5c524d7fbe4db61ef45aa476d7ddb503bd1394ee81dfe8e40476b21dbbadd5c2

Sharing

Copy URL Twitter E-mail

General

Target

5c524d7fbe4db61ef45aa476d7ddb503bd1394ee81dfe8e40476b21dbbadd5c2
Size

48KB
MD5

203619aa5c44bdf72cfefb4463eb38ed
SHA1

1cfccef124b8b2f913fc546fcf7a96b6f82b74fd
SHA256

5c524d7fbe4db61ef45aa476d7ddb503bd1394ee81dfe8e40476b21dbbadd5c2
SHA512

344224acf21c8788d54bd74468a874d22a195d003bf24141398ece8419bdeabffd6004f300373e61aa982f628bb8d47d7a9b2767943838e2d2b4d1844f2a9d00
SSDEEP

768:Lsk/dWwzfdEaiOxfuRq4l43dvY55xnED4Vm5WHq/:gkoKlEKxGs4lqdvY55BED4VuWK/

Score

N/A

Malware Config

Signatures

Files

5c524d7fbe4db61ef45aa476d7ddb503bd1394ee81dfe8e40476b21dbbadd5c2
.exe windows x86

58992f19fd57726a92fcc93352ba1c6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntdsapi

DsCrackUnquotedMangledRdnA
DsCrackUnquotedMangledRdnW
DsFreeDomainControllerInfoA
DsFreeNameResultA
DsFreeNameResultW
DsFreePasswordCredentials
DsFreeSchemaGuidMapA
DsFreeSchemaGuidMapW
DsFreeSpnArrayA

crypt32

CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCRLContextProperty
CertGetCRLFromStore
CertGetCRLFromStore
CertGetCTLContextProperty

oledlg

OleUIPasteSpecialA
OleUIChangeIconA

atl

AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl
AtlAxCreateControl

msvcrt

fopen
fread

kernel32

GetWindowsDirectoryA
GetConsoleAliasA
SetFilePointer
MulDiv
GetOEMCP
GetACP
ExitProcess
GetExitCodeProcess
GetCommandLineA

dnsapi

DnsAllocateRecord
DnsApiAlloc
DnsApiFree
DnsApiHeapReset
DnsApiRealloc
DnsApiSetDebugGlobals

comsnap

InstallDsExtension

htui

HTUI_ColorAdjustment

polstore

IPSecClosePolicyStore
IPSecCopyAuthMethod
IPSecCopyFilterData
IPSecCopyFilterSpec
IPSecCopyISAKMPData
IPSecCopyNFAData
IPSecCopyNegPolData
IPSecCopyPolicyData
IPSecCreateFilterData
IPSecCreateISAKMPData
IPSecCreateNFAData
IPSecCreateNegPolData
IPSecCreatePolicyData
IPSecDeleteFilterData
IPSecDeleteISAKMPData
IPSecDeleteNFAData
IPSecDeleteNegPolData
IPSecDeletePolicyData
IPSecEnumFilterData
IPSecEnumISAKMPData

regapi

RegWdQueryA
RegWdQueryW
RegCdCreateW
RegCdDeleteA
RegCdDeleteW
RegCdEnumerateA
RegCdEnumerateW
RegCdQueryA
RegCdQueryW
RegCloseServer
RegConsoleShadowQueryA
RegConsoleShadowQueryW
RegDefaultUserConfigQueryA
RegDefaultUserConfigQueryW

dbghelp

ImageRvaToSection
ImageRvaToVa

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

1
Size: - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

1
Size: 1KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58992f19fd57726a92fcc93352ba1c6e

Headers

File Characteristics

Imports

ntdsapi

crypt32

oledlg

atl

msvcrt

kernel32

dnsapi

comsnap

htui

polstore

regapi

dbghelp

Sections

.text Size: 7KB - Virtual size: 8KB

.data Size: 9KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 28KB

1 Size: 512B - Virtual size: 1KB

1 Size: - Virtual size: 368B

1 Size: 1KB - Virtual size: 384B

.text
Size: 7KB - Virtual size: 8KB

.data
Size: 9KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 28KB

1
Size: 512B - Virtual size: 1KB

1
Size: - Virtual size: 368B

1
Size: 1KB - Virtual size: 384B