cb41fca0c590d77deab49d52b8f5487026971fc5b11694346e6cc9dd46a9b3aa

Sharing

Copy URL Twitter E-mail

General

Target

cb41fca0c590d77deab49d52b8f5487026971fc5b11694346e6cc9dd46a9b3aa
Size

47KB
MD5

960523a163dbf40a7a0d9c684376bf5d
SHA1

30edf1bb246b9ee1aa8dc621a5ce08ff2cfb712b
SHA256

cb41fca0c590d77deab49d52b8f5487026971fc5b11694346e6cc9dd46a9b3aa
SHA512

80bffa25855b46bb9bf8e2c08ff249d7d27790ee0884975857d17349ed60a05b27edd31e76d698b8dc7a6ca2e93ef144518510dc4eadaacd0a5a3667f24f9a65
SSDEEP

768:wwVvg6YdJ042daJQjoh1dWwN/ccIaUswjihiaPaC8IpPOLsSBBJgYSo2:y1/2YJQjoh9UsOZufCBBJSo2

Score

N/A

Malware Config

Signatures

Files

cb41fca0c590d77deab49d52b8f5487026971fc5b11694346e6cc9dd46a9b3aa
.exe windows x86

50ec2e446bafddb2193f75f5100748ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_simple_bind
ldap_simple_bind_sW
ldap_sasl_bindW
ldap_delete_s
ldap_search
ldap_count_values
ldap_searchW
ldap_delete
ber_init
ldap_search_st
ldap_memfree
ldap_get_optionW
ldap_create_page_controlA
ldap_free_controls
ldap_dn2ufnA
ldap_delete_sW
ber_peek_tag
ldap_modrdn_sW
ldap_modify
ldap_addW
ldap_start_tls_sW
ldap_modrdn2A
ldap_get_values_len
ldap_msgfree
ldap_modify_ext
ldap_stop_tls_s
ldap_compareA
ldap_bindA
ldap_dn2ufn
ldap_controls_freeW
ldap_rename_extA
ldap_escape_filter_elementA
ldap_parse_vlv_controlW
ldap_count_values_len

msasn1

ASN1BEREncBool
ASN1intx_setuint32
ASN1ztcharstring_cmp
ASN1BERDecEndOfContents
ASN1intx_free
ASN1CEREncBitString
ASN1CEREncMultibyteString
ASN1BEREncOpenType
ASN1BERDecZeroMultibyteString
ASN1BEREncChar16String
ASN1BERDecSXVal
ASN1open_cmp
ASN1_SetDecoderOption
ASN1BEREncEndOfContents
ASN1_CloseDecoder
ASN1CEREncFlushBlkElement
ASN1BERDecCharString
ASN1BERDecOpenType2
ASN1BEREncChar32String
ASN1_Encode
ASN1BERDecLength
ASN1intx2int32
ASN1BERDecNotEndOfContents
ASN1BEREncCheck
ASN1BEREncExplicitTag
ASN1BEREncCharString
ASN1BEREncBitString
ASN1BERDecSkip
ASN1BEREncObjectIdentifier
ASN1_FreeDecoded
ASN1charstring_cmp
ASN1BEREncRemoveZeroBits
ASN1_GetEncoderOption

kernel32

VirtualProtectEx
CreateJobSet
GetDefaultCommConfigW
VirtualAlloc
FlushConsoleInputBuffer
GetPriorityClass
TerminateThread
HeapCreate
GetNumberOfConsoleMouseButtons
SetConsoleTitleA
FindFirstFileExA
GetConsoleAliasExesA
GetDevicePowerState
ExitProcess
FindNextVolumeMountPointW
ResetWriteWatch
GetSystemTimeAsFileTime
EnumerateLocalComputerNamesW
ExpungeConsoleCommandHistoryW
LoadResource
SetUnhandledExceptionFilter
SetSystemTimeAdjustment
GetFullPathNameW
GetConsoleProcessList
GlobalGetAtomNameW
GetSystemPowerStatus
SetFileShortNameA
CreateMailslotA
GlobalSize
HeapFree
SetConsoleTextAttribute
GetVolumeInformationW
GetModuleHandleW
LoadLibraryA
UTUnRegister
lstrcat

ws2_32

WSACreateEvent
WSAResetEvent
htonl
WSANSPIoctl
getsockopt
WSAAccept
WSCUpdateProvider
WSADuplicateSocketA
WSAAsyncGetServByPort
recvfrom
WSALookupServiceEnd
gethostname
WSAAsyncGetServByName
ntohl
WSCInstallProvider
WPUCompleteOverlappedRequest
WSACancelBlockingCall
WSAEnumNameSpaceProvidersA
WSAAsyncGetHostByAddr
getprotobyname
WSAProviderConfigChange
WSAEventSelect
WSAGetLastError
WSASetEvent
WSCInstallNameSpace
WSAIoctl
WSAIsBlocking
select
WSAEnumNetworkEvents
WSASocketW
WSANtohl
WSASetBlockingHook
WSCEnableNSProvider

odbctrac

TraceSQLCopyDesc
TraceSQLGetInfo
TraceSQLCancel
TraceSQLDriverConnectW
TraceSQLTablesW
TraceSQLAllocStmt
TraceSQLSetConnectOption
TraceSQLBulkOperations
TraceSQLMoreResults
TraceSQLProcedureColumnsW
TraceSQLColumns
TraceSQLCloseCursor
TraceSQLDescribeCol
TraceSQLParamData
TraceSQLPrepareW
TraceSQLNumParams
TraceSQLColumnPrivilegesW
TraceSQLSetDescField
TraceSQLGetDiagFieldW
TraceSQLFreeConnect
TraceSQLColAttributeW
TraceSQLFetch
TraceSQLEndTran
TraceSQLExecDirect
TraceSQLGetDescField
TraceSQLGetTypeInfo

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50ec2e446bafddb2193f75f5100748ac

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

msasn1

kernel32

ws2_32

odbctrac

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB