a223bccf56dcd4cbcc313f8c5538c9903edee24490d98edcfef81099f8f27b93

Sharing

Copy URL Twitter E-mail

General

Target

a223bccf56dcd4cbcc313f8c5538c9903edee24490d98edcfef81099f8f27b93
Size

22KB
MD5

e2cc8787700f34c830581133083001bf
SHA1

5b73471ba590a853cfe74c15bb4fe87bd7de7e30
SHA256

a223bccf56dcd4cbcc313f8c5538c9903edee24490d98edcfef81099f8f27b93
SHA512

c8db7a6cbb3317873eadec439f8ea93df99a93c62c58caa8651e57697701bb0696b349c2ced6b1eea38744ef88e11306474ca4db7322c70ef34b541bda6c5131
SSDEEP

384:MaSj59urXR9jlV00/fmqzEHKDaPW40C/DLPeqhAbqKkAl9liu6Guayuq2+GuaIe2:MaW0a0/pEHMae40YLPe/X2c27IwX

Score

N/A

Malware Config

Signatures

Files

a223bccf56dcd4cbcc313f8c5538c9903edee24490d98edcfef81099f8f27b93
.exe windows x86

d76d4666fd84f06e0c77f018954221f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetApiBufferFree
NetServerGetInfo
DsEnumerateDomainTrustsW
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation

kernel32

InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetModuleHandleW
WideCharToMultiByte
InterlockedIncrement
GetTickCount
GetModuleFileNameW
UnhandledExceptionFilter
lstrlenA
LeaveCriticalSection
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
GetEnvironmentVariableW
SetLastError
DeleteCriticalSection
InterlockedDecrement
InitializeCriticalSection
CompareStringW
lstrcpyA
GlobalAlloc
lstrlenW
TerminateProcess
GetCurrentProcessId
VirtualAlloc
LocalAlloc
GetUserDefaultUILanguage
MultiByteToWideChar
GetCurrentThreadId
FormatMessageW
FreeLibrary
GetCurrentProcess
GlobalUnlock
GlobalLock
EnterCriticalSection
LoadLibraryW
LocalFree
lstrcmpW
lstrcatA
GetProcAddress
SetUnhandledExceptionFilter

dbghelp

SymGetOptions

msvcrt

_adjust_fdiv
_vsnwprintf
_chdir
_beginthread
_beep
_initterm
exit
free
malloc
_onexit

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

user32

SetCursor
SetMenuDefaultItem
RegisterClipboardFormatW
DialogBoxParamW
ShowWindow
PrivateExtractIconsW
GetCursor
SetWindowTextW
CharNextA
MessageBoxW
GetWindowRect
MapWindowPoints
EnableWindow
EndDialog
GetParent
DeleteMenu
WinHelpW
SendMessageW
GetWindowLongW
MoveWindow
GetDlgItem
AlignRects
InsertMenuW
LoadStringW
ChangeMenuA
EnableMenuItem
PostMessageW

shlwapi

UrlUnescapeW
StrCatW
StrCpyW
StrCmpIW
StrToIntW
StrCpyNW
wnsprintfW
PathParseIconLocationW
StrCatBuffW
StrChrW
StrCmpW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium
CoUninitialize
CoInitialize

mpr

WNetCancelConnection2W
WNetAddConnection2W

shell32

ShellExecuteW
ShellExecuteExW

ntdsapi

DsCrackNamesW
DsFreeNameResultW

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d76d4666fd84f06e0c77f018954221f4

Headers

File Characteristics

Imports

netapi32

kernel32

dbghelp

msvcrt

advapi32

user32

shlwapi

ole32

mpr

shell32

ntdsapi

Sections

.textbss Size: - Virtual size: 64KB

.idata Size: 5KB - Virtual size: 5KB

.text Size: 512B - Virtual size: 464B

.rdata Size: 15KB - Virtual size: 15KB

.textbss
Size: - Virtual size: 64KB

.idata
Size: 5KB - Virtual size: 5KB

.text
Size: 512B - Virtual size: 464B

.rdata
Size: 15KB - Virtual size: 15KB