c53ddfe0157451c6e24596fb023751ca1a9a785f38b992c6df7a8624916e423f

Sharing

Copy URL

Twitter E-mail

General

Target

c53ddfe0157451c6e24596fb023751ca1a9a785f38b992c6df7a8624916e423f
Size

829KB
MD5

b476424fda0dd5966d8eb339594ba727
SHA1

4c4b3ab8261f10ff753c36fd74089aca1785ed07
SHA256

c53ddfe0157451c6e24596fb023751ca1a9a785f38b992c6df7a8624916e423f
SHA512

679c3e5c394f4a4d1bea24614fb3ac81ccf93aa5f3be6f3b66ec8caf7826b94fce452b146a63d3b2fb7043fef382240f7e6b89bfd6befbbf79f9efe5033f540e
SSDEEP

12288:H8ie7D6oIfwpq4XCTayV5/C+FO2vHEduSeEQkbn76p0nadS3UCBiT9zfMKdAVdVT:H8iffil2tK+FUduSey7NGWU6Q2ZVdQA

Score

N/A

Malware Config

Signatures

Files

c53ddfe0157451c6e24596fb023751ca1a9a785f38b992c6df7a8624916e423f
.exe windows x86

15c20cb23898304238d03bc06698a9f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdsapi

DsListDomainsInSiteW
DsListInfoForServerW
DsMapSchemaGuidsA
DsFreeSpnArrayA
DsGetRdnW
DsReplicaAddW
DsMakeSpnW
DsBindA
DsRemoveDsServerA
DsListRolesW
DsUnBindW
DsListInfoForServerA
DsMakeSpnA
DsFreeDomainControllerInfoA
DsListServersInSiteA
DsReplicaModifyA
DsFreeSchemaGuidMapW
DsReplicaFreeInfo
DsReplicaDelW
DsRemoveDsDomainW

imagehlp

SymUnloadModule64
ImagehlpApiVersionEx
ImageNtHeader
UpdateDebugInfoFile
SymInitialize
TouchFileTimes
SymMatchString
UpdateDebugInfoFileEx
SymGetLineFromName
ImageDirectoryEntryToDataEx
ImageLoad
ImageGetCertificateData
SymGetSymFromName64
SymGetSearchPath
SymSetOptions
SymEnumerateModules64
SymMatchFileName
SymFunctionTableAccess64
MapFileAndCheckSumA
ReBaseImage
MapDebugInformation

oleaut32

VariantTimeToDosDateTime
SafeArraySetIID
OleCreateFontIndirect
SafeArrayGetElement
VarUI1FromI4
VarBoolFromUI4
VarCyRound
VarI2FromDate
VarDecFromDate
VarDecFromUI2
VarBstrFromDisp
VarDecRound
SafeArrayAllocDescriptor
VarR4FromCy
DllRegisterServer
VarI1FromUI2
VarPow
VarBoolFromI1
VarDecFromUI8
VarI8FromBool
SafeArrayGetVartype
VarIdiv
VarI8FromUI2
VarR8FromDisp
VarDecFromDisp

kernel32

SetConsoleCursorInfo
IsDBCSLeadByte
QueryPerformanceFrequency
FillConsoleOutputCharacterA
GetHandleInformation
IsProcessorFeaturePresent
LZSeek
lstrcat
GetShortPathNameW
EnumTimeFormatsW
GetModuleHandleA
WaitNamedPipeW
SetCommBreak
Heap32ListNext
GetConsoleTitleA
GetFirmwareEnvironmentVariableA
LCMapStringA
Module32First
VirtualProtectEx
GetModuleHandleW
PulseEvent
GetConsoleAliasExesA
EnumSystemLanguageGroupsA
CancelTimerQueueTimer
GetMailslotInfo
GetNamedPipeHandleStateW
OpenSemaphoreA
FindActCtxSectionStringW
LocalUnlock
CallNamedPipeW
UpdateResourceA
BeginUpdateResourceA
QueryPerformanceCounter
GetCurrentThread
CreateJobSet
ReadConsoleOutputCharacterW
RemoveLocalAlternateComputerNameW
GetLocaleInfoW
LocalShrink
FreeResource
LoadLibraryW
GetGeoInfoA
GetProcessHeap
IsDBCSLeadByteEx

wldap32

ldap_first_reference
ldap_modifyA
ldap_simple_bindW
ldap_get_dn
ldap_rename_ext_sA
ldap_simple_bind
ldap_search_sA
ber_bvfree
ldap_count_valuesW
ldap_dn2ufnW
ldap_value_free_len
ldap_parse_reference
ldap_compareW
ldap_controls_freeW
ldap_delete
ldap_parse_sort_controlW
ldap_extended_operation_sW
ber_init
cldap_openA
ldap_abandon
ldap_perror
ldap_modify_sW
ldap_search_init_pageW
ber_printf
ldap_modrdnA
ldap_dn2ufnA
ldap_create_page_controlW
ldap_sslinit
ldap_value_freeW

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15c20cb23898304238d03bc06698a9f0

Headers

DLL Characteristics

File Characteristics

Imports

ntdsapi

imagehlp

oleaut32

kernel32

wldap32

Sections

.text Size: 391KB - Virtual size: 390KB

.rdata Size: 161KB - Virtual size: 161KB

.data Size: 165KB - Virtual size: 1.5MB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 1024B - Virtual size: 868B

.text
Size: 391KB - Virtual size: 390KB

.rdata
Size: 161KB - Virtual size: 161KB

.data
Size: 165KB - Virtual size: 1.5MB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 1024B - Virtual size: 868B