48a15682e2be52638496ccf1c66161f2

Sharing

Copy URL Twitter E-mail

General

Target

48a15682e2be52638496ccf1c66161f2
Size

75KB
MD5

48a15682e2be52638496ccf1c66161f2
SHA1

7adc8a678abd76cc7e3c897321ec0a4899a85b1e
SHA256

e2a09d582d50a8c3d00b7c05336117cb1f048a8d14464d74348783d0de911044
SHA512

6665756b2b2ca010de11eb2c7ecbb475e1798ae4508fe58974b0fe5e08802183466f25809e65c415973ab84d150ce90b3a671fa277a6113a410faab99068d21c
SSDEEP

768:c2Da4zNuMlr1mOqeKppZM2ZZsy3OfgXnXjL0K5nCzu0zJ4:q4ZF1CpZrZ6y3UgXnXjp5C/zy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48a15682e2be52638496ccf1c66161f2

Files

48a15682e2be52638496ccf1c66161f2
.dll windows:6 windows x86 arch:x86

4d88cd55c68a0888a324dc2e02c90884

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_purecall
_except_handler4_common
_adjust_fdiv
wcscat_s
wcscpy_s
wcstok
wcschr
_wcsicmp
memset
_amsg_exit
_wcsnicmp
swprintf_s
_XcptFilter
malloc
free
memcpy
swscanf_s

activeds

ord17
ord15
ord18
ord7
ord9
ord16
ord14

adsldpc

ADsObject
LdapGetSyntaxOfAttributeOnServer
FreeObjectInfo
LdapCompareExt
ChangeSeparator
BuildADsPathFromLDAPPath
ReadServerSupportsIsADControl
ADSIPrint
LdapModifyS
BuildLDAPPathFromADsPath2
ReadServerSupportsIsADAMControl
LdapCrackUserDNtoNTLMUser2
GetDefaultServer
LdapReadAttributeFast
LdapValueFree
LdapCloseObject
LdapOpenObject

wldap32

ord12

netapi32

NetUserChangePassword
NetUserSetInfo

ole32

CoCreateInstance

winspool.drv

GetPrinterW
OpenPrinterW
SetPrinterW
ClosePrinter

advapi32

SystemFunction040
LogonUserW
RevertToSelf
ImpersonateLoggedOnUser
SystemFunction041

kernel32

GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalFree
LocalAlloc
GetSystemTime
GetLastError
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
CompareStringW
InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcAddress
LeaveCriticalSection
GetSystemDirectoryW
LoadLibraryW
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
FormatMessageW
FileTimeToDosDateTime
DosDateTimeToFileTime
RaiseException
EnterCriticalSection

oleaut32

SafeArrayGetElement
VariantInit
SafeArrayGetLBound
VariantTimeToDosDateTime
SafeArrayGetUBound
SysFreeString
DosDateTimeToVariantTime
CreateErrorInfo
SysAllocString
SetErrorInfo
DispInvoke
LoadRegTypeLi
DispGetIDsOfNames
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
VariantClear

secur32

LsaCallAuthenticationPackage
LsaLookupAuthenticationPackage
LsaConnectUntrusted
LsaDeregisterLogonProcess
LsaFreeReturnBuffer

ntdll

RtlInitString
RtlInitUnicodeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d88cd55c68a0888a324dc2e02c90884

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

activeds

adsldpc

wldap32

netapi32

ole32

winspool.drv

advapi32

kernel32

oleaut32

secur32

ntdll

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 66KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB