963d1dca48acd0c8a594d188a8be756642037ebb32430f5773bf2f2e87ae721a

Sharing

Copy URL Twitter E-mail

General

Target

963d1dca48acd0c8a594d188a8be756642037ebb32430f5773bf2f2e87ae721a
Size

63KB
MD5

9178404481b250bb66b1907f9f5a1e40
SHA1

ec0726027a466352a76a43b7fb0edd0d2f088a4e
SHA256

963d1dca48acd0c8a594d188a8be756642037ebb32430f5773bf2f2e87ae721a
SHA512

c67aac7b85e3db68b39d96649e1ec7d43a619ddfd1c5a7033547c410d59a85c6ededfe945be58eb00f05819e603de451f17346dbda33d1ea86ac0c8ddf575c7a
SSDEEP

1536:XGC1KadortqybEQULqN49pU/cWFidTv3HlixhZMR14:XGC1KaytqybEaOEO9lwhiR14

Score

N/A

Malware Config

Signatures

Files

963d1dca48acd0c8a594d188a8be756642037ebb32430f5773bf2f2e87ae721a
.exe windows x86

1e82437e263c4457e9902ec336d54cd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
WSAGetLastError
getprotobynumber
__WSAFDIsSet
WSAEnumProtocolsA
WSALookupServiceBeginA
gethostname
htons
WSAWaitForMultipleEvents
WSAHtonl
WSAResetEvent
WSCWriteNameSpaceOrder
WSAGetServiceClassInfoW
getservbyname
getpeername
WSASocketA
WSACancelAsyncRequest
WSACloseEvent
getservbyport
WSAIoctl
WSACreateEvent
WSAStringToAddressW
getsockname
WSAEnumNameSpaceProvidersA
WSAInstallServiceClassW
recvfrom
WSAAddressToStringA
gethostbyname
WSCGetProviderPath
WSAConnect
WSCInstallProvider
WSASendDisconnect
inet_addr
WSAAsyncGetServByPort
WSAGetServiceClassNameByClassIdW
WSAUnhookBlockingHook
WSASetLastError

ntdsapi

DsUnBindA
DsReplicaUpdateRefsW
DsAddSidHistoryW
DsUnBindW
DsListDomainsInSiteW
DsReplicaSyncA
DsCrackSpnA
DsReplicaUpdateRefsA
DsFreeDomainControllerInfoW
DsUnquoteRdnValueA
DsListDomainsInSiteA
DsListRolesW
DsFreePasswordCredentials
DsWriteAccountSpnW
DsBindW
DsFreeSpnArrayW
DsInheritSecurityIdentityA
DsListServersForDomainInSiteW
DsBindWithSpnA
DsCrackSpnW
DsBindA
DsInheritSecurityIdentityW
DsQuoteRdnValueW
DsMapSchemaGuidsA
DsReplicaGetInfoW
DsQuoteRdnValueA
DsGetSpnA
DsReplicaModifyW
DsFreeNameResultW
DsUnquoteRdnValueW
DsGetSpnW
DsReplicaSyncAllW
DsWriteAccountSpnA
DsBindWithCredA
DsMapSchemaGuidsW
DsListInfoForServerW

user32

SendMessageW
DialogBoxParamW

kernel32

SetCalendarInfoA
GetProcAddress

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e82437e263c4457e9902ec336d54cd9

Headers

File Characteristics

Imports

ws2_32

ntdsapi

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 12KB