34ed53d3d8a4ec3753f20e7f4daf9ba35520ff1d939b774ef99bee301517f0b4

Sharing

Copy URL Twitter E-mail

General

Target

34ed53d3d8a4ec3753f20e7f4daf9ba35520ff1d939b774ef99bee301517f0b4
Size

822KB
MD5

0fd2d17f3767cf0a75bdc244c03b130a
SHA1

84a9d7278e55b10c742286ebf8d6ab9488abe173
SHA256

34ed53d3d8a4ec3753f20e7f4daf9ba35520ff1d939b774ef99bee301517f0b4
SHA512

3b0dcf180b0dee2abb0b1954856254a26371fa307f96ef22ff7293da0327031b07b303ea7dd6a75e78549aec53179ca2e2a7868594b86d61ef49074b93cf33c4
SSDEEP

12288:WU2Zj0X07fmXS+Tm7MpgFRoqzHk0YqWaC81PLZJRvjEiN1Ccc2iVPKeF0k1yPeMv:b2s07ok7MpgFRoika7jAcZmyCiPB

Score

N/A

Malware Config

Signatures

Files

34ed53d3d8a4ec3753f20e7f4daf9ba35520ff1d939b774ef99bee301517f0b4
.exe windows x86

ff13003e1d8fe9edcef62ccd9ce4fce4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pdh

PdhVerifySQLDBA
PdhGetDefaultPerfObjectHA
PdhVbGetLogFileSize
PdhGetLogFileTypeA
PdhTranslate009CounterW
PdhBrowseCountersA
PdhAddCounterA
PdhEnumObjectsW
PdhSetLogSetRunID
PdhUpdateLogFileCatalog
PdhGetLogSetGUID
PdhEnumObjectsA
PdhExpandWildCardPathHA
PdhOpenQuery
PdhVbGetCounterPathFromList
PdhLookupPerfNameByIndexW

oleaut32

VarUI1FromI2
VarCyMulI8
VarCyRound
VarBstrFromUI2
VarBoolFromDate
VectorFromBstr
VarI2FromUI1
VarI8FromUI1
VarUI1FromUI2
VarParseNumFromStr
SafeArrayGetElement
VarUI2FromR8
VarImp
VarIdiv
VarI1FromDec
VarR8Pow
VarBoolFromDec
VarR4FromUI1
OleCreateFontIndirect

advapi32

LogonUserExW
UninstallApplication
GetCurrentHwProfileW
OpenSCManagerA
AddAccessDeniedAceEx
BuildSecurityDescriptorW
RegDeleteKeyW
SaferiCompareTokenLevels
ChangeServiceConfigW
WmiQuerySingleInstanceMultipleA
LsaEnumeratePrivilegesOfAccount
SaferGetPolicyInformation
WmiQueryAllDataW
SystemFunction023
LookupPrivilegeValueW
LsaQueryInformationPolicy
EnumerateTraceGuids
StopTraceA
CheckTokenMembership
CryptGetKeyParam
CloseCodeAuthzLevel
CryptSetHashParam
CryptGetDefaultProviderA
RegNotifyChangeKeyValue
LsaOpenSecret
GetServiceDisplayNameW
SetEntriesInAuditListW
RegSaveKeyExA
OpenEventLogW
ChangeServiceConfig2W

ntdll

NtSetTimerResolution
RtlCreateUserSecurityObject
ZwQueryQuotaInformationFile
NtCurrentTeb
RtlConvertUiListToApiList
NtReplyPort
RtlInitCodePageTable
RtlCopyString
NtCreateWaitablePort
RtlReleasePebLock
RtlSetSecurityDescriptorRMControl
NtCreateJobSet
ZwSetEvent
ZwWriteRequestData
RtlGetNtVersionNumbers
NtTranslateFilePath
RtlQueryRegistryValues
ZwCompareTokens
ZwSetInformationJobObject
RtlLookupElementGenericTable
ZwSetSystemEnvironmentValue
RtlQueryInformationActiveActivationContext
RtlFreeHandle
_allshl
ZwDeleteObjectAuditAlarm
ZwQuerySystemEnvironmentValue
RtlGetOwnerSecurityDescriptor
NtSetInformationJobObject
RtlDeregisterWait
RtlSetAllBits

kernel32

GetNamedPipeHandleStateW
GetDriveTypeW
SetConsoleCursorMode
GetLocaleInfoA
SetHandleInformation
GetProcessIoCounters
LoadLibraryW
TlsAlloc
ConsoleMenuControl
GetCurrentThread
QueryDosDeviceA
WriteConsoleInputW
GetModuleHandleW
HeapCreate

wldap32

ldap_parse_resultW
ldap_value_free
ldap_search_abandon_page
ldap_rename_ext_sA
ldap_delete_ext_s
ldap_err2string
ldap_addA
ldap_modrdn_sW
ldap_modrdn2_s
ldap_sasl_bind_sA
ldap_delete_ext_sA
ldap_modify

Sections

.text
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff13003e1d8fe9edcef62ccd9ce4fce4

Headers

DLL Characteristics

File Characteristics

Imports

pdh

oleaut32

advapi32

ntdll

kernel32

wldap32

Sections

.text Size: 410KB - Virtual size: 410KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 189KB - Virtual size: 1.5MB

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 1024B - Virtual size: 776B

.text
Size: 410KB - Virtual size: 410KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 189KB - Virtual size: 1.5MB

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 1024B - Virtual size: 776B