83c71e5a45493c1ba001190f20c5a7d3c61d97d153b7703e76b48e5dcf4e73e5

Sharing

Copy URL Twitter E-mail

General

Target

83c71e5a45493c1ba001190f20c5a7d3c61d97d153b7703e76b48e5dcf4e73e5
Size

136KB
MD5

540f41d89b4758065da9fe5b40dcaa00
SHA1

3d7e5bf9b7576acfa07897371709f3bcad54e173
SHA256

83c71e5a45493c1ba001190f20c5a7d3c61d97d153b7703e76b48e5dcf4e73e5
SHA512

c252537b16db756c803c758067f887df99b9d7785fda496a6bda49ea79568823007c687e3759691d2837df3ab48f86fed3430d4e49c08338297c20f82f307139
SSDEEP

3072:xL0T3Gz2KRI8A/HEnvQo+y5CPZm2I5zx3gG7kKfWIA:N0QhG8GkIo15ChyyxKfO

Score

N/A

Malware Config

Signatures

Files

83c71e5a45493c1ba001190f20c5a7d3c61d97d153b7703e76b48e5dcf4e73e5
.exe windows x86

9cfbe84e3851b191829ea0c7d72c199d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetMalloc

kernel32

WriteFileGather
GetVersionExW
ResumeThread
GetThreadTimes
LoadLibraryW
MultiByteToWideChar
GetCurrentProcess
GetFirmwareEnvironmentVariableW
RemoveDirectoryA
GetLocaleInfoA
Thread32Next
ReadConsoleInputW
lstrlenW
ConsoleMenuControl
ClearCommError
CreateSocketHandle
HeapLock
InterlockedPopEntrySList
SetEnvironmentVariableW
PurgeComm
GetModuleHandleA
GetFileAttributesA
IsBadWritePtr
ChangeTimerQueueTimer
GlobalFlags
GetCurrentThread
FindNextChangeNotification
EnumUILanguagesW
SwitchToThread

ntlanman

NPFormatNetworkName
NPGetResourceParent
NPGetUser
NPAddConnection3
NPGetConnectionPerformance
NPGetUniversalName
NPCloseEnum
NPGetCaps
DllMain
NPGetReconnectFlags
NPGetResourceInformation
NPCancelConnection
NPGetConnection3
I_SystemFocusDialog
NPGetConnection
NPAddConnection
NPOpenEnum
NPEnumResource

ntdsapi

DsListInfoForServerW
DsCrackNamesA
DsBindWithCredA
DsIsMangledDnW
DsInheritSecurityIdentityA
DsListServersInSiteW
DsMakeSpnA
DsFreePasswordCredentials

msvcrt

calloc
_safe_fdivr
__getmainargs
tmpnam
_amsg_exit
_ismbstrail
_adj_fdiv_m32i
_i64tow
vswprintf
_getsystime
??_Gexception@@UAEPAXI@Z
exit
__set_app_type
signal
_sleep
tan
_wspawnv
_wsearchenv
_ftime
_adj_fdivr_m16i
wcspbrk
_cputws
_mbsicoll
_fcvt
_wcstoui64
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_memccpy
iswupper
_filbuf
__p__commode
__unDNameEx

user32

MessageBoxW
EndDialog

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cfbe84e3851b191829ea0c7d72c199d

Headers

File Characteristics

Imports

shell32

kernel32

ntlanman

ntdsapi

msvcrt

user32

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 512B - Virtual size: 290B

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 512B - Virtual size: 290B

.rsrc
Size: 7KB - Virtual size: 6KB