9130eda7caf39b1e1a9f93fcdd86502e197ccf02066742d39e0024a71f68c56b

Sharing

Copy URL

Twitter E-mail

General

Target

9130eda7caf39b1e1a9f93fcdd86502e197ccf02066742d39e0024a71f68c56b
Size

279KB
MD5

a2a180a21dbbb806e9367bb06c81faa0
SHA1

24269ba9ee4e70ae1977e7cc0bef5004bdcd4cae
SHA256

9130eda7caf39b1e1a9f93fcdd86502e197ccf02066742d39e0024a71f68c56b
SHA512

3bc3460e28442aa5a014cd0c5ab4156ea9890696f239127f5ec693c445d9f1ec114fa85f7c662b444695650966e24a60903779f7697ef14dcf09da1e53fa58fe
SSDEEP

6144:ocZU68ClTyIVFGrnLwKgfXWkSxIB1bom4exQ7KjBIZUx6sPl33jId:7XlmI3Gr84kl8yBK4FVzId

Score

N/A

Malware Config

Signatures

Files

9130eda7caf39b1e1a9f93fcdd86502e197ccf02066742d39e0024a71f68c56b
.exe windows x86

0424db33aaa27a94a9bacc4fac5139a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

CStdStubBuffer_CountRefs
CStdStubBuffer_AddRef
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrOleFree
CStdStubBuffer_Disconnect
NdrOleAllocate
NdrDllCanUnloadNow
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
NdrDllGetClassObject
CStdStubBuffer_DebugServerQueryInterface
NdrDllUnregisterProxy
CStdStubBuffer_IsIIDSupported
NdrDllRegisterProxy

kernel32

LoadLibraryA
OutputDebugStringA
lstrcmpiW
InterlockedDecrement
lstrcatW
GetLastError
DeleteCriticalSection
HeapFree
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapDestroy
FindResourceW
lstrcpyW
MultiByteToWideChar
GetTickCount
LoadLibraryExW
InterlockedIncrement
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcess
HeapAlloc
lstrcpynW
SetLastError
GetModuleFileNameW
QueryPerformanceCounter
GetProcessHeap
LocalFree
VirtualFree
GetStartupInfoA
FlushInstructionCache
LoadLibraryW
SizeofResource
GetCurrentProcessId
GetUserDefaultLCID
FreeLibrary
lstrlenA
GetSystemInfo
lstrlenW
EnterCriticalSection
LoadResource
FormatMessageW
RemoveDirectoryA
GetEnvironmentStringsA

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
GetTraceEnableFlags
UnregisterTraceGuids
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
GetTraceEnableLevel
TraceMessage
RegisterTraceGuidsW
RegQueryInfoKeyW
GetTraceLoggerHandle

user32

EndDialog
DialogBoxParamW
MapWindowPoints
SendMessageW
DrawTextW
GetWindowRect
GetWindow
GetClientRect
SendDlgItemMessageW
SetFocus
SetWindowTextW
MessageBoxW
GetDlgItemTextW
SystemParametersInfoW
ShowWindow
SetWindowPos
GetDialogBaseUnits
LoadImageW
LoadStringW
CharNextW
GetWindowLongW
GetDlgItem
SetDlgItemTextW
CopyRect
GetSystemMetrics
CreateDialogParamW
EnableWindow
SetWindowLongW
GetParent
DestroyWindow

url

OpenURL
OpenURLA
TelnetProtocolHandlerA
TelnetProtocolHandler

wldap32

ldap_count_entries
ldap_count_values
ldap_controls_freeW
ldap_count_references

msvcrt

wcslen
??3@YAXPAX@Z
wcscmp
wcscat
_except_handler3
swprintf
free
??1type_info@@UAE@XZ
?terminate@@YAXXZ
realloc
??2@YAPAXI@Z
_adjust_fdiv
_initterm
wcsncpy
__CxxFrameHandler
malloc

shell32

ShellExecuteW
SHGetFolderPathW

Sections

text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0424db33aaa27a94a9bacc4fac5139a4

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

advapi32

user32

url

wldap32

msvcrt

shell32

Sections

text Size: 124KB - Virtual size: 123KB

.rdata Size: 152KB - Virtual size: 155KB

.rsrc Size: 1024B - Virtual size: 916B

text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 152KB - Virtual size: 155KB

.rsrc
Size: 1024B - Virtual size: 916B