f12eebdce0d120de52770f764e2616bfa7e21b1c552ae2d8b821e382cfefc007

Sharing

Copy URL

Twitter E-mail

General

Target

f12eebdce0d120de52770f764e2616bfa7e21b1c552ae2d8b821e382cfefc007
Size

272KB
MD5

037dd30cdcb479da5c5334fdb345f260
SHA1

081114afc427cd36b2c786c4276a476c0745688a
SHA256

f12eebdce0d120de52770f764e2616bfa7e21b1c552ae2d8b821e382cfefc007
SHA512

0b0b9abff32787cefb23020fc3a1a37692e587bd456072816f7c9a107b5f933dfcf8964492cd0cf955d08cfdb317b293b2c2d643b99d1e9241bdcf16a53c6da3
SSDEEP

6144:62r7dAOkQvCX2Po/RLxn9yTTN1Br9h3UEDYKp1uscY0GVk:9yOwisH8Tf5tpLuQk

Score

N/A

Malware Config

Signatures

Files

f12eebdce0d120de52770f764e2616bfa7e21b1c552ae2d8b821e382cfefc007
.exe windows x86

286581219a31922d701b9791be874013

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegisterTraceGuidsW
GetTraceEnableFlags
RegEnumKeyExW
GetTraceLoggerHandle
RegQueryValueExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
TraceMessage
RegDeleteValueW
RegCreateKeyExW
UnregisterTraceGuids
GetTraceEnableLevel
RegCloseKey

kernel32

LeaveCriticalSection
MultiByteToWideChar
GetEnvironmentStringsA
FlushInstructionCache
IsValidCodePage
InterlockedIncrement
LoadLibraryExW
GetCurrentProcessId
GetCurrentProcess
SizeofResource
OutputDebugStringA
GetProcAddress
InterlockedDecrement
FormatMessageW
GetModuleFileNameW
GetProcessHeap
VirtualFree
GetSystemTimeAsFileTime
lstrcpynW
GetStartupInfoA
SetUnhandledExceptionFilter
lstrcpyW
DeleteCriticalSection
FreeLibrary
SetLastError
QueryPerformanceCounter
GetTickCount
GetSystemInfo
HeapDestroy
LoadResource
GetLastError
lstrlenA
HeapFree
GetUserDefaultLCID
LocalFree
FindResourceW
lstrcmpiW
lstrcatW
LoadLibraryW
HeapAlloc
lstrlenW
LoadLibraryA

rpcrt4

CStdStubBuffer_Disconnect
CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerQueryInterface
NdrCStdStubBuffer_Release
CStdStubBuffer_QueryInterface
NdrDllRegisterProxy
CStdStubBuffer_Connect
NdrOleAllocate
CStdStubBuffer_CountRefs
NdrDllGetClassObject
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
NdrOleFree
NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported

wldap32

ldap_count_entries
ldap_count_references
ldap_count_values
ldap_controls_freeW

user32

EndDialog
SendDlgItemMessageW
GetClientRect
LoadImageW
SetDlgItemTextW
SystemParametersInfoW
CopyRect
ShowWindow
GetWindow
GetSystemMetrics
SetWindowLongW
GetDlgItem
SendMessageW
GetWindowRect
GetDlgItemTextW
SetWindowTextW
GetWindowLongW
LoadStringW
CreateDialogParamW
SetWindowPos
DialogBoxParamW
DrawTextW
GetDialogBaseUnits
SetFocus
MapWindowPoints
MessageBoxW
DestroyWindow
EnableWindow
GetParent
CharNextW

url

OpenURL
TelnetProtocolHandler
TelnetProtocolHandlerA
OpenURLA

shell32

SHGetFolderPathW
ShellExecuteW

Sections

text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

286581219a31922d701b9791be874013

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

rpcrt4

wldap32

user32

url

shell32

Sections

text Size: 122KB - Virtual size: 121KB

.rdata Size: 147KB - Virtual size: 155KB

.rsrc Size: 1024B - Virtual size: 922B

text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 147KB - Virtual size: 155KB

.rsrc
Size: 1024B - Virtual size: 922B