af9302ac60271640d5ce7045da5b46e0b21d6370f7b9db89cdbaa5b3c27f6303

Sharing

Copy URL Twitter E-mail

General

Target

af9302ac60271640d5ce7045da5b46e0b21d6370f7b9db89cdbaa5b3c27f6303
Size

275KB
MD5

83a2ed3bc11bb165c5ccf4994e166dd0
SHA1

5b67f2fe34ce33ad589872c45b983dd120d5a3cf
SHA256

af9302ac60271640d5ce7045da5b46e0b21d6370f7b9db89cdbaa5b3c27f6303
SHA512

dfbc2ae5817f4207095508c4299d4ac18a8cf489f3e25017403e51f031707b27562948f00baf4738ca199e7c317d50dd1892a13fb491661ce6112d5fedac741b
SSDEEP

6144:3NKcgSfAcOsNAmTSbefE4axEtoIs+3WcHQd48T1:3NKclYOtIxEt6oHQd4g

Score

N/A

Malware Config

Signatures

Files

af9302ac60271640d5ce7045da5b46e0b21d6370f7b9db89cdbaa5b3c27f6303
.exe windows x86

e1aaf7ad81c5badcd0a56ac2bce1bc28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags
RegCreateKeyExW
RegCloseKey
RegisterTraceGuidsW
GetTraceEnableLevel
RegSetValueExW
TraceMessage
RegDeleteValueW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

kernel32

lstrcmpiW
GetEnvironmentStringsA
HeapAlloc
lstrcpyW
GetSystemInfo
GetTickCount
SetLastError
FlushInstructionCache
lstrlenA
LoadLibraryW
GetCurrentProcessId
LeaveCriticalSection
HeapDestroy
lstrcpynW
GetLastError
DeleteCriticalSection
GetModuleFileNameW
GetProcessHeap
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
IsValidCodePage
LocalFree
lstrlenW
FreeLibrary
InterlockedDecrement
FormatMessageW
FindResourceW
HeapFree
MultiByteToWideChar
OutputDebugStringA
GetStartupInfoA
GetUserDefaultLCID
VirtualFree
lstrcatW
LoadLibraryA
SizeofResource
InterlockedIncrement
GetProcAddress
GetCurrentProcess
LoadResource
QueryPerformanceCounter

user32

CreateDialogParamW
GetDlgItem
SetFocus
DialogBoxParamW
CharNextW
SendMessageW
SystemParametersInfoW
DrawTextW
GetDialogBaseUnits
MessageBoxW
MapWindowPoints
ShowWindow
SetWindowLongW
LoadStringW
LoadImageW
GetWindowLongW
GetClientRect
GetDlgItemTextW
SendDlgItemMessageW
DestroyWindow
SetDlgItemTextW
GetWindowRect
GetParent
EnableWindow
SetWindowPos
EndDialog
CopyRect
GetWindow
GetSystemMetrics
SetWindowTextW

gdi32

SetBkMode

rpcrt4

NdrDllGetClassObject
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_CountRefs
NdrDllCanUnloadNow
NdrOleAllocate
NdrDllRegisterProxy
NdrOleFree
NdrCStdStubBuffer_Release
CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
NdrDllUnregisterProxy

wldap32

ldap_controls_freeW
ldap_count_references
ldap_count_values
ldap_count_entries

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1aaf7ad81c5badcd0a56ac2bce1bc28

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

gdi32

rpcrt4

wldap32

shell32

Sections

text Size: 121KB - Virtual size: 120KB

.rdata Size: 146KB - Virtual size: 166KB

.rsrc Size: 6KB - Virtual size: 5KB

text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 146KB - Virtual size: 166KB

.rsrc
Size: 6KB - Virtual size: 5KB