51a661077b10800501ae176f8a90edfad7a6df723a453b68deae0e16e932762c

Sharing

Copy URL

Twitter E-mail

General

Target

51a661077b10800501ae176f8a90edfad7a6df723a453b68deae0e16e932762c
Size

314KB
MD5

71a855adea940066674c962d349ed640
SHA1

636dc70457633fc06ae3d3cd565a6a912010c424
SHA256

51a661077b10800501ae176f8a90edfad7a6df723a453b68deae0e16e932762c
SHA512

a6da8812318ad16883d2bdb6fa93295758932cde21b934848d905d0877a23aa5eebff81f5967055259beebf1acf9700e780b559a05077c1ea4bf18782740e36c
SSDEEP

6144:x3oTCcrlFCR7a6EEqoneNBxNcLl8ubKQu3WA9i5MM/zWRbvZyMD:x3ICW8da6oonexNClhgWfmAzWC4

Score

N/A

Malware Config

Signatures

Files

51a661077b10800501ae176f8a90edfad7a6df723a453b68deae0e16e932762c
.exe windows x86

425d2b8d38b80efca7a5f5f53c2aee23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
CreateDialogParamW
MapWindowPoints
GetDialogBaseUnits
CharNextW
GetWindowRect
GetWindowLongW
EndDialog
SetWindowPos
CopyRect
LoadImageW
GetSystemMetrics
GetWindow
SendMessageW
MessageBoxW
SendDlgItemMessageW
ShowWindow
DestroyWindow
DialogBoxParamW
SetDlgItemTextW
SetWindowTextW
GetDlgItemTextW
GetDlgItem
LoadStringW
SystemParametersInfoW
GetParent
DrawTextW
GetClientRect
SetWindowLongW
SetFocus

rpcrt4

NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
NdrDllUnregisterProxy
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
NdrDllRegisterProxy
CStdStubBuffer_DebugServerQueryInterface
NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
NdrOleFree
CStdStubBuffer_Disconnect
NdrOleAllocate

url

OpenURLA
TelnetProtocolHandlerA
OpenURL
TelnetProtocolHandler

kernel32

GetTickCount
HeapAlloc
OutputDebugStringA
LoadLibraryW
GetSystemTimeAsFileTime
lstrlenA
FlushInstructionCache
GetProcAddress
InterlockedIncrement
LoadLibraryA
GetCurrentProcessId
DeleteCriticalSection
GetModuleFileNameW
InterlockedDecrement
lstrcatW
SetLastError
GetUserDefaultLCID
EnterCriticalSection
LoadResource
LoadLibraryExW
lstrcmpiW
lstrlenW
lstrcpyW
FindResourceW
MultiByteToWideChar
GetStartupInfoA
GetSystemInfo
LocalFree
GetEnvironmentStringsA
GetCurrentProcess
HeapFree
LeaveCriticalSection
FreeLibrary
GetProcessHeap
QueryPerformanceCounter
lstrcpynW
HeapDestroy
FormatMessageW
SetUnhandledExceptionFilter
GetLastError
VirtualFree
SizeofResource

wldap32

ldap_count_values
ldap_controls_freeW
ldap_count_references
ldap_count_entries

shell32

ShellExecuteW
SHGetFolderPathW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
TraceMessage
GetTraceEnableLevel
RegDeleteValueW
RegEnumKeyExW
UnregisterTraceGuids
RegQueryValueExW
GetTraceLoggerHandle
RegCloseKey
RegisterTraceGuidsW
RegOpenKeyExW
GetTraceEnableFlags

Sections

text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

425d2b8d38b80efca7a5f5f53c2aee23

Headers

DLL Characteristics

File Characteristics

Imports

user32

rpcrt4

url

kernel32

wldap32

shell32

advapi32

Sections

text Size: 127KB - Virtual size: 127KB

.rdata Size: 158KB - Virtual size: 166KB

.rsrc Size: 26KB - Virtual size: 26KB

text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 158KB - Virtual size: 166KB

.rsrc
Size: 26KB - Virtual size: 26KB