0a0a64cb244a995a13453296f69a762cae2870121e64512b38232c15e9a2c0f8

Sharing

Copy URL Twitter E-mail

General

Target

0a0a64cb244a995a13453296f69a762cae2870121e64512b38232c15e9a2c0f8
Size

864KB
MD5

22f6678c0f94fc9c638e423c17d75381
SHA1

4b1e1436a14d142556867f8569cf88191ba84bdb
SHA256

0a0a64cb244a995a13453296f69a762cae2870121e64512b38232c15e9a2c0f8
SHA512

ffb77e6a416cbc37769f7f5dbdb51262fb303ac5d217eedf882886b887267e69850c5a89bfaed24c38f568e4c1ed129f9ba4217fd4957a6423e84176086d6a99
SSDEEP

24576:FYoubYCQA7yVrz9EvEZyfn8qelKB7nEuQDV5GT3KLtTRJtg:EYCQwyBJEv8yP84b6VE3SVD

Score

N/A

Malware Config

Signatures

Files

0a0a64cb244a995a13453296f69a762cae2870121e64512b38232c15e9a2c0f8
.exe windows x86

1b0773a25df1ab53704cb3eac3d387d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetMenuItemInfoA
ShowCaret
GetMessagePos
CascadeWindows
ResolveDesktopForWOW
ChangeDisplaySettingsExW
GetClipboardFormatNameA
LoadIconA
SetWindowRgn
DlgDirSelectExW
CharUpperA
SetSystemCursor
LoadCursorFromFileA
DestroyCaret
DrawCaption
CreateWindowStationW
TranslateAccelerator
DestroyMenu
DdeFreeStringHandle
DdeUnaccessData
UserLpkTabbedTextOut
DrawStateW
AllowSetForegroundWindow
SetActiveWindow
GetUpdateRgn
SetCursorContents
SetClassLongA
BringWindowToTop
DefWindowProcW
GetClipboardOwner
EnumWindows

kernel32

VirtualAlloc
SetFileApisToOEM
OpenWaitableTimerA
DisconnectNamedPipe
ReadProcessMemory
EnumDateFormatsW
AddLocalAlternateComputerNameA
GetThreadLocale
IsValidLocale
SetLastConsoleEventActive
QueryPerformanceFrequency
LocalReAlloc
ReadConsoleW
GetTimeZoneInformation
LocalShrink
EnumDateFormatsExA
BackupWrite
CancelTimerQueueTimer
EnumSystemLocalesA
SetLocalTime
ContinueDebugEvent
SetCommConfig
Process32NextW
LocalSize
CreateDirectoryExW
LoadLibraryA
LocalAlloc
GetModuleHandleA
Module32FirstW
HeapSetInformation
MulDiv
lstrlen
BuildCommDCBA
GetProcessShutdownParameters
GetConsoleKeyboardLayoutNameA
SetProcessAffinityMask
CreateThread
GlobalHandle
LockFile
RequestWakeupLatency
GetCurrentProcess
FindCloseChangeNotification
GetCurrentThreadId
EnumSystemLanguageGroupsW
TlsFree
SetSystemPowerState

msvcirt

??0ios@@IAE@ABV0@@Z
??5istream@@QAEAAV0@PAC@Z
?lock@ios@@QAAXXZ
?seekpos@streambuf@@UAEJJH@Z
?pword@ios@@QBEAAPAXH@Z
??5istream@@QAEAAV0@AAD@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
??_Gostream_withassign@@UAEPAXI@Z
??1istream@@UAE@XZ
?attach@ifstream@@QAEXH@Z
??_Glogic_error@@UAEPAXI@Z
??_Estrstream@@UAEPAXI@Z
??0ostrstream@@QAE@PADHH@Z
?attach@filebuf@@QAEPAV1@H@Z
?sputbackc@streambuf@@QAEHD@Z
??_8iostream@@7Bostream@@@
?xalloc@ios@@SAHXZ
?lockc@ios@@KAXXZ
?freeze@strstreambuf@@QAEXH@Z
?str@ostrstream@@QAEPADXZ
??_Gistream_withassign@@UAEPAXI@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?setf@ios@@QAEJJJ@Z
??5istream@@QAEAAV0@AAI@Z
?ignore@istream@@QAEAAV1@HH@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??0ofstream@@QAE@ABV0@@Z
??4ostream@@IAEAAV0@ABV0@@Z
?setf@ios@@QAEJJ@Z
?sgetc@streambuf@@QAEHXZ
??_Dostream_withassign@@QAEXXZ
?osfx@ostream@@QAEXXZ

adsldpc

LdapValueFree
AdsTypeToLdapTypeCopyGeneralizedTime
ADSIGetNextRow
SchemaGetSyntaxOfAttribute
LdapTypeBinaryToString
LdapParsePageControl
FindEntryInSearchTable
LdapGetValuesLen
LdapResult
ADSIModifyRdn
ADsCreateAttributeDefinition
ADsDeleteClassDefinition
LdapTypeToAdsTypeCopyConstruct
ADsHelperGetCurrentRowMessage
InitObjectInfo
LdapGetDn
GetDisplayName
SchemaClose
ADsFreeColumn
ADsObject
ADsSetSearchPreference
ADsDeleteAttributeDefinition
FreeObjectInfo
ADsCreateDSObjectExt
MapLDAPTypeToADSType
ADsCreateDSObject
LdapFirstEntry
UnMarshallLDAPToLDAPSynID
ADSIGetFirstRow
ADSIDeleteDSObject

resutils

ResUtilFindSzProperty
ResUtilGetEnvironmentWithNetName
ResUtilGetResourceDependency
ResUtilFreeParameterBlock
ResUtilGetPropertySize
ResUtilFindBinaryProperty
ResUtilStartResourceService
ResUtilGetPropertyFormats
ResUtilFindDwordProperty
ResUtilSetMultiSzValue
ResUtilStopResourceService
ResUtilGetProperty
ResUtilResourcesEqual
ResUtilGetPrivateProperties
ResUtilPropertyListFromParameterBlock
ResUtilIsResourceClassEqual
ResUtilGetSzValue
ResUtilVerifyPropertyTable
ResUtilEnumPrivateProperties
ResUtilEnumResources
ResUtilFindLongProperty
ResUtilResourceTypesEqual
ResUtilGetCoreClusterResources
ResUtilDupString
ResUtilGetBinaryValue
ResUtilSetExpandSzValue
ResUtilExpandEnvironmentStrings
ClusWorkerCheckTerminate
ResUtilGetProperties
ClusWorkerStart
ResUtilGetSzProperty
ResUtilEnumResourcesEx
ResUtilGetAllProperties
ResUtilSetPropertyTable
ClusWorkerCreate
ResUtilFindDependentDiskResourceDriveLetter
ResUtilDupParameterBlock

shlwapi

SHRegEnumUSKeyW
StrCSpnIW
PathUnmakeSystemFolderW
UrlApplySchemeA
UrlIsOpaqueA
StrIsIntlEqualW
PathIsSystemFolderW
UrlIsNoHistoryW
StrRStrIA
StrFormatByteSizeW
SHDeleteEmptyKeyW
SHDeleteOrphanKeyA
PathFindOnPathA
PathIsLFNFileSpecA
SHRegisterValidateTemplate
PathCombineA
StrPBrkA
StrCSpnW
PathIsDirectoryEmptyA
PathUnquoteSpacesA
UrlCombineW
PathIsURLA
PathRemoveFileSpecA
SHRegSetUSValueA
StrRetToBSTR
PathGetDriveNumberA
UrlGetLocationA
StrCpyW
PathIsNetworkPathA
StrChrW
SHDeleteValueW
PathIsSystemFolderA

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b0773a25df1ab53704cb3eac3d387d6

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcirt

adsldpc

resutils

shlwapi

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 203KB - Virtual size: 203KB

.data Size: 288KB - Virtual size: 1.7MB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 203KB - Virtual size: 203KB

.data
Size: 288KB - Virtual size: 1.7MB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B