b80953b4dcdc95f0343941c692f2fe445ace8ccedc63eed52b8d5ff83f3df000

Sharing

Copy URL Twitter E-mail

General

Target

b80953b4dcdc95f0343941c692f2fe445ace8ccedc63eed52b8d5ff83f3df000
Size

275KB
MD5

61efacc27c94085a297029846ad892b0
SHA1

a81ab427c8c6dff7544f0061347dff03e2582d67
SHA256

b80953b4dcdc95f0343941c692f2fe445ace8ccedc63eed52b8d5ff83f3df000
SHA512

23b77790108c49ec66e461cca4d343d712b71337bda19c164acb5a096d2b2f64e0e640d72e439437c8bda4d47714b6f16bd78ad96ff6e6bc149b2b5c6a23ce52
SSDEEP

6144:3NKcgSfAcOsNAmTSbefE4axEtoIs+3WcHQd48TV:3NKclYOtIxEt6oHQd4U

Score

N/A

Malware Config

Signatures

Files

b80953b4dcdc95f0343941c692f2fe445ace8ccedc63eed52b8d5ff83f3df000
.exe windows x86

e1aaf7ad81c5badcd0a56ac2bce1bc28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags
RegCreateKeyExW
RegCloseKey
RegisterTraceGuidsW
GetTraceEnableLevel
RegSetValueExW
TraceMessage
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

kernel32

lstrcmpiW
GetEnvironmentStringsA
HeapAlloc
lstrcpyW
GetSystemInfo
GetTickCount
SetLastError
FlushInstructionCache
lstrlenA
LoadLibraryW
GetCurrentProcessId
LeaveCriticalSection
HeapDestroy
lstrcpynW
GetLastError
DeleteCriticalSection
GetModuleFileNameW
GetProcessHeap
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsValidCodePage
LocalFree
lstrlenW
FreeLibrary
InterlockedDecrement
FormatMessageW
FindResourceW
HeapFree
MultiByteToWideChar
OutputDebugStringA
GetStartupInfoA
GetUserDefaultLCID
VirtualFree
lstrcatW
LoadLibraryA
SizeofResource
InterlockedIncrement
GetProcAddress
GetCurrentProcess
LoadResource
QueryPerformanceCounter

user32

CreateDialogParamW
GetDlgItem
SetFocus
DialogBoxParamW
CharNextW
SendMessageW
SystemParametersInfoW
DrawTextW
GetDialogBaseUnits
MessageBoxW
MapWindowPoints
ShowWindow
SetWindowLongW
LoadStringW
LoadImageW
GetWindowLongW
GetClientRect
GetDlgItemTextW
SendDlgItemMessageW
DestroyWindow
SetDlgItemTextW
GetWindowRect
GetParent
EnableWindow
SetWindowPos
EndDialog
CopyRect
GetWindow
GetSystemMetrics
SetWindowTextW

gdi32

SetBkMode

rpcrt4

NdrDllGetClassObject
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
NdrOleAllocate
NdrDllRegisterProxy
NdrOleFree
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
NdrDllUnregisterProxy

wldap32

ldap_controls_freeW
ldap_count_references
ldap_count_values
ldap_count_entries

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1aaf7ad81c5badcd0a56ac2bce1bc28

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

rpcrt4

wldap32

shell32

Sections

text Size: 121KB - Virtual size: 120KB

.rdata Size: 146KB - Virtual size: 166KB

.rsrc Size: 6KB - Virtual size: 5KB

text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 146KB - Virtual size: 166KB

.rsrc
Size: 6KB - Virtual size: 5KB