c9bf2862a49ddd1eb93743c6ce2e771abcf093f79ee49e2dce2292a4b59bc296

Sharing

Copy URL Twitter E-mail

General

Target

c9bf2862a49ddd1eb93743c6ce2e771abcf093f79ee49e2dce2292a4b59bc296
Size

854KB
MD5

b1ef9b7ad8df874dab08077d2eff92b3
SHA1

8cdd8c75de0570a292903e4f252cd31b296f70a3
SHA256

c9bf2862a49ddd1eb93743c6ce2e771abcf093f79ee49e2dce2292a4b59bc296
SHA512

0456d8cab842e82421c4b7e6b6d047a21a6834e39093359f60853cc33be732bf1102e28d1c803b9d110903044517e482def406604748813025b9be0830de0765
SSDEEP

24576:X10kzs2FpcdzdsNbrHc6dxWe2wbu8rBwDU:XCyrgdsN/HpQwbu8rB

Score

N/A

Malware Config

Signatures

Files

c9bf2862a49ddd1eb93743c6ce2e771abcf093f79ee49e2dce2292a4b59bc296
.exe windows x86

fbf74436b698bf74ac94a3dc24d4625f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wldap32

ldap_openA
ldap_search_stA
ldap_parse_sort_controlW
cldap_openA
ldap_value_free_len
ldap_close_extended_op
ldap_parse_sort_controlA
ldap_modrdn2_s
ldap_delete
ldap_parse_vlv_controlA
ldap_add_sW
ldap_add_ext_sW
ber_first_element
ldap_modify_extA
ldap_compare_ext_sW
LdapMapErrorToWin32
ldap_controls_free
ldap_controls_freeW
ldap_value_freeA
ldap_modify
ldap_openW
ldap_connect
ldap_search_s

kernel32

RtlCaptureStackBackTrace
SetLocalPrimaryComputerNameW
RemoveDirectoryA
GetStringTypeW
HeapCreate
EnumSystemGeoID
GetEnvironmentStringsW
PrepareTape
VirtualAlloc
GetACP
lstrcmpW
SwitchToFiber
SetFirmwareEnvironmentVariableW
GetQueuedCompletionStatus
GetShortPathNameA
DeleteFileA
LoadLibraryA
SetPriorityClass
SetCommConfig
GetDevicePowerState
GetSystemInfo
GetDefaultCommConfigA
GlobalHandle
TlsSetValue

activeds

ADsEncodeBinaryData
ADsBuildVarArrayInt
AdsFreeAdsValues
ADsSetLastError
ConvertSecurityDescriptorToSecDes
ADsGetLastError
ADsBuildEnumerator
BinarySDToSecurityDescriptor
AllocADsMem
PropVariantToAdsType2
ConvertSecDescriptorToVariant
PropVariantToAdsType
FreeADsStr
ADsGetObject
ReallocADsMem
ReallocADsStr
ADsBuildVarArrayStr
AllocADsStr
FreeADsMem
ADsFreeEnumerator
AdsTypeToPropVariant2
ADsEnumerateNext
ADsOpenObject

rasapi32

RasGetEntryPropertiesW
RasSetAutodialAddressW
RasSetEapUserDataW
RasCreatePhonebookEntryW
RasGetEntryHrasconnW
RasGetAutodialAddressW
DwRasUninitialize
RasGetAutodialParamA
RasClearLinkStatistics
RasEnumDevicesA
RasEnumDevicesW
RasGetAutodialParamW
RasHangUpW
RasGetEapUserDataA
RasEnumAutodialAddressesW
RasSetAutodialEnableA
RasInvokeEapUI
RasGetCountryInfoW
RasSetAutodialParamW
DwEnumEntryDetails
RasEnumEntriesA
RasConnectionNotificationA
RasEnumConnectionsW
RasGetEapUserIdentityW
RasDeleteEntryW

Sections

.text
Size: 755KB - Virtual size: 755KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbf74436b698bf74ac94a3dc24d4625f

Headers

DLL Characteristics

File Characteristics

Imports

wldap32

kernel32

activeds

rasapi32

Sections

.text Size: 755KB - Virtual size: 755KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 755KB - Virtual size: 755KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB