fd4b44fc508f783664169291de972de14805210c3e86e89dbf02399333303f9f

Sharing

Copy URL Twitter E-mail

General

Target

fd4b44fc508f783664169291de972de14805210c3e86e89dbf02399333303f9f
Size

157KB
MD5

63d591fdc277cd3a3e177019ed35d280
SHA1

7416265732593def3a668107f4c4b25719183f9e
SHA256

fd4b44fc508f783664169291de972de14805210c3e86e89dbf02399333303f9f
SHA512

4b6042640e130ae392fd6aa707519fcbc262cf620af5c78b52e242e5319526e6b0a7a01fce5a916e4eed5df679fbf4b55ab934482494afbee54659577cad8857
SSDEEP

3072:w1V0zDW7DrQgdmXCyCaHst/5o9aldIcHMT+eqzcoSrSOHy7BsFVH7M:mVCOmSyI/oadS+eqzcoSVHy7BT

Score

N/A

Malware Config

Signatures

Files

fd4b44fc508f783664169291de972de14805210c3e86e89dbf02399333303f9f
.exe windows x86

fa8f5989c6937a783812281e12113a72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

olesvr32

OleRevokeObject
FindItemWnd
TerminateDocClients
OleRevokeServerDoc
OleUnblockServer
OleRevokeServer
DocWndProc
SendRenameMsg
OleBlockServer
OleRevertServerDoc
OleRenameServerDoc
EnumForTerminate
SrvrWndProc
OleRegisterServerDoc
OleRegisterServer
DeleteClientInfo
SendDataMsg
WEP
TerminateClients

adsldpc

?SetAtDisabler@CLexer@@QAEXH@Z
ADsExecuteSearch
SchemaGetClassInfoByIndex
LdapMsgFree
ADsDeleteAttributeDefinition
ConvertSidToString
ADsCreateDSObjectExt
ADsDeleteClassDefinition
??1CLexer@@QAE@XZ
BuildLDAPPathFromADsPath
LdapResult
LdapTypeBinaryToString
FindSearchTableIndex
ADSIGetObjectAttributes
FreeObjectInfo
SchemaGetObjectCount
SchemaGetSyntaxOfAttribute

wininet

FindFirstUrlCacheEntryW
InternetAttemptConnect
InternetGoOnline
FindFirstUrlCacheContainerA
FtpGetFileW
InternetSetDialStateA
FindNextUrlCacheEntryExA
InternetOpenUrlW
InternetShowSecurityInfoByURLA
GetUrlCacheHeaderData
InternetGetCookieA

kernel32

GetProcessWorkingSetSize
SetStdHandle
DeleteFileA
GetSystemPowerStatus
GetThreadPriorityBoost
LoadLibraryW
InterlockedIncrement
FoldStringA
SetCurrentDirectoryA
GetCurrentThread
IsValidCodePage
OutputDebugStringA
SetHandleInformation
ReadFileScatter
GetModuleHandleW
SetEnvironmentVariableW
GetProcessHeaps
LocalFileTimeToFileTime
FindResourceExW
InterlockedExchangeAdd
TermsrvAppInstallMode
RemoveDirectoryW
LCMapStringW
GetConsoleAliasExesLengthW
OpenProcess

winscard

SCardIntroduceCardTypeW
SCardIntroduceReaderGroupW
SCardReconnect
SCardLocateCardsByATRW
SCardState
SCardGetAttrib
SCardListReadersW
SCardCancel
SCardListCardsW

rtutils

TracePutsExW
MprSetupProtocolFree
TraceDeregisterA
RouterLogEventW
RouterLogEventExA
RouterLogEventStringW
RouterGetErrorStringW
LogErrorA

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa8f5989c6937a783812281e12113a72

Headers

File Characteristics

Imports

olesvr32

adsldpc

wininet

kernel32

winscard

rtutils

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 17KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 1KB