abea8a05798cf61de41eb6351c6d5002ceea5e62446b066ebe0f0bddbab620a7

Sharing

Copy URL Twitter E-mail

General

Target

abea8a05798cf61de41eb6351c6d5002ceea5e62446b066ebe0f0bddbab620a7
Size

214KB
MD5

0c0957648d0e8c1297ba7b08b3ad2990
SHA1

1d7b3c72c20f7fbb4007cbce03c25d29a435d2bf
SHA256

abea8a05798cf61de41eb6351c6d5002ceea5e62446b066ebe0f0bddbab620a7
SHA512

54d94b21554c7de5645a5445b6507e94cde2e3e93724452acee0df1a50e615300e53123043475469d1d8b2297df6d196d8625aabca20f01e6bc6f1cedc262a68
SSDEEP

3072:sa5IRK1hqobTmZXAJIXA5gxasI4Fza0cZd+EISkbzaa805lhzp4yH05ysg8vwuGh:8KyXA6FIWRcZEVS8uupzH0oaimL

Score

N/A

Malware Config

Signatures

Files

abea8a05798cf61de41eb6351c6d5002ceea5e62446b066ebe0f0bddbab620a7
.exe windows x86

88bc903cb29561cd764c93a372bc904f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleFileNameW

comctl32

ImageList_LoadImageW
ord15
ord16
ImageList_DragMove
ImageList_Copy
UninitializeFlatSB
ImageList_DragLeave
ImageList_AddMasked
PropertySheetW
PropertySheetA
InitMUILanguage
ImageList_LoadImageA
ord6
ord13
ImageList_GetImageCount
ord5
CreatePropertySheetPageA
ImageList_BeginDrag
FlatSB_SetScrollRange
FlatSB_GetScrollPos
FlatSB_SetScrollProp
ImageList_Draw
DestroyPropertySheetPage
ImageList_SetBkColor
CreateStatusWindowW

shlwapi

PathStripToRootW

ntdsapi

DsWriteAccountSpnW
DsWriteAccountSpnA
DsBindWithCredW
DsBindWithCredA
DsListSitesW
DsAddSidHistoryA
DsListServersInSiteA
DsInheritSecurityIdentityA
DsServerRegisterSpnW
DsServerRegisterSpnA
DsReplicaUpdateRefsA
DsReplicaSyncA
DsMakePasswordCredentialsA
DsListInfoForServerA
DsClientMakeSpnForTargetServerW
DsReplicaSyncW
DsListRolesW
DsFreeSpnArrayA
DsGetDomainControllerInfoW
DsQuoteRdnValueW
DsReplicaUpdateRefsW
DsMakePasswordCredentialsW
DsFreeSchemaGuidMapA
DsMapSchemaGuidsW

setupapi

SetupDiCreateDeviceInterfaceA
SetupDiGetDriverInstallParamsA
SetupDiClassGuidsFromNameA
SetupDiDeleteDevRegKey
SetupDiLoadClassIcon
SetupIterateCabinetA
SetupDiOpenClassRegKeyExA
SetupGetBinaryField
SetupDiGetINFClassW
SetupSetPlatformPathOverrideW
SetupDiDeleteDeviceInterfaceRegKey
SetupQueueCopyIndirectA
SetupGetLineTextW
SetupDiOpenDevRegKey
SetupSetFileQueueAlternatePlatformA
SetupAddToSourceListW
SetupDiInstallClassW
SetupOpenLog
SetupDiRemoveDeviceInterface
SetupDiCancelDriverInfoSearch
SetupGetLineTextA
SetupDiGetHwProfileFriendlyNameA
SetupSetSourceListW
SetupDiCreateDeviceInfoA
SetupFindFirstLineW
SetupDefaultQueueCallbackA

mprapi

MprAdminPortClearStats
MprConfigInterfaceTransportGetInfo
MprAdminSendUserMessage
MprAdminInterfaceTransportAdd
MprConfigBufferFree
MprConfigTransportGetHandle
MprAdminConnectionClearStats
MprConfigServerRefresh
MprConfigInterfaceTransportRemove
MprAdminGetErrorString
MprAdminUserGetInfo
MprAdminMIBEntrySet
MprAdminInterfaceSetCredentials
MprInfoBlockSet
MprConfigInterfaceEnum
MprConfigInterfaceSetInfo
MprAdminDeregisterConnectionNotification
MprAdminConnectionEnum
MprInfoBlockQuerySize
MprInfoDuplicate
MprAdminMIBEntryDelete
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceSetInfo
MprAdminMIBServerConnect
MprAdminServerGetInfo
MprConfigServerGetInfo
MprConfigGetGuidName
MprInfoBlockFind
MprAdminConnectionGetInfo
MprConfigTransportGetInfo
MprConfigInterfaceTransportEnum
MprAdminInterfaceGetCredentialsEx

rtm

RtmLockNextHop
RtmBlockMethods
RtmGetExactMatchDestination
RtmIgnoreChangedDests
RtmReferenceHandles
RtmReleaseRoutes
RtmDeleteNextHop
RtmGetRoutePointer
RtmCreateRouteListEnum
RtmGetDestInfo
RtmReleaseDests
RtmGetLessSpecificDestination
RtmLockRoute
RtmCreateDestEnum
RtmDeleteEnumHandle

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YXrX
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9mG
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88bc903cb29561cd764c93a372bc904f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

shlwapi

ntdsapi

setupapi

mprapi

rtm

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 1KB - Virtual size: 1KB

.YXrX Size: 3KB - Virtual size: 2KB

.9mG Size: 164KB - Virtual size: 163KB

.rsrc Size: 512B - Virtual size: 300B

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 1KB - Virtual size: 1KB

.YXrX
Size: 3KB - Virtual size: 2KB

.9mG
Size: 164KB - Virtual size: 163KB

.rsrc
Size: 512B - Virtual size: 300B