f0ac78cff7a99990dccbd334a05dcc7f9661370820ea68deaa41b535297219dd

Sharing

Copy URL Twitter E-mail

General

Target

f0ac78cff7a99990dccbd334a05dcc7f9661370820ea68deaa41b535297219dd
Size

180KB
MD5

62761c1500a3e541df51db03319043c0
SHA1

858b9cbbebe0641072fb1a7fb362132ca6b28ee3
SHA256

f0ac78cff7a99990dccbd334a05dcc7f9661370820ea68deaa41b535297219dd
SHA512

67c76731607d102a7196a9a1fcb86678aad39cfb02bf0ec128462d6db10dc402d3410814d45253cd8f2617d3662bed5abe8d9db6cc4ae62e34ba5a27ca15bd80
SSDEEP

3072:jpBmrVgH2b2/4xD1BSE6TOF79jpIg19RCjXIDry5WGPH3y:1BSVgO2/4HBSK75y0+WGPC

Score

N/A

Malware Config

Signatures

Files

f0ac78cff7a99990dccbd334a05dcc7f9661370820ea68deaa41b535297219dd
.dll windows x86

e303e1d96e1e88e69ae6cc59d76ce6a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WaitForSingleObject
CreatePipe
GetCommTimeouts
SetCommBreak
GetPrivateProfileSectionNamesW
SetEnvironmentVariableW
GetCompressedFileSizeW
WriteFile
WriteConsoleOutputW
FindCloseChangeNotification
GetVolumePathNameA
GetSystemTimeAsFileTime
GetCPInfo
WaitForSingleObject
EnterCriticalSection
GetProfileIntW
GetModuleFileNameW
lstrcpyW

user32

EqualRect
ArrangeIconicWindows

ntdsapi

DsBindW
DsListSitesA
DsReplicaSyncA
DsReplicaAddA
DsServerRegisterSpnA
DsRemoveDsDomainW
DsReplicaModifyW
DsReplicaModifyA
DsWriteAccountSpnW
DsClientMakeSpnForTargetServerA
DsReplicaSyncAllA
DsListRolesA
DsReplicaDelA
DsFreeSchemaGuidMapA
DsListServersInSiteA
DsReplicaSyncAllW
DsFreeSpnArrayW
DsListDomainsInSiteW
DsFreeSchemaGuidMapW
DsFreeDomainControllerInfoW
DsFreeNameResultA
DsUnBindA
DsRemoveDsDomainA
DsMakeSpnW
DsBindA
DsQuoteRdnValueA
DsFreeDomainControllerInfoA
DsServerRegisterSpnW
DsClientMakeSpnForTargetServerW

Exports

Exports

AbortRunningLibrary
DebugBackup
ExitHard
ExtractBuildOwner
FlattenCreate
GdiInputOptionFreeEngine
MsgTapemarkConnect
PolyFocusOwnerILockEx
ReadProgBytes
ScrollActiveIStorage
ValidateBuildCertificate

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e303e1d96e1e88e69ae6cc59d76ce6a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ntdsapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.data Size: 8KB - Virtual size: 75KB

.edata Size: 8KB - Virtual size: 5KB

.CRT Size: 44KB - Virtual size: 40KB

.reloc Size: 24KB - Virtual size: 23KB

.tls Size: 48KB - Virtual size: 47KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 40KB - Virtual size: 38KB

.data
Size: 8KB - Virtual size: 75KB

.edata
Size: 8KB - Virtual size: 5KB

.CRT
Size: 44KB - Virtual size: 40KB

.reloc
Size: 24KB - Virtual size: 23KB

.tls
Size: 48KB - Virtual size: 47KB

.reloc
Size: 4KB - Virtual size: 1KB