06cfbf029f3cb2e045f6863756e57ce27d8ffa4bb8bc4ae596071caaf7725ad4

Sharing

Copy URL

Twitter E-mail

General

Target

06cfbf029f3cb2e045f6863756e57ce27d8ffa4bb8bc4ae596071caaf7725ad4
Size

358KB
MD5

71fe0d7deb56b0d35663a5e3678d55a0
SHA1

b4e7ab8fb5036faf1f0bdfb3a8353afe35f6139c
SHA256

06cfbf029f3cb2e045f6863756e57ce27d8ffa4bb8bc4ae596071caaf7725ad4
SHA512

252e6c164e7321962e6fcdd3af07a0c4a502a8700391514997664865d24ca6dc5ade64127603819e10821ad7d90470802204f4dd08f0e3107ec7e33a4343c3fd
SSDEEP

6144:lRd6jzNusFnBVWy6tcSJvMb00e6LrYFvi7snQmla7F7:lRd6kspStcSFo66oFnx+F

Score

N/A

Malware Config

Signatures

Files

06cfbf029f3cb2e045f6863756e57ce27d8ffa4bb8bc4ae596071caaf7725ad4
.exe windows x86

0d3d20fa220a8f3a99c9590470dc261d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdsapi

DsAddSidHistoryA
DsBindA
DsBindWithCredA
DsBindWithSpnA
DsClientMakeSpnForTargetServerA
DsCrackUnquotedMangledRdnA
DsFreeDomainControllerInfoA
DsFreeNameResultA
DsListRolesA
DsListServersForDomainInSiteA
DsMakePasswordCredentialsA
DsMakeSpnA
DsMapSchemaGuidsA
DsQuoteRdnValueA
DsReplicaAddA
DsReplicaConsistencyCheck
DsReplicaDelA
DsReplicaFreeInfo
DsReplicaSyncAllA
DsReplicaSyncA
DsReplicaUpdateRefsA
DsServerRegisterSpnA
DsUnBindA
DsUnquoteRdnValueA
DsWriteAccountSpnA

kernel32

GetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
HeapSize
LCMapStringW
LCMapStringA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
SetEndOfFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetCPInfo
GetOEMCP
GetACP
InitializeCriticalSection
SetTapeParameters
VirtualProtect
GetWindowsDirectoryA
GetSystemTimeAsFileTime
GetModuleHandleA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
GetLastError
WriteFile
HeapFree
CloseHandle
WideCharToMultiByte
GetTimeZoneInformation
HeapAlloc
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
ReadFile
RtlUnwind
InterlockedExchange
VirtualQuery
VirtualAlloc
GetSystemInfo
MultiByteToWideChar
SetFilePointer
SetStdHandle
FlushFileBuffers
HeapReAlloc
IsBadWritePtr
CreateFileA

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d3d20fa220a8f3a99c9590470dc261d

Headers

File Characteristics

Imports

ntdsapi

kernel32

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 125KB - Virtual size: 196KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 125KB - Virtual size: 196KB

.idata
Size: 4KB - Virtual size: 3KB