8fd3d40f17fe6d8cf776b5362b2bb91ef31e646798da44fd9a48726d815bb898

Sharing

Copy URL Twitter E-mail

General

Target

8fd3d40f17fe6d8cf776b5362b2bb91ef31e646798da44fd9a48726d815bb898
Size

830KB
MD5

ae27cf33625b785339b2c5ad16792297
SHA1

5c970848c78e7ace3c4fca571775a5d9daea7b26
SHA256

8fd3d40f17fe6d8cf776b5362b2bb91ef31e646798da44fd9a48726d815bb898
SHA512

f71e2dd085dda8a916559ba3968f171b3db4235448137518be883742b4bd255c46f4405d09f02b3d7c6b0e95747f77bce5f8b6a89d91385e5a9534c460f51dc2
SSDEEP

24576:/Ver1UzWH6iS9LneYTGhdm4CL53PrEsIqkr52zqRQ4:4baigLZTkc4eRkrIqp

Score

N/A

Malware Config

Signatures

Files

8fd3d40f17fe6d8cf776b5362b2bb91ef31e646798da44fd9a48726d815bb898
.exe windows x86

286dc6b7f797e5151b25911314b5bbff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
SetConsoleInputExeNameW
InterlockedExchange
ReadConsoleOutputCharacterW
TzSpecificLocalTimeToSystemTime
LoadLibraryExA
OpenThread
HeapValidate
HeapCreate
CreateDirectoryExW
ResumeThread
GetConsoleCursorMode
lstrcpynW
GlobalLock
LoadLibraryW
OpenProfileUserMapping
_lwrite
FindResourceExA
SetConsoleInputExeNameA
FindCloseChangeNotification
SetProcessPriorityBoost
GetVolumePathNameA
GetTickCount
EnumResourceTypesW
SetEnvironmentVariableA
GetCommMask
GetPrivateProfileStructW
LZOpenFileW
GetBinaryType
TransactNamedPipe
LoadLibraryExW
GetUserDefaultLCID
SetLastError
SwitchToFiber
GlobalSize
InitializeCriticalSectionAndSpinCount
FindActCtxSectionStringW

adsldpc

LdapTypeFreeLdapObjects
BuildADsPathFromLDAPPath
LdapTypeToAdsTypeDNWithString
AllocADsStr
LdapCacheAddRef
LdapMakeSchemaCacheObsolete
ADsDeleteClassDefinition
LdapGetDn
BuildLDAPPathFromADsPath2
SchemaClose
LdapTypeCopyConstruct
SortAndRemoveDuplicateOIDs
ADsObject
ADSICloseSearchHandle
SchemaGetStringsFromStringTable
LdapTypeToAdsTypeGeneralizedTime
BuildADsParentPathFromObjectInfo2
LdapTypeBinaryToString
BuildADsParentPath
ADsCreateClassDefinition

odbc32

SQLGetStmtAttrA
SQLBrowseConnectA
SQLSetDescFieldA
SQLColAttributeW
SQLRowCount
SQLColumnsW
SQLSetConnectAttrW
SQLColAttributesW
SQLGetStmtAttrW
SQLAllocHandleStd
SQLSetEnvAttr
SQLGetDescRecW
SQLEndTran
SQLTablePrivilegesW
SQLSetStmtOption
SQLDriverConnectA
SQLDataSourcesA

ufat

??1FAT_DIRENT@@UAE@XZ
?QueryCensusAndRelocate@FAT_SA@@QAEEPAU_CENSUS_REPORT@@PAVINTSTACK@@PAE@Z
?SearchForDirEntry@FATDIR@@QAEPAXPBVWSTRING@@@Z
?Index12@FAT@@ABEKK@Z
?Initialize@EA_SET@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z
?QueryFreeSectors@REAL_FAT_SA@@QBEKXZ
?Initialize@EA_HEADER@@QAEEPAVMEM@@PAVLOG_IO_DP_DRIVE@@PAVFAT_SA@@PBVFAT@@KK@Z
?InitFATChkDirty@REAL_FAT_SA@@QAEEPAVLOG_IO_DP_DRIVE@@PAVMESSAGE@@@Z
??0ROOTDIR@@QAE@XZ
?IsValidLastWriteTime@FAT_DIRENT@@QBEEXZ
?GetEa@EA_SET@@QAEPAU_EA@@KPAJPAE@Z
??1EA_SET@@UAE@XZ
??0CLUSTER_CHAIN@@QAE@XZ

rasadhlp

WSNoteSuccessfulHostentLookup
WSAttemptAutodialAddr
AcsHlpNbConnection
WSAttemptAutodialName

Sections

.text
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

286dc6b7f797e5151b25911314b5bbff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

adsldpc

odbc32

ufat

rasadhlp

Sections

.text Size: 383KB - Virtual size: 382KB

.rdata Size: 127KB - Virtual size: 126KB

.data Size: 173KB - Virtual size: 1.5MB

.rsrc Size: 144KB - Virtual size: 144KB

.reloc Size: 1024B - Virtual size: 968B

.text
Size: 383KB - Virtual size: 382KB

.rdata
Size: 127KB - Virtual size: 126KB

.data
Size: 173KB - Virtual size: 1.5MB

.rsrc
Size: 144KB - Virtual size: 144KB

.reloc
Size: 1024B - Virtual size: 968B