66c4fb72090d8f58cea15e6d8b599fec39c7916cc6ef03f925e796fa881116c4

Sharing

Copy URL

Twitter E-mail

General

Target

66c4fb72090d8f58cea15e6d8b599fec39c7916cc6ef03f925e796fa881116c4
Size

317KB
MD5

0030aea7ff8e0e007c16082c382d4c9a
SHA1

7f827101895e4b2bd1f173827277827d0162433b
SHA256

66c4fb72090d8f58cea15e6d8b599fec39c7916cc6ef03f925e796fa881116c4
SHA512

27200affc530722b1177a686f4a15f59e5e430f2563f27ded2a0ccb60fa1fd7c68c8c16ed49184a376fe6d55ebaff4dff6aa1b9fd720e873deae16e8232932d5
SSDEEP

6144:EJjM6tJPibR5UeGYSvNRkXMfEQjHgCJgnXCqgQAmZvMmk/CuH8EMaPlDghfL436F:EJpJPil5UeGYSvNRkXm7JqnSqgQNZlg0

Score

N/A

Malware Config

Signatures

Files

66c4fb72090d8f58cea15e6d8b599fec39c7916cc6ef03f925e796fa881116c4
.dll windows x86

ca081a93a54d2dca322b04bb5994227d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
SetFilePointer
GetWindowsDirectoryA
Sleep
GetEnvironmentVariableA
VirtualProtect
DeleteCriticalSection
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
RtlUnwind
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
DebugBreak
InitializeCriticalSectionAndSpinCount
ReadFile
MultiByteToWideChar
GetProcessHeap
SetEndOfFile
GetConsoleMode
GetConsoleCP
WriteFile
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualAlloc
HeapReAlloc
HeapSize
GetLastError
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
GetCommandLineA
HeapValidate
IsBadReadPtr
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFileType
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
GetProcAddress
TlsGetValue
GetModuleHandleW
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc

ntdsapi

DsReplicaConsistencyCheck
DsReplicaDelA
DsRemoveDsServerA
DsListInfoForServerA
DsReplicaAddA
DsMakeSpnA
DsListSitesA
DsBindWithCredA
DsListServersInSiteA
DsReplicaSyncA
DsReplicaModifyA
DsReplicaSyncAllA
DsMapSchemaGuidsA
DsBindWithSpnA
DsListRolesA
DsRemoveDsDomainA
DsIsMangledRdnValueA
DsQuoteRdnValueA
DsAddSidHistoryA
DsReplicaFreeInfo
DsReplicaUpdateRefsA
DsListDomainsInSiteA
DsListServersForDomainInSiteA
DsMakePasswordCredentialsA
DsBindA

oleaut32

OleTranslateColor
BstrFromVector
SafeArrayCreateVector
VarUI2FromUI8
SafeArrayCopyData
OleLoadPicture
OleCreatePropertyFrame
OleCreateFontIndirect
OleSavePictureFile
OleLoadPictureEx
OleLoadPictureFileEx
OleLoadPictureFile
OleCreatePictureIndirect
VectorFromBstr
OleCreatePropertyFrameIndirect
OleIconToCursor

Sections

.text
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 9.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca081a93a54d2dca322b04bb5994227d

Headers

File Characteristics

Imports

kernel32

ntdsapi

oleaut32

Sections

.text Size: 245KB - Virtual size: 245KB

.data Size: 29KB - Virtual size: 9.1MB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 38KB - Virtual size: 37KB

.text
Size: 245KB - Virtual size: 245KB

.data
Size: 29KB - Virtual size: 9.1MB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 38KB - Virtual size: 37KB