2e5d199004bfb394c3bdcc6d95c8eaef4adee4e88a722831debb80ba5e9ce309

Sharing

Copy URL Twitter E-mail

General

Target

2e5d199004bfb394c3bdcc6d95c8eaef4adee4e88a722831debb80ba5e9ce309
Size

277KB
MD5

37a3cc42f36bb192e2b8bb70ef2fee60
SHA1

55ab75469e46def1f9d01b22e1e52a6971c1076d
SHA256

2e5d199004bfb394c3bdcc6d95c8eaef4adee4e88a722831debb80ba5e9ce309
SHA512

7b06e1c2d140a8fa79e153a8ef679cdadfc8af69deaa1b0ca2ec061dc0316df0679ac0a4fd6ca776b8a6013ccd691dced2d3a9cb2c0fdf2aa8622d62e33cf02c
SSDEEP

6144:OSB+RynDmczz7dtr1taExrsmbkBBfafco5DpBrFbhPON:OS+GbaExvbkzfCZ1PON

Score

N/A

Malware Config

Signatures

Files

2e5d199004bfb394c3bdcc6d95c8eaef4adee4e88a722831debb80ba5e9ce309
.exe windows x86

c0dbe0ff90e24abbb081943b3a4891dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
DestroyWindow
CharNextW
GetSystemMetrics
GetDlgItem
GetDialogBaseUnits
SendMessageW
GetParent
MessageBoxW
SetWindowTextW
DrawTextW
SetWindowLongW
GetWindowRect
SetFocus
GetWindow
SetWindowPos
SetDlgItemTextW
CopyRect
CreateDialogParamW
SendDlgItemMessageW
MapWindowPoints
SystemParametersInfoW
GetClientRect
DialogBoxParamW
ShowWindow
LoadImageW
EndDialog
EnableWindow
GetWindowLongW
LoadStringW

advapi32

TraceMessage
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
GetTraceLoggerHandle
RegEnumKeyExW
GetTraceEnableLevel
UnregisterTraceGuids
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
GetTraceEnableFlags
RegDeleteValueW
RegisterTraceGuidsW
RegQueryInfoKeyW

kernel32

FlushInstructionCache
GetCurrentProcessId
GetSystemInfo
GetTickCount
DeleteCriticalSection
lstrcatW
GetEnvironmentStringsA
GetLastError
SetLastError
IsValidCodePage
lstrlenW
GetProcAddress
HeapDestroy
HeapFree
QueryPerformanceCounter
GetStartupInfoA
SizeofResource
LoadLibraryW
LoadLibraryA
HeapAlloc
VirtualFree
FreeLibrary
FindResourceW
SetUnhandledExceptionFilter
lstrcmpiW
GetSystemTimeAsFileTime
InterlockedDecrement
OutputDebugStringA
lstrlenA
LoadResource
lstrcpynW
GetProcessHeap
InterlockedIncrement
GetModuleFileNameW
LeaveCriticalSection
GetUserDefaultLCID
FormatMessageW
lstrcpyW
MultiByteToWideChar
LocalFree
GetCurrentProcess

wldap32

ldap_count_values
ldap_controls_freeW
ldap_count_references
ldap_count_entries

rpcrt4

CStdStubBuffer_IsIIDSupported
NdrOleAllocate
CStdStubBuffer_CountRefs
CStdStubBuffer_Disconnect
NdrDllUnregisterProxy
NdrOleFree
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
NdrDllGetClassObject
CStdStubBuffer_Invoke
NdrDllCanUnloadNow
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerQueryInterface
NdrDllRegisterProxy

gdi32

SetBkMode

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0dbe0ff90e24abbb081943b3a4891dd

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

wldap32

rpcrt4

gdi32

shell32

Sections

text Size: 121KB - Virtual size: 121KB

.rdata Size: 146KB - Virtual size: 166KB

.rsrc Size: 7KB - Virtual size: 6KB

text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 146KB - Virtual size: 166KB

.rsrc
Size: 7KB - Virtual size: 6KB