEZD+XGrtlUhc0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lockoutstatus.exe

Files

lockoutstatus.exe
.exe windows:5 windows x86 arch:x86

f2207a5af074e2cc5a2eecd72d55e999

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
ExpandEnvironmentStringsW
FormatMessageW
WriteFile
SetFilePointer
GetCurrentThreadId
ResumeThread
QueryPerformanceCounter
CreateFileW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
WaitForMultipleObjects
CloseHandle
InitializeCriticalSection
GetCommandLineW
GlobalFree
GetTickCount
GetLastError
GetStartupInfoA
CreateThread
WaitForSingleObject
DeleteCriticalSection
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
EnterCriticalSection
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
LocalFree

msvcrt

_wcsnicmp
_CxxThrowException
wcsrchr
wcstoul
_c_exit
_exit
_XcptFilter
_cexit
wcscmp
_acmdln
__getmainargs
_initterm
??2@YAPAXI@Z
_wcsicmp
??3@YAXPAX@Z
wcschr
exit
_itow
_controlfp
__set_app_type
_vsnwprintf
wcslen
_except_handler3
wcsstr
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr

advapi32

LsaOpenPolicy
LsaRetrievePrivateData
RegSetValueExW
LsaStorePrivateData
GetUserNameW
RegConnectRegistryW
RegOpenKeyW
LsaClose
RegOpenKeyExW
RegCreateKeyW
RegCloseKey
RegQueryValueExW

user32

SendDlgItemMessageW
GetParent
MessageBoxW
EndDialog
SendMessageW
MoveWindow
GetClientRect
SetWindowPos
SetWindowLongW
GetWindowLongW
UpdateWindow
EnableMenuItem
DestroyIcon
LoadIconW
GetSystemMetrics
CreateWindowExW
TrackPopupMenu
DestroyMenu
GetSubMenu
LoadMenuW
SetDlgItemTextW
GetDlgItemTextW
EnableWindow
GetWindowTextLengthW
GetDlgItem
IsDlgButtonChecked
SetCursor
LoadCursorW
DialogBoxParamW
ShowWindow
LoadStringW
DestroyWindow
GetMenu
PostQuitMessage
RegisterClassExW
LoadImageW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
LoadAcceleratorsW
GetMessageW
SetForegroundWindow
GetDesktopWindow
GetWindowRect
GetWindowInfo
SetWindowTextW
DefWindowProcW

netapi32

NetApiBufferFree
NetUserGetInfo
NetUserModalsGet
DsGetDcNameW

ntdsapi

DsReplicaFreeInfo
DsFreeNameResultW
DsGetDomainControllerInfoW
DsFreeDomainControllerInfoW
DsMakePasswordCredentialsW
DsBindWithCredW
DsFreePasswordCredentials
DsCrackNamesW
DsReplicaGetInfoW
DsBindW
DsUnBindW

comctl32

ImageList_ReplaceIcon
ord17
ImageList_Create

comdlg32

GetSaveFileNameW

shell32

ShellAboutW
CommandLineToArgvW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString

activeds

ord20
ord15
ord9

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2207a5af074e2cc5a2eecd72d55e999

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

netapi32

ntdsapi

comctl32

comdlg32

shell32

ole32

oleaut32

activeds

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 512B

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 512B

.rsrc
Size: 12KB - Virtual size: 12KB