f537a142fc8c1343fb5e50b09c3b814af2df02481ef3d5559447fe709a33a752

Sharing

Copy URL Twitter E-mail

General

Target

f537a142fc8c1343fb5e50b09c3b814af2df02481ef3d5559447fe709a33a752
Size

831KB
MD5

b37234071c1c63f18137af794076b4d1
SHA1

08d690fe0bf1856c8315daf73d394f749cb45a55
SHA256

f537a142fc8c1343fb5e50b09c3b814af2df02481ef3d5559447fe709a33a752
SHA512

fd7e318c666bc2d11a1ffa7045edecbe9509cd671a2a183138113a21f8e44078d368d3d2c0e07e92d92ba08f827fb8e882602f779a848f824bb4fd4348eb770b
SSDEEP

12288:KuMFpewZiz+MDR2nbxFuyn4GucTpcTrUCaPu9RS3Pf4il9K/kSLaBRivxy6tSt:KuMFpKDR2nzn4GuL4W7SogyJLAQvhSt

Score

N/A

Malware Config

Signatures

Files

f537a142fc8c1343fb5e50b09c3b814af2df02481ef3d5559447fe709a33a752
.exe windows x86

feb291cd10bb708efd00d2780d1d7143

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetpAssertFailed
NetapipBufferAllocate
NetShareDelSticky
NetShareCheck
NetWkstaTransportEnum
NetScheduleJobEnum
NetpwPathCanonicalize
I_BrowserQueryEmulatedDomains
NetpNetBiosStatusToApiStatus
NetSessionDel
NetConnectionEnum
NetMessageNameDel
NetSetPrimaryComputerName
NetErrorLogRead
NetScheduleJobGetInfo
NetRegisterDomainNameChangeNotification
NetApiBufferAllocate
NetLogonGetTimeServiceParentDomain
I_NetLogonGetDomainInfo
NetServerComputerNameDel
NetLocalGroupAddMembers
NetServerTransportEnum
I_NetAccountSync
NetReplSetInfo
NetDfsSetInfo
NetScheduleJobDel
I_NetLogonSamLogon
NetServiceGetInfo

kernel32

GetModuleHandleW
SetConsoleCursorInfo
FileTimeToSystemTime
FreeLibraryAndExitThread
GetTempFileNameW
ResetEvent
ReadConsoleInputExW
GetWindowsDirectoryA
GetConsoleCommandHistoryA
InterlockedPopEntrySList
UpdateResourceA
IsValidCodePage
GetLocaleInfoW
IsWow64Process
FindAtomW
SetPriorityClass
BuildCommDCBA
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetCurrentThread
GetNumberOfConsoleInputEvents
GetConsoleAliasExesW
_lclose
InitAtomTable
GetModuleFileNameW
InitializeCriticalSection
GetConsoleWindow
GetSystemTime
SetComPlusPackageInstallStatus
GetConsoleCharType
IsDBCSLeadByteEx
GetThreadContext
CreateJobSet
GlobalDeleteAtom
LocalHandle
IsValidLanguageGroup
CreateConsoleScreenBuffer
LeaveCriticalSection
GlobalFlags
GetCurrentProcessId
EnumSystemLocalesW
SleepEx

midimap

modMessage
modmCallback
DriverProc

adsldpc

LdapAttributeFree
ADsDeleteClassDefinition
LdapRenameExtS
LdapModifyExtS
SchemaGetStringsFromStringTable
LdapCountEntries
LdapResult
ConvertSidToU2Trustee
LdapFirstAttribute
ADSIGetPreviousRow
ADsObject
ADSIDeleteDSObject
ADSICloseDSObject
LdapValueFree
BuildADsParentPath
ADsGetNextRow
ADsExecuteSearch
LdapSearchST
ReallocADsStr
LdapTypeBinaryToString
AdsTypeToLdapTypeCopyDNWithBinary
LdapSearch
LdapOpenObject
ADsGetObjectAttributes
SchemaGetPropertyInfo
?SetExclaimnationDisabler@CLexer@@QAEXH@Z
LdapTypeCopyConstruct
MapADSTypeToLDAPType
LdapTypeToAdsTypeGeneralizedTime
MapLDAPTypeToADSType

user32

EndDialog
MessageBoxW

msvcrt

__p__mbcasemap
_access
_amsg_exit
_aligned_offset_realloc
exit
atoi
_mbsnbcat
atan
fgetwc
__p__commode
_close
vprintf
_cprintf
___unguarded_readlc_active_add_func
strtoul
??1type_info@@UAE@XZ
__set_app_type
__getmainargs
wcscat
_lfind
_CIacos
__p__winminor

shell32

SHGetMalloc

Sections

.text
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb291cd10bb708efd00d2780d1d7143

Headers

DLL Characteristics

File Characteristics

Imports

netapi32

kernel32

midimap

adsldpc

user32

msvcrt

shell32

Sections

.text Size: 392KB - Virtual size: 392KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 197KB - Virtual size: 1.6MB

.rsrc Size: 133KB - Virtual size: 132KB

.reloc Size: 1024B - Virtual size: 820B

.text
Size: 392KB - Virtual size: 392KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 197KB - Virtual size: 1.6MB

.rsrc
Size: 133KB - Virtual size: 132KB

.reloc
Size: 1024B - Virtual size: 820B