ae5f5beb558e35ad8d9de4ead7e477fd294131125cb3f8e97650159152bdb45d

Sharing

Copy URL Twitter E-mail

General

Target

ae5f5beb558e35ad8d9de4ead7e477fd294131125cb3f8e97650159152bdb45d
Size

833KB
MD5

84bc39bd12d875931e5127fc58c38141
SHA1

8c2e2b918f9e290f390846036cc9fbf2588b1cf9
SHA256

ae5f5beb558e35ad8d9de4ead7e477fd294131125cb3f8e97650159152bdb45d
SHA512

aebed7124424258d275a54acea2190009cb22cbeeb73942338d1254e0f881d2c518ed8d57b34d2aa9f84c19515b0f349e357b6e2184853b1857ecf67625b5edb
SSDEEP

12288:LP9304tenV9LZ/MlS9Sz4wbceNM/xelwJihP9Ucfg62V3Zqax1TDcxc97dWZo7r9:V04tenvLZ/f94cJUlwotP2NZbDACI2F

Score

N/A

Malware Config

Signatures

Files

ae5f5beb558e35ad8d9de4ead7e477fd294131125cb3f8e97650159152bdb45d
.exe windows x86

40baa9b53c827cfa6d8728fb969a3ca0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkDdDestroyD3DBuffer
OsThunkDdDeleteDirectDrawObject
OsThunkDdRenderMoComp
OsThunkDdSetOverlayPosition
OsThunkDdGetScanLine
OsThunkDdDeleteSurfaceObject
OsThunkDdSetColorKey
OsThunkDdWaitForVerticalBlank
OsThunkDdLock
OsThunkDdGetAvailDriverMemory
OsThunkDdQueryDirectDrawObject
OsThunkDdCreateMoComp
OsThunkDdGetMoCompGuids
OsThunkDdCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkD3dContextDestroyAll
OsThunkDdAttachSurface
OsThunkDdFlip
OsThunkDdDestroySurface
OsThunkD3dContextCreate
OsThunkDdAlphaBlt
OsThunkDdFlipToGDISurface
OsThunkDdBlt

kernel32

VirtualLock
FreeResource
EnumCalendarInfoExW
HeapCreate
GetOEMCP
CancelWaitableTimer
LocalReAlloc
lstrcat
RegisterWaitForSingleObjectEx
ConvertDefaultLocale
RemoveDirectoryW
WritePrivateProfileStringA
WaitCommEvent
_hread
WaitForMultipleObjects
SetTimerQueueTimer
LoadLibraryW

clusapi

BackupClusterDatabase
ClusterResourceTypeControl
ClusterNodeOpenEnum
ClusterRegDeleteKey
GetClusterNodeKey
CloseClusterNode
GetClusterNodeState
EvictClusterNode
ClusterResourceTypeGetEnumCount
RemoveClusterResourceDependency
ClusterRegEnumKey
RegisterClusterNotify
ClusterRegDeleteValue
ClusterResourceTypeOpenEnum
ClusterNetworkEnum
OpenCluster
SetClusterNetworkPriorityOrder
OpenClusterResource
ClusterNodeControl
ClusterOpenEnum
ClusterRegGetKeySecurity
ClusterRegCloseKey
OpenClusterNetwork
GetClusterGroupState
GetClusterResourceKey
ClusterResourceCloseEnum
GetClusterGroupKey
RestoreClusterDatabase

ifsutil

??0SPARSE_SET@@QAE@XZ
?ForceAutochk@VOL_LIODPDRV@@QAEEEKKGPBVWSTRING@@@Z
??0READ_WRITE_CACHE@@QAE@XZ
??0TLINK@@QAE@XZ
?IsEntryPresent@AUTOREG@@SGEPBVWSTRING@@@Z
?CloseDriveHandle@DP_DRIVE@@QAEXXZ
?QueryMemberCount@TLINK@@QBEGXZ
?ShellSort@TLINK@@QAEXXZ
?EnableFileSystem@IFS_SYSTEM@@SGEPBVWSTRING@@@Z
??0SUPERAREA@@IAE@XZ
?IsThisNtfs@IFS_SYSTEM@@SGEVBIG_INT@@KPAX@Z
?WriteToFile@IFS_SYSTEM@@SGEPBVWSTRING@@PAXKE@Z
?Look@INTSTACK@@QBE?AVBIG_INT@@K@Z
?Verify@IO_DP_DRIVE@@QAEEVBIG_INT@@0PAVNUMBER_SET@@@Z
?Initialize@MOUNT_POINT_MAP@@QAEEXZ
?IsFrontEndPresent@AUTOREG@@SGEPBVWSTRING@@0@Z
?CheckAndRemove@NUMBER_SET@@QAEEVBIG_INT@@PAE@Z
?NtDriveNameToDosDriveName@IFS_SYSTEM@@SGEPBVWSTRING@@PAV2@@Z
?RemoveAll@SPARSE_SET@@QAEEXZ
?Write@IO_DP_DRIVE@@QAEEVBIG_INT@@KPAX@Z
?SetAutochkTimeOut@VOL_LIODPDRV@@SGEK@Z
?AddNext@NUMBER_SET@@QAEEVBIG_INT@@@Z

snmpapi

SnmpSvcSetLogType
SnmpUtilVarBindCpy
SnmpUtilOidToA
SnmpUtilOctetsCpy
SnmpSvcGetEnterpriseOID
SnmpTfxQuery
SnmpUtilUTF8ToUnicode
SnmpUtilOctetsNCmp
SnmpUtilUnicodeToUTF8
SnmpUtilIdsToA
SnmpUtilOctetsFree
SnmpUtilOidNCmp
SnmpSvcGetUptimeFromTime
SnmpUtilOidCpy
SnmpUtilAnsiToUnicode
SnmpSvcAddrToSocket
SnmpUtilOidCmp
SnmpUtilVarBindFree
SnmpUtilVarBindListFree
SnmpUtilDbgPrint
SnmpUtilMemAlloc
SnmpSvcSetLogLevel
SnmpUtilMemFree
SnmpUtilUnicodeToAnsi

opengl32

glTexGeni
glScaled
glGetTexGendv
glNormal3b
glTexCoord1sv
glTexCoord3sv
glRasterPos4dv
glTexCoord3fv
wglDescribeLayerPlane

adsldpc

BuildLDAPPathFromADsPath2
LdapReadAttribute
GetDisplayName
AdsTypeToLdapTypeCopyGeneralizedTime
LdapSearchInitPage
LdapAddExtS
LdapTypeToAdsTypeDNWithBinary
ADsObject
LdapModDnS
ADsCloseSearchHandle
LdapSearchS
ADsSetObjectAttributes
LdapInitializeSearchPreferences
LdapRenameExtS
LdapOpenObject
FreeADsStr
ADSIExecuteSearch
LdapTypeCopyConstruct
ADSIGetObjectAttributes
ConvertSidToString
LdapGetSyntaxOfAttributeOnServer
SchemaIsClassAContainer
ADsAbandonSearch
ADsDeleteDSObject
?SetFSlashDisabler@CLexer@@QAEXH@Z

olecli32

LeQueryBounds
GenClone
DibRelease
OleExecute
OleQueryOpen
DibQueryBounds
GetTaskVisibleWindow
DefCreateFromTemplate
DocWndProc
ErrReconnect
BmEqual

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40baa9b53c827cfa6d8728fb969a3ca0

Headers

DLL Characteristics

File Characteristics

Imports

d3d8thk

kernel32

clusapi

ifsutil

snmpapi

opengl32

adsldpc

olecli32

Sections

.text Size: 410KB - Virtual size: 409KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 165KB - Virtual size: 1.6MB

.rsrc Size: 147KB - Virtual size: 147KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 410KB - Virtual size: 409KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 165KB - Virtual size: 1.6MB

.rsrc
Size: 147KB - Virtual size: 147KB

.reloc
Size: 1024B - Virtual size: 828B