14833d90e142456ccaf88e200ae5ecede234bbf5424f0b6ad7ccad2eb7865c64

Sharing

Copy URL

Twitter E-mail

General

Target

14833d90e142456ccaf88e200ae5ecede234bbf5424f0b6ad7ccad2eb7865c64
Size

189KB
MD5

1f92c45c4c98819da94648146eb940d8
SHA1

c9a4093fd7362fdb462f523dc21fb8ec654bfba3
SHA256

14833d90e142456ccaf88e200ae5ecede234bbf5424f0b6ad7ccad2eb7865c64
SHA512

9879eac1a5a952cea8e21201db8c877433fe3dc8c0823450c4f1d7b5500d223b3577cea529ac4579390c008c070fc43de305fa2e4882d8b6b75c3eb913ef45dd
SSDEEP

3072:z1Aq/fOdbaVXYHpYoKSf0dV2i2w+87Ej/qTf8T6ER3g8No6ayBB3qLLXht5R11:5AqQbIof0dwvuETfQz6W1

Score

N/A

Malware Config

Signatures

Files

14833d90e142456ccaf88e200ae5ecede234bbf5424f0b6ad7ccad2eb7865c64
.exe windows x86

72af6e1764349eaf298e9eb8f8a091d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbctrac

TraceSQLBindCol
TraceSQLError
TraceSQLFetch

advapi32

OpenEventLogW
RegSaveKeyA
RegLoadKeyA
RegDeleteValueA
RegEnumKeyW
CryptSignHashW
IsTextUnicode
InitializeAcl
RegOpenKeyA
RegRestoreKeyA
RegReplaceKeyA
ReadEventLogA

certcli

CAEnumFirstCA
CACloseCA
CACloseCertType
CAEnumNextCA
CADeleteCA

kernel32

GetOEMCP
OpenMutexA
MoveFileA
CreateFileA
LoadLibraryExW
UnmapViewOfFile
Sleep
FindFirstFileA
GetCurrentThread
GetStdHandle
VirtualAllocEx
InterlockedIncrement
LoadLibraryW
CreateMailslotW
FindResourceA
GetACP
SetLocalTime
RemoveDirectoryW
CreateMutexW
GetFileAttributesA
GetLongPathNameW
GetModuleHandleA
TlsGetValue
ExitProcess
SearchPathW
AddAtomW

shell32

SHGetDesktopFolder
ShellAboutA
SHDefExtractIconA
SHFree
ExtractIconA
StrStrW
ShellMessageBoxA
SHGetMalloc
DragQueryFileA
DllRegisterServer

cmpbk32

PhoneBookLoad
PhoneBookEnumNumbers

shlwapi

UrlCreateFromPathA
UrlCombineA
UrlCanonicalizeA
PathCompactPathA
UrlCompareA
UrlIsA
UrlUnescapeA
PathIsRootA
UrlHashA
UrlEscapeA
UrlGetPartA
PathCommonPrefixA
UrlIsNoHistoryW
PathCombineA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.kdata
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 913B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloi
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72af6e1764349eaf298e9eb8f8a091d7

Headers

DLL Characteristics

File Characteristics

Imports

odbctrac

advapi32

certcli

kernel32

shell32

cmpbk32

shlwapi

Sections

.text Size: 23KB - Virtual size: 22KB

.kdata Size: 159KB - Virtual size: 159KB

.ldata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 913B

.reloi Size: 3KB - Virtual size: 3KB

.text
Size: 23KB - Virtual size: 22KB

.kdata
Size: 159KB - Virtual size: 159KB

.ldata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 913B

.reloi
Size: 3KB - Virtual size: 3KB