19f0e9e68e666b04134170b84c40fbe7d448f0d6afcd40f19f74cda2f33b8c20

Sharing

Copy URL Twitter E-mail

General

Target

19f0e9e68e666b04134170b84c40fbe7d448f0d6afcd40f19f74cda2f33b8c20
Size

279KB
MD5

61b8316935c317203b0d5d154bc8ef60
SHA1

a85b9651fc327bab0f52e8453ff734b5a010418d
SHA256

19f0e9e68e666b04134170b84c40fbe7d448f0d6afcd40f19f74cda2f33b8c20
SHA512

e9ed125cf2266c12e2fc8bbc93f2d706cdc056a60ab9093e50ed249a24fd8ae8b0038c5492b02bd07bf7e68eada78da3596dff58bc9210a25383a274ae4bb28d
SSDEEP

6144:ewXPRtqHejr+HVFDa1SXnUY2585g6/zY1bEb5zqrVLC4cGR7skyyksF:RXJtwa2JfXnhseziE4r55cA7s/ykW

Score

N/A

Malware Config

Signatures

Files

19f0e9e68e666b04134170b84c40fbe7d448f0d6afcd40f19f74cda2f33b8c20
.exe windows x86

a345d971fca7d8a9a43f09cef2741778

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
MultiByteToWideChar
QueryPerformanceCounter
LoadResource
GetProcessHeap
LoadLibraryW
LoadLibraryA
SetLastError
lstrcpyW
GetCurrentProcess
lstrcpynW
SetUnhandledExceptionFilter
IsValidCodePage
GetStartupInfoA
GetUserDefaultLCID
GetTickCount
lstrcatW
GetEnvironmentStringsA
GetModuleFileNameW
OutputDebugStringA
DeleteCriticalSection
HeapDestroy
InterlockedDecrement
LocalFree
SizeofResource
lstrlenA
FindResourceW
lstrlenW
GetSystemTimeAsFileTime
FormatMessageW
VirtualFree
FreeLibrary
GetProcAddress
FlushInstructionCache
HeapFree
GetLastError
LeaveCriticalSection
lstrcmpiW
GetCurrentProcessId
GetSystemInfo
HeapAlloc

shell32

ShellExecuteW
SHGetFolderPathW

user32

GetDlgItemTextW
SetWindowTextW
SystemParametersInfoW
GetWindowRect
MapWindowPoints
CreateDialogParamW
CharNextW
EnableWindow
ShowWindow
DialogBoxParamW
LoadImageW
GetClientRect
SendDlgItemMessageW
EndDialog
SetWindowPos
SetDlgItemTextW
LoadStringW
MessageBoxW
DrawTextW
SetWindowLongW
CopyRect
GetDlgItem
GetDialogBaseUnits
GetSystemMetrics
GetParent
GetWindow
DestroyWindow
SetFocus
SendMessageW
GetWindowLongW

advapi32

RegCloseKey
GetTraceEnableFlags
GetTraceLoggerHandle
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
TraceMessage
RegQueryInfoKeyW
RegQueryValueExW
UnregisterTraceGuids
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
GetTraceEnableLevel
RegisterTraceGuidsW

rpcrt4

CStdStubBuffer_Connect
CStdStubBuffer_DebugServerQueryInterface
NdrOleFree
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
CStdStubBuffer_Disconnect
NdrDllRegisterProxy
NdrOleAllocate
NdrDllGetClassObject
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
CStdStubBuffer_Invoke
NdrDllUnregisterProxy

gdi32

SetBkMode

wldap32

ldap_count_references
ldap_count_values
ldap_controls_freeW
ldap_count_entries

Sections

text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a345d971fca7d8a9a43f09cef2741778

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

user32

advapi32

rpcrt4

gdi32

wldap32

Sections

text Size: 121KB - Virtual size: 120KB

.rdata Size: 149KB - Virtual size: 156KB

.rsrc Size: 7KB - Virtual size: 7KB

text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 149KB - Virtual size: 156KB

.rsrc
Size: 7KB - Virtual size: 7KB