bc694213045a63ddde56791b15e8ecc4ca45774b3261d39fcf32549c4926c473

Sharing

Copy URL Twitter E-mail

General

Target

bc694213045a63ddde56791b15e8ecc4ca45774b3261d39fcf32549c4926c473
Size

835KB
MD5

f5da1d0b84109728e3ba494dcb57ec60
SHA1

bbaf21c99792b640d9c67e1eb706ff9f3f6cf6b6
SHA256

bc694213045a63ddde56791b15e8ecc4ca45774b3261d39fcf32549c4926c473
SHA512

9ea2cff535b8342386d566f4682d6e61ced7d7de2c057584abdb6fbecbf9dd221e99191f000b24090f346fe683b34e87e0ed75b7309ba90995e816871147ce77
SSDEEP

24576:zY6rR0egHkwkFxLYJtyOdSG1NqC+p5lQvjo:zMvHmYKQSG9+pE

Score

N/A

Malware Config

Signatures

Files

bc694213045a63ddde56791b15e8ecc4ca45774b3261d39fcf32549c4926c473
.exe windows x86

326ee6957ed106f5cbed7a3b5b7d4f79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
SetErrorMode
_hwrite
GetSystemTime
RtlZeroMemory
ConvertDefaultLocale
Thread32First
EnumSystemCodePagesA
GlobalCompact
FillConsoleOutputCharacterW
GetLongPathNameA
SetComputerNameW
GetCalendarInfoA
GlobalWire
ExitProcess
SetThreadAffinityMask
GetModuleHandleA
SetConsoleActiveScreenBuffer
LoadLibraryA
CreateTapePartition
TzSpecificLocalTimeToSystemTime
OpenJobObjectW
SetClientTimeZoneInformation
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfoExA
SetFirmwareEnvironmentVariableA
FoldStringA
QueryPerformanceCounter
EnumDateFormatsExW
WriteTapemark
GetStartupInfoA

ws2_32

closesocket
WSANtohs
inet_ntoa
WSAGetServiceClassInfoW
WSASetEvent
WEP
getsockopt
WSCWriteProviderOrder
WSASetServiceA
WSAIsBlocking
WSAGetOverlappedResult
recv
WSAAsyncGetProtoByName
WSASendTo
WSAProviderConfigChange
listen
socket
WSCDeinstallProvider
WSACancelBlockingCall
WSCInstallProvider
connect
WSASocketA
getprotobynumber
WSCInstallNameSpace
ntohl

cfgmgr32

CM_Get_Device_ID_List_Size_ExW
CM_Get_Device_ID_List_SizeW
CM_Enumerate_Classes_Ex
CM_Add_ID_ExA
CM_Uninstall_DevNode_Ex
CM_Get_Class_NameW
CM_Enumerate_Enumerators_ExA
CM_Move_DevNode_Ex
CM_Get_Device_Interface_List_ExW
CM_Request_Eject_PC_Ex
CM_Get_Device_Interface_Alias_ExW
CM_Set_HW_Prof_FlagsW
CM_Register_Device_InterfaceW
CM_Get_Sibling
CM_Locate_DevNode_ExA
CM_Get_Device_Interface_List_SizeA
CM_Uninstall_DevNode
CM_Get_Next_Log_Conf_Ex
CM_Get_Next_Log_Conf
CM_Enumerate_EnumeratorsW
CM_Setup_DevNode
CM_Get_First_Log_Conf
CM_Delete_Range
CM_Get_HW_Prof_FlagsA
CM_Query_Remove_SubTree
CM_Get_Device_ID_ListW
CMP_RegisterNotification
CM_Get_Hardware_Profile_InfoW
CM_Intersect_Range_List
CM_Get_Resource_Conflict_DetailsA

imagehlp

SearchTreeForFile
ImageRvaToSection
SymUnDName
SymFromName
SymUnDName64
ImageDirectoryEntryToData
SymCleanup
UpdateDebugInfoFile
SymEnumSymbols
UnMapAndLoad
ImageUnload
SymGetSymNext64
SymGetModuleInfoW64
SymGetSymFromAddr64
FindExecutableImage
SymGetModuleBase64
ImageRvaToVa
ImageGetCertificateData
ImagehlpApiVersionEx
StackWalk64
SymLoadModule
SymEnumTypes
SymGetSymPrev
SymGetLineFromAddr64
SymGetLineFromAddr
SymGetLineFromName64
RemoveRelocations
SymGetLineFromName
EnumerateLoadedModules
SymUnloadModule64
SymMatchString
RemovePrivateCvSymbolicEx

wldap32

ldap_explode_dnA
ldap_start_tls_sW
ldap_parse_extended_resultA
ldap_search_init_pageW
ldap_first_entry
ldap_rename_ext
ldap_get_values_lenW
ldap_memfreeW
ldap_search_stA
ldap_get_next_page
ldap_parse_referenceA
ldap_set_option
ber_init
ldap_ufn2dn
ldap_control_free
ldap_sasl_bindW
ldap_modify
ldap_close_extended_op
ldap_control_freeW
ldap_get_dnW
ldap_set_optionW
ber_bvdup
ldap_rename_ext_sW
ldap_set_optionA
ldap_count_entries
ldap_get_values_len
ldap_get_optionW
ldap_cleanup
ldap_connect
ldap_rename_extW
ldap_simple_bindA
ldap_get_values_lenA
ldap_first_attributeA
ldap_controls_free
ldap_simple_bind_sA

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

326ee6957ed106f5cbed7a3b5b7d4f79

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

cfgmgr32

imagehlp

wldap32

Sections

.text Size: 403KB - Virtual size: 403KB

.rdata Size: 153KB - Virtual size: 153KB

.data Size: 188KB - Virtual size: 1.5MB

.rsrc Size: 87KB - Virtual size: 87KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 403KB - Virtual size: 403KB

.rdata
Size: 153KB - Virtual size: 153KB

.data
Size: 188KB - Virtual size: 1.5MB

.rsrc
Size: 87KB - Virtual size: 87KB

.reloc
Size: 1KB - Virtual size: 1KB