8eb9bcf267b8bcd6e921158aa0c300d420acaba78fef66903f6c744b12ea2ef0

Sharing

Copy URL Twitter E-mail

General

Target

8eb9bcf267b8bcd6e921158aa0c300d420acaba78fef66903f6c744b12ea2ef0
Size

429KB
MD5

67d651cf035f9816c0df68b1766832ee
SHA1

e7a4bf9032d3218ca8429a38040a1f272d02e922
SHA256

8eb9bcf267b8bcd6e921158aa0c300d420acaba78fef66903f6c744b12ea2ef0
SHA512

a0b164409d0cb2527b088a89c983ba98bc0eb3ef156ed6f34139af96a51b1c35f79ee546524458a8a0bad2a20545c577e4e333f6680fbead2d779c995f814eb3
SSDEEP

12288:anU50+KQekadAy3M/EUdPGQw0koSHe4m9uEmRM:Uz+pekadLc5duQtSHBmVmRM

Score

N/A

Malware Config

Signatures

Files

8eb9bcf267b8bcd6e921158aa0c300d420acaba78fef66903f6c744b12ea2ef0
.exe windows x86

7c4cacafcb08251b6f14ad152404fda8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CredpConvertTargetInfo
RegisterEventSourceW
UpdateTraceA
WmiQuerySingleInstanceA
CredIsMarshaledCredentialA
CryptDeriveKey
ChangeServiceConfigA
UnlockServiceDatabase
CryptDecrypt
AddUsersToEncryptedFile
GetExplicitEntriesFromAclA
AdjustTokenPrivileges
ChangeServiceConfigW
CryptVerifySignatureW
QueryServiceStatusEx
CreateWellKnownSid
StartServiceCtrlDispatcherW
RegisterTraceGuidsA

wsnmp32

SnmpFreeVbl
SnmpSetTimeout
SnmpFreeContext
SnmpRecvMsg
SnmpGetVendorInfo
SnmpClose
SnmpCancelMsg
SnmpSetTranslateMode
SnmpCreateSession
SnmpGetRetry
SnmpGetTranslateMode
SnmpDuplicateVbl
_SnmpSetAgentAddress@4
SnmpSetRetransmitMode
SnmpEntityToStr
SnmpStrToOid
SnmpSetVb
SnmpDecodeMsg

wldap32

ldap_search_ext
ldap_get_option
ldap_search_stA
ldap_set_optionA
ldap_memfreeA
ldap_addW
ldap_compare_sA
ldap_memfreeW
ldap_value_freeA
ldap_extended_operationW
ldap_delete_extA
ldap_first_attributeW
ldap_modrdnW
ldap_count_entries
ldap_stop_tls_s
ldap_close_extended_op
ldap_delete_ext_sA
ber_free
ldap_controls_freeA
ldap_sslinitA
ldap_rename_ext_s
ldap_create_sort_control
ldap_parse_page_controlA
ldap_free_controlsA

kernel32

SetLocalPrimaryComputerNameA
LoadLibraryA
VDMConsoleOperation
GetSystemDefaultLangID
SetComputerNameExA
WritePrivateProfileStructW
SetVolumeLabelA
CallNamedPipeW
HeapFree
WriteProfileSectionW
EnumTimeFormatsA
GetNativeSystemInfo
CommConfigDialogA
GetStartupInfoA
GetLogicalDrives
WaitForSingleObjectEx
GlobalGetAtomNameA
CreateMemoryResourceNotification
OpenMutexA
GlobalMemoryStatusEx
SetConsoleTextAttribute
EnumSystemLocalesW
QueryPerformanceCounter
WTSGetActiveConsoleSessionId
VirtualAlloc
GetEnvironmentStringsA
GetCurrentThread

gdi32

GdiEntry7
CreateColorSpaceW
SetMagicColors
GetCharABCWidthsFloatW
TextOutW
CreateEllipticRgn
CreateDIBPatternBrushPt
GetTextCharsetInfo
AddFontResourceW
GdiDllInitialize
GetGlyphOutlineW
SetDeviceGammaRamp
GdiDrawStream
GetBrushOrgEx
FlattenPath
SetBitmapAttributes
AbortDoc
GetMiterLimit
GetBitmapBits
EngPaint
EngTextOut
SetWorldTransform
GdiCleanCacheDC

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c4cacafcb08251b6f14ad152404fda8

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

wsnmp32

wldap32

kernel32

gdi32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 269KB - Virtual size: 269KB

.data Size: 1024B - Virtual size: 474KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 1024B - Virtual size: 1000B

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 269KB - Virtual size: 269KB

.data
Size: 1024B - Virtual size: 474KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 1024B - Virtual size: 1000B