4a5ca441e2c87bf2a16044f400cdffd567fca5533177a4461113db0216026ed8

Sharing

Copy URL Twitter E-mail

General

Target

4a5ca441e2c87bf2a16044f400cdffd567fca5533177a4461113db0216026ed8
Size

826KB
MD5

0be480a54e48b62c32ab1688b5bf836e
SHA1

ca9e2764f3879f58fec127189c8579562637e546
SHA256

4a5ca441e2c87bf2a16044f400cdffd567fca5533177a4461113db0216026ed8
SHA512

b7db4027d3ed008e03f06a1bb79e25924fbdbc298029457d2f94b394e027e9829266d52079864694e3d88edcca6e055cd18771bea92d8a48fa0aad745f0c5c1d
SSDEEP

24576:0ulQe2yBfjjSSZJH2RvM7gXNa1Fu0582ApjyRHHj7ZZM:56yNkvM7Qks058Zu/

Score

N/A

Malware Config

Signatures

Files

4a5ca441e2c87bf2a16044f400cdffd567fca5533177a4461113db0216026ed8
.exe windows x86

74aac80daacc07bb722fd88c580ef409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcoll
_wspawnl
__p__commode
__getmainargs
_wcsset
_strnicoll
_mbsupr
_EH_prolog
_getche
fwscanf
_unlink
_onexit
_ismbcalnum
_strlwr
exit
__set_app_type
_heapset
_getw
_execvp
___lc_codepage_func

wldap32

ldap_control_freeA
ldap_search_ext_sW
ldap_compareW
ldap_next_attribute
ldap_result2error
ldap_free_controlsW
ldap_parse_sort_controlA
ldap_set_optionA
ldap_modify_ext
ldap_parse_sort_controlW
ldap_get_next_page_s
ldap_delete_s
ldap_delete_ext_sW
ldap_add_extW
ldap_first_attributeW
ldap_search
ldap_memfreeA
ldap_delete_ext
cldap_openW
ldap_compare_extA
ldap_create_sort_controlW
ldap_stop_tls_s
ldap_create_page_control
ldap_dn2ufn

imagehlp

SymGetLineFromAddr64
SymEnumerateSymbols
SymGetSymFromAddr64
FindFileInPath
ImageRvaToSection
SymEnumSym
MapAndLoad
SymEnumerateModules64
SymInitialize
ImagehlpApiVersionEx
SymSetOptions
ImageLoad
SymEnumSymbols
SymGetSymPrev
ImageRvaToVa
UpdateDebugInfoFile
SymGetSymNext64
TouchFileTimes
MapDebugInformation
FindExecutableImageEx
EnumerateLoadedModules64
ImageGetCertificateHeader
UpdateDebugInfoFileEx
ImageEnumerateCertificates
SymRegisterCallback64
SymCleanup

kernel32

LoadResource
BackupWrite
LeaveCriticalSection
LoadLibraryW
GetCurrentActCtx
AddLocalAlternateComputerNameW
EnumResourceTypesA
ChangeTimerQueueTimer
VirtualFree
EnumTimeFormatsW
IsValidLanguageGroup
GetCommProperties
CreateWaitableTimerW
FindAtomA
lstrcatW
QueryPerformanceCounter
CmdBatNotification
GetModuleHandleW
GetQueuedCompletionStatus
WriteConsoleOutputW
FindActCtxSectionStringW
ResetWriteWatch
RegisterWaitForInputIdle
GetExitCodeThread
GetLogicalDriveStringsA
WaitForMultipleObjectsEx
GetLastError
GetProcAddress
QueueUserWorkItem
GlobalWire
GetLocaleInfoW
GetCurrentThread

msvcirt

??5istream@@QAEAAV0@AAK@Z
??0streambuf@@QAE@ABV0@@Z
??_Efilebuf@@UAEPAXI@Z
?fd@filebuf@@QBEHXZ
??6ostream@@QAEAAV0@PBX@Z
??4ostream@@IAEAAV0@ABV0@@Z
??_7filebuf@@6B@
??_Gfilebuf@@UAEPAXI@Z
?tie@ios@@QBEPAVostream@@XZ
?x_maxbit@ios@@0JA
?lockbuf@ios@@QAAXXZ
??4istream@@IAEAAV0@PAVstreambuf@@@Z
??_Efstream@@UAEPAXI@Z
??_7stdiostream@@6B@
??0ostrstream@@QAE@PADHH@Z
??6ostream@@QAEAAV0@G@Z
??0istream@@IAE@XZ
?str@strstream@@QAEPADXZ
??_Dstdiostream@@QAEXXZ
?pcount@strstream@@QBEHXZ
??_7istream@@6B@
??0ostream@@IAE@ABV0@@Z
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??1fstream@@UAE@XZ
?setg@streambuf@@IAEXPAD00@Z

ntdll

RtlDeleteTimer
ZwLockProductActivationKeys
RtlNewSecurityObject
RtlAreBitsSet
NtQueryIntervalProfile
ZwCreateTimer
RtlCreateTagHeap
ZwImpersonateClientOfPort
ZwClearEvent
RtlSetUserValueHeap
RtlAllocateHeap
ZwSecureConnectPort
ZwCreateKeyedEvent

user32

EndDialog

Sections

.text
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74aac80daacc07bb722fd88c580ef409

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

wldap32

imagehlp

kernel32

msvcirt

ntdll

user32

Sections

.text Size: 397KB - Virtual size: 397KB

.rdata Size: 146KB - Virtual size: 145KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 107KB - Virtual size: 107KB

.reloc Size: 1024B - Virtual size: 856B

.text
Size: 397KB - Virtual size: 397KB

.rdata
Size: 146KB - Virtual size: 145KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 107KB - Virtual size: 107KB

.reloc
Size: 1024B - Virtual size: 856B