eee711ba66e936c3410f156785519a46e014070573f770c2f405734670bac66b

Sharing

Copy URL Twitter E-mail

General

Target

eee711ba66e936c3410f156785519a46e014070573f770c2f405734670bac66b
Size

277KB
MD5

a13790b2e66f4e9b96d0f8b18d9f0f60
SHA1

91425b2f6889853a1bca5391b4b0443d8eed592d
SHA256

eee711ba66e936c3410f156785519a46e014070573f770c2f405734670bac66b
SHA512

a9c437ddc9cae0862de43acf7904006a5cac283c113684e729595e0431e7bc3c76afcdba7c8c0477889e2a262e1d289afb5015234e22833cc4c9d6749b999096
SSDEEP

6144:fv55IChz0JSkU/SKD0hJaByxJ9OHQy4cQzf72BUm8MOXsTYi1X:fR5IChILU/UJ/J9wQzfyGmHOch

Score

N/A

Malware Config

Signatures

Files

eee711ba66e936c3410f156785519a46e014070573f770c2f405734670bac66b
.exe windows x86

fa254f5d9614d60282e2ca7059bbf846

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
ShellExecuteW

kernel32

LoadLibraryW
LoadLibraryExW
LoadResource
GetCurrentProcessId
GetUserDefaultLCID
RemoveDirectoryA
FindResourceW
EnterCriticalSection
FlushInstructionCache
lstrcpynW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
LocalFree
GetProcAddress
SizeofResource
GetSystemInfo
DeleteCriticalSection
lstrlenW
lstrcpyW
GetStartupInfoA
GetTickCount
InterlockedDecrement
lstrlenA
LeaveCriticalSection
MultiByteToWideChar
GetLastError
GetEnvironmentStringsA
GetProcessHeap
LoadLibraryA
QueryPerformanceCounter
OutputDebugStringA
HeapAlloc
InterlockedIncrement
lstrcatW
FormatMessageW
SetLastError
lstrcmpiW
GetCurrentProcess
FreeLibrary
HeapFree
VirtualFree
HeapDestroy
GetModuleFileNameW

msvcrt

_adjust_fdiv
_except_handler3
wcscmp
free
malloc
??1type_info@@UAE@XZ
??3@YAXPAX@Z
?terminate@@YAXXZ
realloc
__CxxFrameHandler
wcscat
??2@YAPAXI@Z
wcslen
_initterm
swprintf
wcsncpy

url

TelnetProtocolHandler
OpenURLA
OpenURL
TelnetProtocolHandlerA

user32

SendMessageW
CopyRect
CreateDialogParamW
SystemParametersInfoW
GetWindowLongW
GetDlgItemTextW
MessageBoxW
SetFocus
DialogBoxParamW
SetWindowLongW
EnableWindow
SetWindowTextW
MapWindowPoints
GetWindowRect
SetWindowPos
ShowWindow
GetDlgItem
GetClientRect
GetDialogBaseUnits
GetWindow
LoadImageW
DestroyWindow
DrawTextW
SetDlgItemTextW
LoadStringW
CharNextW
SendDlgItemMessageW
GetSystemMetrics
EndDialog
GetParent

wldap32

ldap_count_values
ldap_controls_freeW
ldap_count_references
ldap_count_entries

advapi32

UnregisterTraceGuids
RegQueryInfoKeyW
GetTraceEnableFlags
RegCreateKeyExW
RegOpenKeyExW
TraceMessage
GetTraceEnableLevel
RegCloseKey
RegEnumKeyExW
RegisterTraceGuidsW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegSetValueExW
GetTraceLoggerHandle

rpcrt4

CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_AddRef
NdrDllUnregisterProxy
NdrOleFree
NdrOleAllocate
NdrDllCanUnloadNow
CStdStubBuffer_QueryInterface
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerQueryInterface
NdrDllGetClassObject
CStdStubBuffer_Disconnect
CStdStubBuffer_CountRefs

Sections

text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa254f5d9614d60282e2ca7059bbf846

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

msvcrt

url

user32

wldap32

advapi32

rpcrt4

Sections

text Size: 120KB - Virtual size: 119KB

.rdata Size: 154KB - Virtual size: 158KB

.rsrc Size: 1024B - Virtual size: 916B

text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 154KB - Virtual size: 158KB

.rsrc
Size: 1024B - Virtual size: 916B