f1f778fc4d27bf2f597ebdfab67a8630f0a7a1f36e5f4d9b736558fa2d5c785b

Sharing

Copy URL Twitter E-mail

General

Target

f1f778fc4d27bf2f597ebdfab67a8630f0a7a1f36e5f4d9b736558fa2d5c785b
Size

276KB
MD5

6652894b0a633680f5d4f46a087467b0
SHA1

68f75293248562fcbf89280d849bb338f3532f0b
SHA256

f1f778fc4d27bf2f597ebdfab67a8630f0a7a1f36e5f4d9b736558fa2d5c785b
SHA512

4febc43047854fc7434e816374f1d6fe606b8266f335d57b2f81a4232727c2c2ad611d868a90635ceead8b50a7d90456e60f547a4a3eeb17ea3072fd2a90ba6c
SSDEEP

6144:B3jKMGFTlJ0YWNIPV+PPi7sZ7Z363oby2G14WUP/l:1jcRJi/F7Zco234d/l

Score

N/A

Malware Config

Signatures

Files

f1f778fc4d27bf2f597ebdfab67a8630f0a7a1f36e5f4d9b736558fa2d5c785b
.exe windows x86

5fa4d589c624f9f9060467b05d627fda

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
OutputDebugStringA
LoadResource
LoadLibraryW
SizeofResource
GetProcessHeap
lstrcpyW
LoadLibraryExW
GetStartupInfoA
GetProcAddress
HeapFree
lstrcatW
GetCurrentProcessId
InterlockedDecrement
LoadLibraryA
DeleteCriticalSection
HeapDestroy
GetUserDefaultLCID
InterlockedIncrement
EnterCriticalSection
FlushInstructionCache
SetUnhandledExceptionFilter
GlobalFindAtomW
LocalFree
GetTickCount
GetSystemTimeAsFileTime
HeapAlloc
FormatMessageW
lstrcpynW
SetLastError
GetEnvironmentStringsA
lstrcmpiW
MultiByteToWideChar
FindResourceW
GetSystemInfo
FreeLibrary
RemoveDirectoryA
QueryPerformanceCounter
GetCurrentProcess
GetModuleFileNameW
LeaveCriticalSection
lstrlenA
lstrlenW
VirtualFree

user32

ShowWindow
LoadStringW
SendDlgItemMessageW
MapWindowPoints
EnableWindow
DestroyWindow
CopyRect
SetWindowTextW
SetDlgItemTextW
GetWindowRect
SetWindowLongW
MessageBoxW
GetWindow
SetFocus
SetWindowPos
DrawTextW
GetParent
GetDialogBaseUnits
GetClientRect
GetWindowLongW
SendMessageW
EndDialog
DialogBoxParamW
GetSystemMetrics
CreateDialogParamW
GetDlgItemTextW
SystemParametersInfoW
CharNextW
LoadImageW
GetDlgItem

wldap32

ldap_count_entries
ldap_count_values
ldap_controls_freeW
ldap_count_references

advapi32

RegSetValueExW
RegCloseKey
RegEnumKeyExW
GetTraceLoggerHandle
RegQueryValueExW
RegDeleteValueW
GetTraceEnableLevel
GetTraceEnableFlags
RegDeleteKeyW
RegisterTraceGuidsW
RegQueryInfoKeyW
UnregisterTraceGuids
RegOpenKeyExW
TraceMessage
RegCreateKeyExW

url

OpenURLA
OpenURL
TelnetProtocolHandlerA
TelnetProtocolHandler

rpcrt4

CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerQueryInterface
NdrDllCanUnloadNow
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrOleAllocate
CStdStubBuffer_AddRef
NdrDllGetClassObject
CStdStubBuffer_CountRefs
NdrOleFree

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fa4d589c624f9f9060467b05d627fda

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

wldap32

advapi32

url

rpcrt4

shell32

Sections

text Size: 121KB - Virtual size: 120KB

.rdata Size: 152KB - Virtual size: 156KB

.rsrc Size: 1024B - Virtual size: 916B

text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 152KB - Virtual size: 156KB

.rsrc
Size: 1024B - Virtual size: 916B