f3fa443e3d2bc1d1f1449f98585b5d79a45fb8ca403eee23035164fac56c8719

Sharing

Copy URL Twitter E-mail

General

Target

f3fa443e3d2bc1d1f1449f98585b5d79a45fb8ca403eee23035164fac56c8719
Size

1.0MB
MD5

4e3b0b55b7128d5acbb5708db3ed652b
SHA1

12fd6d7b781018cbe4113b74af192c6dc5f5896c
SHA256

f3fa443e3d2bc1d1f1449f98585b5d79a45fb8ca403eee23035164fac56c8719
SHA512

694560314500f15c8180ab45d9012e4b2ff044bbb8b759809679b8f085e88dd24b86680364d6847821aea0a77fc6bfdc67dd4afa296272b5a3801bd0f5c12d60
SSDEEP

12288:6NxI0As7XkgkgIGmwg8ZujP86OIIZ4vt/0/B0cB9RLWvRlmFR+c2iveOFVx:6Nx2sbXifwgMugt2R4W/mP+bpO

Score

N/A

Malware Config

Signatures

Files

f3fa443e3d2bc1d1f1449f98585b5d79a45fb8ca403eee23035164fac56c8719
.exe windows x86

69f634cda868350daed20f4079756f9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

user32

DrawStateA
MessageBoxW
GetSysColor
ShowWindow
DestroyIcon
LoadMenuW
EnableWindow
ReleaseDC
LoadBitmapW
GetDlgCtrlID
SetWindowTextW
EnumPropsA
LoadIconW
ScreenToClient
SetMenu
GetMenu
SetWindowLongW
wsprintfW
LoadStringW
GetWindowLongW
GetSystemMetrics
GetCursorPos
InvalidateRect
GetDlgItem
PostMessageW
SendDlgItemMessageW
GetClientRect
GetSubMenu
GetParent
DlgDirListW
WinHelpW
EnableMenuItem
SystemParametersInfoW
GetWindowRect
RegisterClipboardFormatW
UnhookWindowsHookEx
GetDC
SetWindowsHookExW

advpack

DelNode

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

certcli

CAGetCertTypeExtensions
CACloseCertType
CAEnumFirstCA
CAFreeCAProperty
CAFreeCertTypeProperty
CAEnumNextCA
CAGetCertTypeProperty
CACloseCA
CAFindCertTypeByName
CAGetCAProperty
CACountCAs
CAGetCACertificate
CAGetCertTypePropertyEx
CAEnumCertTypes
CAEnumNextCertType
CAGetCertTypeFlags

kernel32

GetLastError
LoadLibraryW
ResetEvent
CompareFileTime
GetCommandLineW
EnterCriticalSection
GetModuleHandleW
ReadFile
CreateFileW
GetProcAddress
MapViewOfFileEx
GlobalAlloc
GetShortPathNameW
GetDateFormatW
OpenEventW
GetModuleHandleA
CreateEventW
GetComputerNameExW
GetSystemTime
MultiByteToWideChar
QueryPerformanceCounter
lstrcpynW
LoadLibraryA
InterlockedIncrement
GetCurrentProcess
FileTimeToSystemTime
GetFileTime
LocalAlloc
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetWindowsDirectoryW
SetEvent
DeleteCriticalSection
GlobalFree
GetUserDefaultLangID
lstrcmpiW
GetModuleFileNameW
CreateFileMappingW
FormatMessageW
FileTimeToLocalFileTime
GetFileSizeEx
InterlockedDecrement
SetUnhandledExceptionFilter
GlobalLock
FreeLibrary
GlobalUnlock
LeaveCriticalSection
InitializeCriticalSection
IsBadReadPtr
CloseHandle
UnhandledExceptionFilter
SetLastError
GetCurrentProcessId
GetFileSize
UnmapViewOfFile
IsBadWritePtr
SystemTimeToFileTime
LoadResource
GetComputerNameW
GetTimeFormatW
LocalFree
CompareStringW
lstrcpyW
MapViewOfFile
GetCurrentThreadId
GetTickCount
TerminateProcess
WaitForSingleObject
OutputDebugStringA
VirtualAlloc
GetVersionExW
lstrlenW

ntdsapi

DsFreeNameResultW
DsCrackNamesW
DsUnBindW
DsBindW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69f634cda868350daed20f4079756f9e

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

advpack

version

certcli

kernel32

ntdsapi

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 2.4MB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 309KB - Virtual size: 309KB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 65KB - Virtual size: 64KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 2.4MB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 309KB - Virtual size: 309KB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 65KB - Virtual size: 64KB