67cf6ce819a3d0437c9ddb36d24373e82f8f0f43c6b1b96c2b01ad1a78475bdc

Sharing

Copy URL Twitter E-mail

General

Target

67cf6ce819a3d0437c9ddb36d24373e82f8f0f43c6b1b96c2b01ad1a78475bdc
Size

282KB
MD5

605764566d92c8ad63212ac540a9fcf0
SHA1

06aad9964a64a8bc529563e8f71f518214563716
SHA256

67cf6ce819a3d0437c9ddb36d24373e82f8f0f43c6b1b96c2b01ad1a78475bdc
SHA512

ef63c37df0deb09355aace58ad3c6cb6cc0756cb9c5dfd3d80336fb81a84cc9590907180c9e9a1e58da6eb78528a848cb1e3b33f406a9717903876ce6a4ffe2a
SSDEEP

6144:4+dT6ET80ii3T3KQGNauy5nARNMrNHcgZ16h0yDTe2g:1kETNvT0a46xP6h9D62g

Score

N/A

Malware Config

Signatures

Files

67cf6ce819a3d0437c9ddb36d24373e82f8f0f43c6b1b96c2b01ad1a78475bdc
.exe windows x86

75ec5e5ce2f38bd9c55a9c8d69987d77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynW
LoadResource
QueryPerformanceCounter
GetProcAddress
SetUnhandledExceptionFilter
GetProcessHeap
LoadLibraryW
lstrcmpiW
SizeofResource
lstrlenA
FreeLibrary
HeapFree
lstrcpyW
GetCurrentProcess
GetTickCount
SetLastError
GetLastError
FindResourceW
LoadLibraryExW
lstrcatW
GetCurrentProcessId
InterlockedDecrement
GetUserDefaultLCID
IsValidCodePage
GetModuleFileNameW
InterlockedIncrement
LoadLibraryA
GetSystemTimeAsFileTime
MultiByteToWideChar
DeleteCriticalSection
GetEnvironmentStringsA
FormatMessageW
HeapDestroy
LocalFree
lstrlenW
FlushInstructionCache
OutputDebugStringA
HeapAlloc
GetStartupInfoA
LeaveCriticalSection
VirtualFree
GetSystemInfo

shell32

SHGetFolderPathW
ShellExecuteW

rpcrt4

NdrOleFree
NdrDllGetClassObject
NdrDllRegisterProxy
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Invoke
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
CStdStubBuffer_Disconnect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_AddRef
NdrDllUnregisterProxy
CStdStubBuffer_Connect
NdrOleAllocate

user32

MapWindowPoints
SetFocus
SendMessageW
GetWindow
LoadStringW
GetDlgItemTextW
GetSystemMetrics
GetDialogBaseUnits
CreateDialogParamW
CharNextW
SetWindowPos
DrawTextW
GetWindowLongW
DialogBoxParamW
EndDialog
SendDlgItemMessageW
GetParent
CopyRect
SetWindowLongW
SystemParametersInfoW
MessageBoxW
ShowWindow
GetWindowRect
SetDlgItemTextW
GetClientRect
GetDlgItem
SetWindowTextW
EnableWindow
DestroyWindow
LoadImageW

wldap32

ldap_count_references
ldap_controls_freeW
ldap_count_entries
ldap_count_values

url

OpenURL
TelnetProtocolHandlerA
OpenURLA
TelnetProtocolHandler

advapi32

RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
UnregisterTraceGuids
RegCloseKey
RegisterTraceGuidsW
RegQueryInfoKeyW
TraceMessage
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
GetTraceLoggerHandle
GetTraceEnableLevel
RegDeleteKeyW
GetTraceEnableFlags

Sections

text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75ec5e5ce2f38bd9c55a9c8d69987d77

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

rpcrt4

user32

wldap32

url

advapi32

Sections

text Size: 123KB - Virtual size: 122KB

.rdata Size: 151KB - Virtual size: 159KB

.rsrc Size: 5KB - Virtual size: 5KB

text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 151KB - Virtual size: 159KB

.rsrc
Size: 5KB - Virtual size: 5KB