fc5727b0766d3d93e3b5025012345688

Sharing

Copy URL

Twitter E-mail

General

Target

fc5727b0766d3d93e3b5025012345688
Size

1.1MB
MD5

fc5727b0766d3d93e3b5025012345688
SHA1

718ffd98f4dd1cbc4da1ea7ac9433a58e548d487
SHA256

c6e8f0386f51dbd3f59a9cc85ac37d172be5b7001e0c49754b7b5959c79fce81
SHA512

e884de5c98ab7bb9eced6be192ceefe836d864ed43f9372eb82c94eafd5205bd952f9de0d370c0e9075aba9b36f1766cfbd9621668ab1aa174006c27ed028352
SSDEEP

24576:nqrCuAzHqZZezMjvArEPgsdYyxzK/RQluhqxIWDWE8iXZd:qczQ+eud35IVIWD1XZd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc5727b0766d3d93e3b5025012345688

Files

fc5727b0766d3d93e3b5025012345688
.exe windows:2 windows x86 arch:x86

bc45cac95ebfd754b0271f86b625ffd5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

EndPaint
DispatchMessageA
BeginPaint
DestroyWindow
UpdateWindow
CreateWindowExA
DefWindowProcA
GetMessageA
TranslateMessage
ShowWindow
RegisterClassA
SendMessageA

adsldpc

SchemaAddRef
LdapGetValues
LdapReadAttributeFast
MapADSTypeToLDAPType
ADsDecodeBinaryData
ADsAbandonSearch
BuildADsPathFromParent
LdapcKeepHandleAround
ADsGetFirstRow
ADSICloseSearchHandle
ReadSecurityDescriptorControlType
ReadServerSupportsIsADControl
ADsWriteAttributeDefinition
LdapSearch
LdapSearchExtS
InitObjectInfo
LdapNextEntry
AdsTypeToLdapTypeCopyConstruct
ADsExecuteSearch
GetDomainDNSNameForDomain
GetDisplayName
ADsCreateDSObject
LdapMemFree
ADsGetPreviousRow
LdapNextAttribute
ADsDeleteDSObject
AdsTypeToLdapTypeCopyTime
LdapDeleteExtS
ADsGetNextRow
FindEntryInSearchTable
ADSIDeleteDSObject
ADsEnumAttributes
ADSICloseDSObject
ADSIExecuteSearch
LdapTypeBinaryToString
GetDefaultServer
LdapControlFree
LdapValueFree
ADsSetSearchPreference
ReadPagingSupportedAttr
ADsWriteClassDefinition

kernel32

ConnectNamedPipe
WaitForMultipleObjects
CreateEventA
GetProcessHeap
SetEvent
GetSystemTimeAsFileTime
CreateFileA
GetSystemTimeAdjustment
ReadFileScatter
WriteFileEx
HeapDestroy
CreateNamedPipeA
GetSystemTime
HeapFree
DisconnectNamedPipe
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
InterlockedPushEntrySList
HeapAlloc
OpenEventA
SetFirmwareEnvironmentVariableA
GetSystemTimes
WaitNamedPipeA
CloseHandle
InitializeCriticalSection
VirtualAlloc
GetLastError
VirtualFree
InterlockedPopEntrySList
ReadFile
HeapCreate
InterlockedFlushSList
ExitProcess

Sections

.text
Size: 924KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc45cac95ebfd754b0271f86b625ffd5

Headers

DLL Characteristics

File Characteristics

Imports

user32

adsldpc

kernel32

Sections

.text Size: 924KB - Virtual size: 924KB

.data Size: 114KB - Virtual size: 113KB

.rsrc Size: 69KB - Virtual size: 3.2MB

.text
Size: 924KB - Virtual size: 924KB

.data
Size: 114KB - Virtual size: 113KB

.rsrc
Size: 69KB - Virtual size: 3.2MB