2b4634db500384110780d97c7cd40ff20d59d2ae15e431fa8022475c2ae974e4

Sharing

Copy URL Twitter E-mail

General

Target

2b4634db500384110780d97c7cd40ff20d59d2ae15e431fa8022475c2ae974e4
Size

314KB
MD5

938e907869d7621932953f392a24d330
SHA1

a4bedce1e3a4872e5cac34792d17c1537930f4ac
SHA256

2b4634db500384110780d97c7cd40ff20d59d2ae15e431fa8022475c2ae974e4
SHA512

ff768b7044a92ebf5be1eafa993cd1f9aef20151d2a12cb85bdbde722d309a86f5ce744f6da9233acfd74e3bad6c5d6dc6ab7e3376f4ceb26992af73ec8dcb08
SSDEEP

6144:x3oTCcrlFCR7a6EEqoneNBxNcLl8ubKQu3WA9i5MM/zWRbvZyMG:x3ICW8da6oonexNClhgWfmAzWCp

Score

N/A

Malware Config

Signatures

Files

2b4634db500384110780d97c7cd40ff20d59d2ae15e431fa8022475c2ae974e4
.exe windows x86

425d2b8d38b80efca7a5f5f53c2aee23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableWindow
CreateDialogParamW
MapWindowPoints
GetDialogBaseUnits
CharNextW
GetWindowRect
GetWindowLongW
EndDialog
SetWindowPos
CopyRect
LoadImageW
GetSystemMetrics
GetWindow
SendMessageW
MessageBoxW
SendDlgItemMessageW
ShowWindow
DestroyWindow
DialogBoxParamW
SetDlgItemTextW
SetWindowTextW
GetDlgItemTextW
GetDlgItem
LoadStringW
SystemParametersInfoW
GetParent
DrawTextW
GetClientRect
SetWindowLongW
SetFocus

rpcrt4

NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
NdrDllUnregisterProxy
CStdStubBuffer_AddRef
CStdStubBuffer_QueryInterface
CStdStubBuffer_IsIIDSupported
NdrDllRegisterProxy
CStdStubBuffer_DebugServerQueryInterface
NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
NdrOleFree
CStdStubBuffer_Disconnect
NdrOleAllocate

url

OpenURLA
TelnetProtocolHandlerA
OpenURL
TelnetProtocolHandler

kernel32

GetTickCount
HeapAlloc
OutputDebugStringA
LoadLibraryW
GetSystemTimeAsFileTime
lstrlenA
FlushInstructionCache
GetProcAddress
InterlockedIncrement
LoadLibraryA
GetCurrentProcessId
DeleteCriticalSection
GetModuleFileNameW
InterlockedDecrement
lstrcatW
SetLastError
GetUserDefaultLCID
EnterCriticalSection
LoadResource
LoadLibraryExW
lstrcmpiW
lstrlenW
lstrcpyW
FindResourceW
MultiByteToWideChar
GetStartupInfoA
GetSystemInfo
LocalFree
GetEnvironmentStringsA
GetCurrentProcess
HeapFree
LeaveCriticalSection
FreeLibrary
GetProcessHeap
QueryPerformanceCounter
lstrcpynW
HeapDestroy
FormatMessageW
SetUnhandledExceptionFilter
GetLastError
VirtualFree
SizeofResource

wldap32

ldap_count_values
ldap_controls_freeW
ldap_count_references
ldap_count_entries

shell32

ShellExecuteW
SHGetFolderPathW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
TraceMessage
GetTraceEnableLevel
RegDeleteValueW
RegEnumKeyExW
UnregisterTraceGuids
RegQueryValueExW
GetTraceLoggerHandle
RegCloseKey
RegisterTraceGuidsW
RegOpenKeyExW
GetTraceEnableFlags

Sections

text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

425d2b8d38b80efca7a5f5f53c2aee23

Headers

DLL Characteristics

File Characteristics

Imports

user32

rpcrt4

url

kernel32

wldap32

shell32

advapi32

Sections

text Size: 127KB - Virtual size: 127KB

.rdata Size: 158KB - Virtual size: 166KB

.rsrc Size: 26KB - Virtual size: 26KB

text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 158KB - Virtual size: 166KB

.rsrc
Size: 26KB - Virtual size: 26KB