48fae0e5b9601f26ed6e870b4fcaf12117d0a17b2edc3b8e48983da7d984a909

Sharing

Copy URL Twitter E-mail

General

Target

48fae0e5b9601f26ed6e870b4fcaf12117d0a17b2edc3b8e48983da7d984a909
Size

273KB
MD5

49b43b113337030882158b2f6e480970
SHA1

32c563059a8f205be72532b3e91c48028d62eb25
SHA256

48fae0e5b9601f26ed6e870b4fcaf12117d0a17b2edc3b8e48983da7d984a909
SHA512

be4d248a68f3793893ec0f93a560db4f6a7175b76fb7b2485faf5eb59a764b02388d204d608d235671b9a472768c1dbdb4872b3a5c4d9d0d2c406010850a1f31
SSDEEP

6144:YDu4G8EXQpZXy7gh2tAV4Vea11uRe9r7KbhOk:ihG8lZh9VFM1uRsaYk

Score

N/A

Malware Config

Signatures

Files

48fae0e5b9601f26ed6e870b4fcaf12117d0a17b2edc3b8e48983da7d984a909
.exe windows x86

76813ac020ffc50e4bf2749e66285443

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

CStdStubBuffer_IsIIDSupported
NdrCStdStubBuffer_Release
NdrOleAllocate
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_Disconnect
NdrDllUnregisterProxy
NdrOleFree
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
CStdStubBuffer_Invoke
CStdStubBuffer_AddRef

kernel32

GetModuleFileNameW
MultiByteToWideChar
FindResourceW
GetSystemTimeAsFileTime
FreeLibrary
FormatMessageW
LocalFree
IsValidCodePage
DeleteCriticalSection
GetProcessHeap
LoadResource
GetProcAddress
QueryPerformanceCounter
GetCurrentProcessId
InterlockedDecrement
lstrcpynW
VirtualFree
SizeofResource
GetOEMCP
lstrlenW
InterlockedIncrement
HeapFree
GetCurrentProcess
HeapDestroy
lstrcpyW
LeaveCriticalSection
LoadLibraryW
FlushInstructionCache
LoadLibraryA
OutputDebugStringA
GetTickCount
HeapAlloc
lstrcmpiW
GetSystemInfo
SetUnhandledExceptionFilter
GetLastError
lstrlenA
lstrcatW
GetEnvironmentStringsA
SetLastError
GetUserDefaultLCID

user32

SetWindowLongW
ShowWindow
MapWindowPoints
GetWindowLongW
DialogBoxParamW
GetWindowRect
GetDlgItem
DestroyWindow
MessageBoxW
GetSystemMetrics
GetClientRect
GetParent
GetWindow
SendMessageW
SetFocus
SystemParametersInfoW
LoadImageW
CharNextW
SendDlgItemMessageW
GetDlgItemTextW
EndDialog
EnableWindow
CreateDialogParamW
CopyRect
SetWindowTextW
LoadStringW
GetDialogBaseUnits
DrawTextW
SetDlgItemTextW
SetWindowPos

wldap32

ldap_controls_freeW
ldap_count_values
ldap_count_entries
ldap_count_references

gdi32

SetBkMode

advapi32

RegisterTraceGuidsW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
UnregisterTraceGuids
RegCreateKeyExW
GetTraceEnableFlags
GetTraceLoggerHandle
RegOpenKeyExW
GetTraceEnableLevel
RegCloseKey
RegEnumKeyExW
TraceMessage
RegQueryInfoKeyW

shell32

SHGetFolderPathW
ShellExecuteW

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76813ac020ffc50e4bf2749e66285443

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

wldap32

gdi32

advapi32

shell32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 149KB - Virtual size: 212KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 149KB - Virtual size: 212KB

.rsrc
Size: 5KB - Virtual size: 4KB