834cb0ef4f081a54b6e5bc7b498c06c8c91b78adb587602b8703a5408e6ae9a3

Sharing

Copy URL Twitter E-mail

General

Target

834cb0ef4f081a54b6e5bc7b498c06c8c91b78adb587602b8703a5408e6ae9a3
Size

48KB
MD5

4a5f81fcc91e2d5334bdebeda30357c3
SHA1

75f0bae211f7b3dc3c63a40df71e720096e015de
SHA256

834cb0ef4f081a54b6e5bc7b498c06c8c91b78adb587602b8703a5408e6ae9a3
SHA512

ae988d3034142bf4a479070379f03ce4aa493ddbaccdabcbc8eb5ba79bb1939ea94133fa2da3f8f5491a88a430c999f4696b050da37ebd54d030a3778ac440ac
SSDEEP

768:1oc7Y/b6wn+L92GFEUB/0XH36YWRNWhSdvEMme/ChSw0V66aEqOwGkd0BpwdnP5U:IzqB0Hx17WqSwGbaEQWpShmf

Score

N/A

Malware Config

Signatures

Files

834cb0ef4f081a54b6e5bc7b498c06c8c91b78adb587602b8703a5408e6ae9a3
.exe windows x86

aa4e97091ddf50c1b66224640c4cad71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_value_freeW
ldap_modify_ext_sW
ldap_bind
ldap_rename_ext_s
ldap_addW
ldap_unbind
ldap_explode_dnW
ldap_get_dnA
ber_skip_tag
ldap_first_attributeW
ldap_get_values_lenW
ldap_create_vlv_controlW
ldap_get_optionW
ldap_parse_resultA

printui

vPrinterPropPages
PrintUIEntryW
bFolderGetPrinter
vServerPropPages
bFolderEnumPrinters
DocumentPropertiesWrap
bPrinterSetup
ShowErrorMessageSC
vDocumentDefaults
bFolderRefresh
PrintNotifyTray_Init
PnPInterface
PrinterPropPageProvider
PrintNotifyTray_Exit
ShowErrorMessageHR
UnregisterPrintNotify
vQueueCreate
RegisterPrintNotify

gdi32

GetMetaFileA
GetSystemPaletteEntries
CreateBrushIndirect
DdEntry0
GetWorldTransform
ColorMatchToTarget
GetGlyphOutline
GetPaletteEntries
GetFontData
SetBitmapBits
XLATEOBJ_piVector
GetBrushAttributes
CombineTransform
EnumFontsA
BRUSHOBJ_hGetColorTransform
GetColorAdjustment
CreateDCA
DdEntry53

mprddm

RasAuthProviderTerminate
RasAuthConfigChangeNotification
DDMAdminConnectionGetInfo
RasAuthProviderFreeAttributes
DDMAdminPortReset
DDMAdminConnectionEnum
DDMConnectInterface
IfObjectInitiatePersistentConnections
DDMAdminServerGetInfo
RasAcctConfigChangeNotification
IfObjectLoadPhonebookInfo
DDMSendUserMessage
RasAcctProviderInitialize
DDMServiceInitialize
DDMRegisterConnectionNotification
RasAcctProviderInterimAccounting
RasAcctProviderStopAccounting
RasAuthProviderAuthenticateUser
RasAcctProviderFreeAttributes

kernel32

GetConsoleOutputCP
InitializeSListHead
GetDateFormatW
ReadConsoleOutputCharacterA
Beep
GetVolumePathNameA
GetSystemTimeAsFileTime
LocalAlloc
PrivMoveFileIdentityW
GetConsoleAliasesLengthW
ClearCommBreak
LoadLibraryA
GetStartupInfoW
CreateActCtxW

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa4e97091ddf50c1b66224640c4cad71

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

printui

gdi32

mprddm

kernel32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB