2286192db5dfc2d572349d9401616ac3153a419b4f0ac5712f6ffd4bb0b09a1d

Sharing

Copy URL Twitter E-mail

General

Target

2286192db5dfc2d572349d9401616ac3153a419b4f0ac5712f6ffd4bb0b09a1d
Size

49KB
MD5

81233e7e07cada0ef2146e8db0dbe4cc
SHA1

4e986107d25a8ce9c057f5171d95ed36461045e0
SHA256

2286192db5dfc2d572349d9401616ac3153a419b4f0ac5712f6ffd4bb0b09a1d
SHA512

18b59109a4ba0ddeacdc6ccf029703abb55b0a854b810c2c835795b501ab40eedc4339447443c39c90c249e952f406fb3b4f64b810f7f2fd153ca6078298b840
SSDEEP

768:eTGEoAiaz1OzO7zf4l1B2azQQBhdlg0l43dvY55xnED4Vm5Wf3:eviXOPijzbdXlqdvY55BED4VuWf3

Score

N/A

Malware Config

Signatures

Files

2286192db5dfc2d572349d9401616ac3153a419b4f0ac5712f6ffd4bb0b09a1d
.exe windows x86

8695574aaf1bdd6326e1c4510c7d453f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdsapi

DsCrackUnquotedMangledRdnA
DsCrackUnquotedMangledRdnW
DsFreeDomainControllerInfoA
DsFreeNameResultA
DsFreeNameResultW
DsFreePasswordCredentials
DsFreeSchemaGuidMapA
DsFreeSchemaGuidMapW
DsFreeSpnArrayA

crypt32

CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCRLContextProperty
CertGetCRLFromStore
CertGetCRLFromStore
CertGetCRLFromStore
CertGetCTLContextProperty

oledlg

OleUIPasteSpecialA
OleUIChangeIconA

atl

AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl

msvcrt

fopen
fread

kernel32

GetWindowsDirectoryA
GetConsoleAliasA
SetFilePointer
MulDiv
GetOEMCP
GetACP
ExitProcess
GetExitCodeProcess
GetCommandLineA

dnsapi

DnsAllocateRecord
DnsApiAlloc
DnsApiFree
DnsApiHeapReset
DnsApiRealloc
DnsApiSetDebugGlobals

comsnap

InstallDsExtension

htui

HTUI_ColorAdjustment

polstore

IPSecClosePolicyStore
IPSecCopyAuthMethod
IPSecCopyFilterData
IPSecCopyFilterSpec
IPSecCopyISAKMPData
IPSecCopyNFAData
IPSecCopyNegPolData
IPSecCopyPolicyData
IPSecCreateFilterData
IPSecCreateISAKMPData
IPSecCreateNFAData
IPSecCreateNegPolData
IPSecCreatePolicyData
IPSecDeleteFilterData
IPSecDeleteISAKMPData
IPSecDeleteNFAData
IPSecDeleteNegPolData
IPSecDeletePolicyData
IPSecEnumFilterData
IPSecEnumISAKMPData

regapi

RegWdQueryA
RegWdQueryW
RegCdCreateW
RegCdDeleteA
RegCdDeleteW
RegCdEnumerateA
RegCdEnumerateW
RegCdQueryA
RegCdQueryW
RegCloseServer
RegConsoleShadowQueryA
RegConsoleShadowQueryW
RegDefaultUserConfigQueryA
RegDefaultUserConfigQueryW

dbghelp

ImageRvaToSection
ImageRvaToVa

Sections

.code
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8695574aaf1bdd6326e1c4510c7d453f

Headers

File Characteristics

Imports

ntdsapi

crypt32

oledlg

atl

msvcrt

kernel32

dnsapi

comsnap

htui

polstore

regapi

dbghelp

Sections

.code Size: 7KB - Virtual size: 8KB

.data Size: 9KB - Virtual size: 77KB

.RSRC Size: 27KB - Virtual size: 28KB

.code
Size: 7KB - Virtual size: 8KB

.data
Size: 9KB - Virtual size: 77KB

.RSRC
Size: 27KB - Virtual size: 28KB