4c22004489043b3643050a0889a617f0becd7ae6520adbe002dc0f50e89f3ad1

Sharing

Copy URL Twitter E-mail

General

Target

4c22004489043b3643050a0889a617f0becd7ae6520adbe002dc0f50e89f3ad1
Size

275KB
MD5

6e7dedaa6cf59445c778a05a4b4ebf90
SHA1

f4d2804a3a6dba99b8e456b09962029eaa85964e
SHA256

4c22004489043b3643050a0889a617f0becd7ae6520adbe002dc0f50e89f3ad1
SHA512

7201fbb49e3b073bed1702f95eb4d582aba5add0cc10e1fc44694273d92e0b3e59a6e4972dc43e0f65cb69848d2929ba5f643903afbb7a39792d783ff88da2d1
SSDEEP

6144:0VOvX12+78IRoBSI4XsZMN0WcMvTTdjGPVIUTLi4wZnlba:JvXj7fs4X/fOCx5a

Score

N/A

Malware Config

Signatures

Files

4c22004489043b3643050a0889a617f0becd7ae6520adbe002dc0f50e89f3ad1
.exe windows x86

2c2275fa2bdb71f72f49c7615aed6c4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_count_references
ldap_controls_freeW
ldap_count_entries
ldap_count_values

advapi32

RegQueryValueExW
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
RegDeleteKeyW
RegQueryInfoKeyW
TraceMessage
GetTraceEnableFlags
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
GetTraceLoggerHandle
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

user32

MapWindowPoints
CreateDialogParamW
SendDlgItemMessageW
SetDlgItemTextW
GetDialogBaseUnits
CopyRect
DestroyWindow
GetParent
LoadStringW
GetWindowLongW
EnableWindow
ShowWindow
GetWindowRect
LoadImageW
DrawTextW
SendMessageW
DialogBoxParamW
SetWindowPos
GetClientRect
SetWindowLongW
SystemParametersInfoW
CharNextW
GetDlgItemTextW
SetWindowTextW
GetDlgItem
GetSystemMetrics
SetFocus
EndDialog
MessageBoxW
GetWindow

kernel32

FormatMessageW
FlushInstructionCache
GetModuleFileNameW
LoadLibraryW
SizeofResource
GetCurrentProcess
GetCurrentProcessId
GetTickCount
HeapAlloc
LoadResource
GetLastError
GetUserDefaultLCID
HeapDestroy
LeaveCriticalSection
GetEnvironmentStringsA
GetSystemTimeAsFileTime
VirtualFree
GetProcAddress
lstrcpyW
LocalFree
GetProcessHeap
GetSystemInfo
lstrlenW
OutputDebugStringA
SetLastError
lstrcpynW
IsValidCodePage
InterlockedIncrement
LoadLibraryA
FreeLibrary
InterlockedDecrement
HeapFree
MultiByteToWideChar
DeleteCriticalSection
lstrcatW
FindResourceW
GetOEMCP
lstrlenA
lstrcmpiW
SetUnhandledExceptionFilter
QueryPerformanceCounter

rpcrt4

NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
NdrOleAllocate
NdrDllRegisterProxy

shell32

ShellExecuteW
SHGetFolderPathW

gdi32

SetBkMode

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c2275fa2bdb71f72f49c7615aed6c4b

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

advapi32

user32

kernel32

rpcrt4

shell32

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 149KB - Virtual size: 212KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 149KB - Virtual size: 212KB

.rsrc
Size: 5KB - Virtual size: 4KB