b2ada2cbb1545ac65110db6f198c6c34ea1cd713d74fabf35e792717d4a1ff5b

General

Target

b2ada2cbb1545ac65110db6f198c6c34ea1cd713d74fabf35e792717d4a1ff5b
Size

837KB
MD5

207dfd0d50db175e9ec99374cb4832f1
SHA1

6574881439b075061919a9463908207f96eb282a
SHA256

b2ada2cbb1545ac65110db6f198c6c34ea1cd713d74fabf35e792717d4a1ff5b
SHA512

a44b2168d0b41403ec9e5fb2b1870deddf63f6574a17ed4928715aae80240024144c4ac920c7131680e802536f12dcc6ea51c6b01d287d1cb1c66bef2a28f879
SSDEEP

24576:lI2EQj52i9zJgLSEcgfOWw1nFT7lzb+Q0ziF:lI2EQjX9z8ccoFtzbXF

Score

N/A

Malware Config

Signatures

Files

b2ada2cbb1545ac65110db6f198c6c34ea1cd713d74fabf35e792717d4a1ff5b
.exe windows x86

8f4ce80a5c286e6761a4581be4fb3543

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdsapi

DsReplicaVerifyObjectsA
DsReplicaAddA
DsAddSidHistoryA
DsCrackSpn2W

dnsapi

Dns_CreateMulticastSocket
DnsGetCacheDataTable
Dns_CreateSocketEx
DnsRecordStringForType
DnsValidateName_W
DnsGlobals
DnsQueryExA
Dns_UpdateLibEx
DnsRegisterClusterAddress
DnsQueryConfig
DnsAcquireContextHandle_W
DnsGetDomainName
DnsValidateUtf8Byte
Dns_SetRecordDatalength
DnsDhcpSrvRegisterTerm
DnsUpdate
DnsFindAuthoritativeZone
DnsApiAlloc
DnsNameCompare_A

sqlunirl

_SetEnvironmentVariable_@8
_CopyAcceleratorTable_@12
_SendMessageCallback_@24
_GetDateFormat_@24
_NDdeIsValidShareName_@4
_EnumPropsEx_@12
_CreateAcceleratorTable_@8

kernel32

GlobalAlloc
SetTermsrvAppInstallMode
WritePrivateProfileStructW
GetTempFileNameA
GetSystemTimeAsFileTime
IsValidLocale
FoldStringA
LoadLibraryA
GetACP

Sections

.text
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f4ce80a5c286e6761a4581be4fb3543

Headers

DLL Characteristics

File Characteristics

Imports

ntdsapi

dnsapi

sqlunirl

kernel32

Sections

.text Size: 358KB - Virtual size: 357KB

.rdata Size: 127KB - Virtual size: 127KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 1024B - Virtual size: 972B

.text
Size: 358KB - Virtual size: 357KB

.rdata
Size: 127KB - Virtual size: 127KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 1024B - Virtual size: 972B