476b56a8c24676eafcb2fee7689f4ec7188f484560fa2aacf24dd951435e5155

Sharing

Copy URL

Twitter E-mail

General

Target

476b56a8c24676eafcb2fee7689f4ec7188f484560fa2aacf24dd951435e5155
Size

141KB
MD5

71c7666e83a7d272f653e2e49fb4230e
SHA1

0920e55ca9e8d7a091b8ab8864900927d2117047
SHA256

476b56a8c24676eafcb2fee7689f4ec7188f484560fa2aacf24dd951435e5155
SHA512

a8605f52235c7b440a6f543a68025ef1689fbda295faf20aef91f4bdec914984346bae6d42ef146e25a8feb3ddaad2d701c111603c0e1da560299f691a1541f1
SSDEEP

3072:8mVnQXzgE2JAvOSY6BZsYoKdjDR7wRy0a28+PtMYZT:vQXzgQWSbBZssjDCRy52xtMY

Score

N/A

Malware Config

Signatures

Files

476b56a8c24676eafcb2fee7689f4ec7188f484560fa2aacf24dd951435e5155
.exe windows x86

471a145a3b6bed5f9b9b7c63df2987aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_sslinit
ldap_parse_referenceA
ldap_addW
ldap_modifyW
ldap_compare_sA
ldap_bind
ldap_ufn2dnA
ldap_search_init_pageA
ldap_err2string
ldap_modrdn_sW
ldap_set_optionW
ldap_startup
ldap_check_filterW
ldap_search
ldap_explode_dn
ldap_extended_operationA
ldap_parse_resultA
ldap_get_option
ldap_modify

kernel32

GetSystemDirectoryW
GetFirmwareEnvironmentVariableW
VirtualAlloc
FormatMessageA
SetCalendarInfoW
IsBadWritePtr
GetLocaleInfoW
Module32Next
ExitProcess
WritePrivateProfileStructW
SetErrorMode
LoadLibraryA
GetTimeFormatA
GetEnvironmentStringsW
GlobalFindAtomA
RequestDeviceWakeup
EscapeCommFunction
IsProcessInJob
_hread
GetNumaProcessorNode
CreateJobObjectA
LZSeek
RtlUnwind

winscard

g_rgSCardT0Pci
SCardReleaseNewReaderEvent
SCardIntroduceReaderGroupA
SCardGetCardTypeProviderNameA
SCardLocateCardsA
g_rgSCardT1Pci
SCardConnectW
SCardGetCardTypeProviderNameW
SCardLocateCardsByATRW
SCardIsValidContext
SCardForgetReaderGroupW
SCardListReadersA
SCardReleaseContext
g_rgSCardRawPci
SCardStatusW
SCardRemoveReaderFromGroupW
SCardEstablishContext

inseng

GetICifRWFileFromFile
PurgeDownloadDirectory
GetICifFileFromFile
CheckTrustEx
DownloadFile
CheckTrust
CheckForVersionConflict

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

471a145a3b6bed5f9b9b7c63df2987aa

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

kernel32

winscard

inseng

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 163KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 456B

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 163KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 456B