c3f5b1c17d64cdfd3795511ca839345c67d9f7ed17363c26f20aad348331eb30

Sharing

Copy URL Twitter E-mail

General

Target

c3f5b1c17d64cdfd3795511ca839345c67d9f7ed17363c26f20aad348331eb30
Size

277KB
MD5

6a0fcb6b0bb18660013468b5392a9a50
SHA1

af1e5a64afc2a1e8471397f84af86e8e2e100968
SHA256

c3f5b1c17d64cdfd3795511ca839345c67d9f7ed17363c26f20aad348331eb30
SHA512

9b3b45211d7f38fd436032740f885e91b2d162e8102822e76c862a111c62fcfa6cddb81c0807671d63b6a8bf8066e369fe54e09547b584fdadfe0e56e6d76fdf
SSDEEP

6144:3LpvmK9psu9NFYwYjfuFmfHN49lpCWJQeAZxs4mS+XiYG3N:7pvmK9dFYwYCF5bQzZxd2iYu

Score

N/A

Malware Config

Signatures

Files

c3f5b1c17d64cdfd3795511ca839345c67d9f7ed17363c26f20aad348331eb30
.exe windows x86

e8060cfe1366a3dcf593db70631abc94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrcmpiW
GetSystemInfo
FindResourceW
GetCurrentProcess
LeaveCriticalSection
FormatMessageW
GetProcAddress
VirtualFree
GetSystemTimeAsFileTime
HeapAlloc
InterlockedIncrement
QueryPerformanceCounter
LoadResource
lstrlenW
MultiByteToWideChar
SizeofResource
LoadLibraryA
LoadLibraryW
lstrcpynW
DeleteCriticalSection
GetModuleFileNameW
lstrcatW
GetOEMCP
lstrlenA
GetEnvironmentStringsA
IsValidCodePage
FlushInstructionCache
FreeLibrary
OutputDebugStringA
InterlockedDecrement
GetTickCount
GetUserDefaultLCID
LocalFree
GetLastError
SetUnhandledExceptionFilter
SetLastError
HeapFree
GetProcessHeap
HeapDestroy
GetCurrentProcessId

advapi32

RegDeleteKeyW
TraceMessage
RegQueryInfoKeyW
UnregisterTraceGuids
GetTraceEnableLevel
RegisterTraceGuidsW
RegEnumKeyExW
GetTraceEnableFlags
GetTraceLoggerHandle
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFolderPathW

rpcrt4

NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
CStdStubBuffer_CountRefs
NdrDllUnregisterProxy
NdrDllGetClassObject
NdrOleAllocate
CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Connect
NdrOleFree

user32

DialogBoxParamW
LoadImageW
GetSystemMetrics
EndDialog
SetDlgItemTextW
ShowWindow
MessageBoxW
GetParent
SendDlgItemMessageW
GetDlgItem
GetClientRect
GetWindowRect
SetWindowLongW
MapWindowPoints
DestroyWindow
GetDialogBaseUnits
CharNextW
CopyRect
CreateDialogParamW
GetDlgItemTextW
GetWindow
SystemParametersInfoW
SetWindowPos
LoadStringW
SetFocus
DrawTextW
SetWindowTextW
GetWindowLongW
EnableWindow
SendMessageW

wldap32

ldap_count_entries
ldap_count_values
ldap_controls_freeW
ldap_count_references

gdi32

SetBkMode

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8060cfe1366a3dcf593db70631abc94

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

rpcrt4

user32

wldap32

gdi32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 149KB - Virtual size: 184KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 149KB - Virtual size: 184KB

.rsrc
Size: 5KB - Virtual size: 4KB