6f4db7be911bb8c086e4e4816d9b236e32c72e1063cc8dbf17d576d3c32228d1

Sharing

Copy URL Twitter E-mail

General

Target

6f4db7be911bb8c086e4e4816d9b236e32c72e1063cc8dbf17d576d3c32228d1
Size

275KB
MD5

8254999de7a263adec8467a9d2302650
SHA1

5808667df2b1d5b3bcf1f0cc7fc1ce327bdebfe7
SHA256

6f4db7be911bb8c086e4e4816d9b236e32c72e1063cc8dbf17d576d3c32228d1
SHA512

0a9493cd613c74dc838aa672c70c4e466e3cbf2775d2986bdd804350f25206acf320f0c81225843cfdf778d323cf35a1f643e094141b7597b074e5b70184147b
SSDEEP

6144:0VOvX12+78IRoBSI4XsZMN0WcMvTTdjGPVIUTLi4wZnlbZ:JvXj7fs4X/fOCx5Z

Score

N/A

Malware Config

Signatures

Files

6f4db7be911bb8c086e4e4816d9b236e32c72e1063cc8dbf17d576d3c32228d1
.exe windows x86

2c2275fa2bdb71f72f49c7615aed6c4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_count_references
ldap_controls_freeW
ldap_count_entries
ldap_count_values

advapi32

RegQueryValueExW
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
RegDeleteKeyW
RegQueryInfoKeyW
TraceMessage
GetTraceEnableFlags
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
GetTraceLoggerHandle
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW

user32

MapWindowPoints
CreateDialogParamW
SendDlgItemMessageW
SetDlgItemTextW
GetDialogBaseUnits
CopyRect
DestroyWindow
GetParent
LoadStringW
GetWindowLongW
EnableWindow
ShowWindow
GetWindowRect
LoadImageW
DrawTextW
SendMessageW
DialogBoxParamW
SetWindowPos
GetClientRect
SetWindowLongW
SystemParametersInfoW
CharNextW
GetDlgItemTextW
SetWindowTextW
GetDlgItem
GetSystemMetrics
SetFocus
EndDialog
MessageBoxW
GetWindow

kernel32

FormatMessageW
FlushInstructionCache
GetModuleFileNameW
LoadLibraryW
SizeofResource
GetCurrentProcess
GetCurrentProcessId
GetTickCount
HeapAlloc
LoadResource
GetLastError
GetUserDefaultLCID
HeapDestroy
LeaveCriticalSection
GetEnvironmentStringsA
GetSystemTimeAsFileTime
VirtualFree
GetProcAddress
lstrcpyW
LocalFree
GetProcessHeap
GetSystemInfo
lstrlenW
OutputDebugStringA
SetLastError
lstrcpynW
IsValidCodePage
InterlockedIncrement
LoadLibraryA
FreeLibrary
InterlockedDecrement
HeapFree
MultiByteToWideChar
DeleteCriticalSection
lstrcatW
FindResourceW
GetOEMCP
lstrlenA
lstrcmpiW
SetUnhandledExceptionFilter
QueryPerformanceCounter

rpcrt4

NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
NdrDllUnregisterProxy
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Disconnect
NdrOleAllocate
NdrDllRegisterProxy

shell32

ShellExecuteW
SHGetFolderPathW

gdi32

SetBkMode

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c2275fa2bdb71f72f49c7615aed6c4b

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

advapi32

user32

kernel32

rpcrt4

shell32

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 149KB - Virtual size: 212KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 149KB - Virtual size: 212KB

.rsrc
Size: 5KB - Virtual size: 4KB