89d64da808fda1c3b61a32ccfa467d43a74822c76ef9bad21283c4c12a6653e3

Sharing

Copy URL Twitter E-mail

General

Target

89d64da808fda1c3b61a32ccfa467d43a74822c76ef9bad21283c4c12a6653e3
Size

842KB
MD5

9be642ab41c69be44cd7ea8ac8220079
SHA1

0baa1a9e3a556b6920c601e4cfb40df3d248726d
SHA256

89d64da808fda1c3b61a32ccfa467d43a74822c76ef9bad21283c4c12a6653e3
SHA512

08f620cee9264b2a0eba2799f12e487962e53be0cc184fb9f1d08f1b13ecbc7c5211e3ae43ac63c5964dfead6ba323730b445fb87f25a9fdc0de307a9d5bd1f6
SSDEEP

12288:bkxCKsS4MhKBbzNqpzF+WdGTkrz2C2SWycqKi3ZTcdSbp2KO+a6uq2uJQeZetEM9:bjKsFBbzOoOTrJWycql5pzO+yEMZHas

Score

N/A

Malware Config

Signatures

Files

89d64da808fda1c3b61a32ccfa467d43a74822c76ef9bad21283c4c12a6653e3
.exe windows x86

981f276cbdc4bcb8718769cf5c9fa233

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleNlsMode
AllocConsole
LoadLibraryA
LockResource
NlsGetCacheUpdateCount
AddAtomW
OutputDebugStringA
GetSystemDirectoryW
GetFileType
CreateWaitableTimerA
SetClientTimeZoneInformation
EnumUILanguagesW
GetDefaultCommConfigA
RemoveVectoredExceptionHandler
VirtualAlloc
lstrlenA
PeekConsoleInputA
SetCommTimeouts
GetModuleHandleW
WriteFile
GlobalFix
GetCurrentThreadId
GetCurrentDirectoryW
GetPrivateProfileStringW

ntdsapi

DsAddSidHistoryW
DsListSitesW
DsReplicaGetInfoW
DsCrackUnquotedMangledRdnA
DsaopBind
DsListServersInSiteW
DsReplicaSyncW
DsReplicaDelA
DsFreeSpnArrayW
DsReplicaAddW
DsIsMangledDnA
DsFreeNameResultW
DsListDomainsInSiteW
DsCrackSpn3W
DsFreeSpnArrayA
DsGetDomainControllerInfoW
DsIsMangledRdnValueW
DsReplicaFreeInfo
DsAddSidHistoryA
DsCrackUnquotedMangledRdnW
DsBindWithSpnW
DsQuoteRdnValueA
DsClientMakeSpnForTargetServerA
DsCrackSpnA

opengl32

glColor4f
glLineWidth
glRasterPos2f
glTexCoord4iv
glVertex3dv
glIndexsv
glPolygonOffset
glScalef
glTexCoordPointer
glRasterPos3s
glGetTexGendv
wglGetDefaultProcAddress
glFogi
glEdgeFlagPointer
glTexGeni
glColor3ub
glEvalPoint1
glTexCoord1fv
glEvalCoord2dv
glColor4uiv

msvcrt

printf
_wfullpath
__getmainargs
_loaddll
??0bad_cast@@QAE@PBD@Z
?what@exception@@UBEPBDXZ
_XcptFilter
_wrename
??_E__non_rtti_object@@UAEPAXI@Z
localtime
wscanf
_localtime64
___unguarded_readlc_active_add_func
_daylight
floor
swprintf
_adj_fdiv_m16i
strstr
_creat

wship6

WSHSetSocketInformation
WSHStringToAddress
WSHGetWSAProtocolInfo
WSHAddressToString
WSHNotify
WSHEnumProtocols
WSHJoinLeaf
WSHOpenSocket
WSHGetProviderGuid
WSHIoctl
WSHGetSockaddrType
WSHGetWildcardSockaddr
WSHGetWinsockMapping
WSHGetSocketInformation
WSHOpenSocket2

Sections

.text
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 372KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981f276cbdc4bcb8718769cf5c9fa233

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdsapi

opengl32

msvcrt

wship6

Sections

.text Size: 463KB - Virtual size: 463KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 372KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 424B

.text
Size: 463KB - Virtual size: 463KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 372KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 424B