5aca87ed568b3958627c35019ae7f68f8758433b271d909670e0b54e06dc5537

Sharing

Copy URL Twitter E-mail

General

Target

5aca87ed568b3958627c35019ae7f68f8758433b271d909670e0b54e06dc5537
Size

63KB
MD5

935725765ac4492dc46dd8df2e32c9e1
SHA1

49233a8497dc730e856c3f979a8371d0377fe72e
SHA256

5aca87ed568b3958627c35019ae7f68f8758433b271d909670e0b54e06dc5537
SHA512

87e96ddcac47bea488fe42120f1801e7fd1c30ce8ea6ec1ab052e42455d4703b8c1e7207c0c36acef2918cbaa637e5b7460d4c274533852d4fc6718aa2600082
SSDEEP

1536:zGC1KadortqybEQULqN49pU/cWFidTv3HlixhZMR14:zGC1KaytqybEaOEO9lwhiR14

Score

N/A

Malware Config

Signatures

Files

5aca87ed568b3958627c35019ae7f68f8758433b271d909670e0b54e06dc5537
.exe windows x86

1e82437e263c4457e9902ec336d54cd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

ntohs
WSAGetLastError
getprotobynumber
__WSAFDIsSet
WSAEnumProtocolsA
WSALookupServiceBeginA
gethostname
htons
WSAWaitForMultipleEvents
WSAHtonl
WSAResetEvent
WSCWriteNameSpaceOrder
WSAGetServiceClassInfoW
getservbyname
getpeername
WSASocketA
WSACancelAsyncRequest
WSACloseEvent
getservbyport
WSAIoctl
WSACreateEvent
WSAStringToAddressW
getsockname
WSAEnumNameSpaceProvidersA
WSAInstallServiceClassW
recvfrom
WSAAddressToStringA
gethostbyname
WSCGetProviderPath
WSAConnect
WSCInstallProvider
WSASendDisconnect
inet_addr
WSAAsyncGetServByPort
WSAGetServiceClassNameByClassIdW
WSAUnhookBlockingHook
WSASetLastError

ntdsapi

DsUnBindA
DsReplicaUpdateRefsW
DsAddSidHistoryW
DsUnBindW
DsListDomainsInSiteW
DsReplicaSyncA
DsCrackSpnA
DsReplicaUpdateRefsA
DsFreeDomainControllerInfoW
DsUnquoteRdnValueA
DsListDomainsInSiteA
DsListRolesW
DsFreePasswordCredentials
DsWriteAccountSpnW
DsBindW
DsFreeSpnArrayW
DsInheritSecurityIdentityA
DsListServersForDomainInSiteW
DsBindWithSpnA
DsCrackSpnW
DsBindA
DsInheritSecurityIdentityW
DsQuoteRdnValueW
DsMapSchemaGuidsA
DsReplicaGetInfoW
DsQuoteRdnValueA
DsGetSpnA
DsReplicaModifyW
DsFreeNameResultW
DsUnquoteRdnValueW
DsGetSpnW
DsReplicaSyncAllW
DsWriteAccountSpnA
DsBindWithCredA
DsMapSchemaGuidsW
DsListInfoForServerW

user32

SendMessageW
DialogBoxParamW

kernel32

SetCalendarInfoA
GetProcAddress

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e82437e263c4457e9902ec336d54cd9

Headers

File Characteristics

Imports

ws2_32

ntdsapi

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 12KB