728ffa884d3d71b1c044cc15aba6accb920eecda54c41cf15059e025985d21c2

Sharing

Copy URL

Twitter E-mail

General

Target

728ffa884d3d71b1c044cc15aba6accb920eecda54c41cf15059e025985d21c2
Size

835KB
MD5

6972b3df09c2bd7248ddfb54d836905a
SHA1

465f91d81c4bf69dab7adcf64ddccb2fb3fb9046
SHA256

728ffa884d3d71b1c044cc15aba6accb920eecda54c41cf15059e025985d21c2
SHA512

86346635ec45fd3a8191d48ae8a4dd87a40d6cd994f2eb48744c14449251bdd852ec0b17989905d62fdb216e90b9b4f29816b1c39c21d19c7a37f2e39aa85c2a
SSDEEP

24576:hm9pC6Br8obnEcnnWTqSWmh2TAB0lePiIk30:hM78o7EQnujjB0l4iIk3

Score

N/A

Malware Config

Signatures

Files

728ffa884d3d71b1c044cc15aba6accb920eecda54c41cf15059e025985d21c2
.exe windows x86

282d6d5031705989a0e36c2c32767803

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateAcceleratorA
GetSubMenu
SetDlgItemTextA
EqualRect
AllowSetForegroundWindow
AllowForegroundActivation
CallNextHookEx
UserLpkPSMTextOut
GetClassWord
OpenIcon
GetAppCompatFlags2
TrackMouseEvent
GetMenuState
InvalidateRect
SetParent
ArrangeIconicWindows
GetTitleBarInfo
SetScrollInfo
CheckMenuItem
GetNextDlgGroupItem
GetForegroundWindow
GetRawInputBuffer
RegisterTasklist
DrawTextExW
DdeAddData
GetWindowRect

kernel32

SetLocalPrimaryComputerNameW
RtlFillMemory
Process32NextW
CreateTimerQueueTimer
RegisterWowExec
QueryPerformanceCounter
SetConsolePalette
GetUserDefaultLCID
WriteProfileStringA
PeekConsoleInputA
InitializeCriticalSection
LoadModule
GetLongPathNameW
Toolhelp32ReadProcessMemory
LZOpenFileW
DebugSetProcessKillOnExit
RegisterWaitForSingleObject
WriteConsoleW
GetExitCodeProcess
RemoveDirectoryA
GetSystemWindowsDirectoryW
SetThreadPriority
LoadLibraryW
BaseFlushAppcompatCache
SetFileApisToANSI
SetConsoleTitleA
FindNextFileW
CreateDirectoryExA
SetFileTime
UnlockFileEx
GetVolumeNameForVolumeMountPointA
RegisterConsoleVDM
SetClientTimeZoneInformation
ReadConsoleOutputCharacterA
FindNextFileA
GetFileAttributesW
GetTickCount
TerminateThread
HeapCreate
GetSystemInfo
GetUserDefaultLangID
LCMapStringW

advapi32

LsaGetRemoteUserName
GetTokenInformation
LookupPrivilegeNameA
SystemFunction005
ConvertSDToStringSDRootDomainW
LsaOpenAccount
GetSecurityDescriptorControl
GetSidIdentifierAuthority
BackupEventLogA
StartTraceW
TraceMessageVa
RegFlushKey
StartServiceW
QueryServiceLockStatusA
LsaOpenPolicy
InstallApplication
SystemFunction018
GetNamedSecurityInfoExA
LsaGetSystemAccessAccount
LsaNtStatusToWinError
CredUnmarshalCredentialA

mfcsubs

??P@YG_NABVCString@@PBG@Z
?ElementAt@CStringArray@@QAEAAVCString@@H@Z
??0CString@@QAE@PBE@Z
?Lock@CCriticalSection@@UAEHK@Z
??M@YG_NABVCString@@PBG@Z
??O@YG_NPBGABVCString@@@Z
?Lock@CCriticalSection@@QAEHXZ
??_FCMapStringToPtr@@QAEXXZ
??8@YG_NABVCString@@0@Z
?Init@CString@@IAEXXZ

winmm

PlaySoundA
midiOutOpen
WOWAppExit
tid32Message
midiStreamRestart
midiOutReset
timeSetEvent
mmTaskYield
waveOutPrepareHeader
midiStreamStop
mixerGetControlDetailsW

wldap32

ldap_parse_extended_resultW
ldap_add_extW
ldap_delete_sW
ldap_add_ext_s
ber_printf
ldap_free_controls
ldap_search_stW
ldap_compare_sA
ldap_compare_extW
ldap_extended_operation_sA
ldap_modrdn2
ldap_get_next_page
ldap_get_values
ldap_modify_s
ldap_bind_s
ldap_modifyA
ldap_get_optionW
ldap_parse_referenceW
ldap_count_values_len
ldap_modify_extA
ldap_compare
ldap_modify_ext_sW
ldap_compare_ext
ldap_count_valuesW
ldap_memfreeA
ldap_search_init_pageA

Sections

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

282d6d5031705989a0e36c2c32767803

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

advapi32

mfcsubs

winmm

wldap32

Sections

.text Size: 360KB - Virtual size: 360KB

.rdata Size: 143KB - Virtual size: 143KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1024B - Virtual size: 996B

.text
Size: 360KB - Virtual size: 360KB

.rdata
Size: 143KB - Virtual size: 143KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1024B - Virtual size: 996B