6ce1aab379a772b198a6060f939112f9b32209f80f77f289a00659c9868ac81b

Sharing

Copy URL Twitter E-mail

General

Target

6ce1aab379a772b198a6060f939112f9b32209f80f77f289a00659c9868ac81b
Size

276KB
MD5

3b8fffa278f0a77a2b71d75c78078f60
SHA1

4ea53c96a618b5cf3c8a3adfe20fe561b0c99d55
SHA256

6ce1aab379a772b198a6060f939112f9b32209f80f77f289a00659c9868ac81b
SHA512

df2d9a7a8dadf5881cfbaaab12567d139013321e6500e37c33ca9536ac43d5f96160c2f34c844b06ab5ff8843e543c28a97a9122ce9fcb82ae852098b33d2fd4
SSDEEP

6144:+scn/e+tPrhzBLTU5zdUCXQEp6oE/JnUqjf8ZpvZH:mn7NBvU5zm8p63xnNjfYpRH

Score

N/A

Malware Config

Signatures

Files

6ce1aab379a772b198a6060f939112f9b32209f80f77f289a00659c9868ac81b
.exe windows x86

ddeec0cb1588dc9ce47c612876fb7328

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
GetWindowLongW
GetDlgItemTextW
SetWindowLongW
SetFocus
EndDialog
DrawTextW
GetDlgItem
SendMessageW
MessageBoxW
GetDialogBaseUnits
CreateDialogParamW
GetWindowRect
SetWindowTextW
CopyRect
SendDlgItemMessageW
SystemParametersInfoW
MapWindowPoints
LoadStringW
SetWindowPos
DialogBoxParamW
GetSystemMetrics
SetDlgItemTextW
ShowWindow
CharNextW
DestroyWindow
GetClientRect
GetWindow
GetParent
LoadImageW

kernel32

HeapDestroy
HeapAlloc
lstrcpyW
GetCurrentProcess
GetProcAddress
lstrcmpiW
SetUnhandledExceptionFilter
FreeLibrary
GetCurrentProcessId
VirtualFree
InterlockedDecrement
GetLastError
MultiByteToWideChar
LoadLibraryA
QueryPerformanceCounter
lstrcatW
GetUserDefaultLCID
GetTickCount
InterlockedIncrement
lstrlenA
FormatMessageW
LocalFree
FindResourceW
GetEnvironmentStringsA
DeleteCriticalSection
lstrlenW
GetOEMCP
OutputDebugStringA
GetProcessHeap
SizeofResource
LoadLibraryW
SetLastError
lstrcpynW
HeapFree
GetSystemInfo
GetSystemTimeAsFileTime
GetModuleFileNameW
IsValidCodePage
LeaveCriticalSection
LoadResource
FlushInstructionCache

rpcrt4

NdrDllCanUnloadNow
NdrOleAllocate
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
NdrDllRegisterProxy
NdrOleFree
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
NdrDllGetClassObject

advapi32

RegSetValueExW
RegCloseKey
TraceMessage
RegDeleteValueW
GetTraceEnableLevel
RegQueryValueExW
RegEnumKeyExW
GetTraceEnableFlags
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceLoggerHandle
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW

wldap32

ldap_count_entries
ldap_controls_freeW
ldap_count_values
ldap_count_references

gdi32

SetBkMode

shell32

SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddeec0cb1588dc9ce47c612876fb7328

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

rpcrt4

advapi32

wldap32

gdi32

shell32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 149KB - Virtual size: 212KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 149KB - Virtual size: 212KB

.rsrc
Size: 5KB - Virtual size: 4KB