deee243bd27034f4224d94708474553b063d73316e4e65717af1cd8b10ade725

Sharing

Copy URL

Twitter E-mail

General

Target

deee243bd27034f4224d94708474553b063d73316e4e65717af1cd8b10ade725
Size

224KB
MD5

35d3ee47ed882248bfe1c7c220d56c20
SHA1

5690ead9d2b3263911c081f81e61b72491eb91ae
SHA256

deee243bd27034f4224d94708474553b063d73316e4e65717af1cd8b10ade725
SHA512

bb43aaaf11aed5c25a7b788c3b83f6f186c4996c015ab8f0977012f3fae471e228d73a4d9e0c89c938362026ed925caedda7fc7dcce0f6010e45270ffc5ac356
SSDEEP

6144:6V3OBuvHZYQXWxvlEWOP3DuWQejmi1zopQvOFEduEGQjm:6V35PZqvDA51zlDjm

Score

N/A

Malware Config

Signatures

Files

deee243bd27034f4224d94708474553b063d73316e4e65717af1cd8b10ade725
.exe windows x86

976bd6bd4e9117e9ac7d679bab8a690b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

SymGetModuleBase
SymGetModuleInfo
StackWalk
SymFunctionTableAccess
SymInitialize
SymSetOptions
SymUnDName
SymGetSymFromAddr
SymCleanup

odbc32

ord2
ord16
ord142
ord5
ord150
ord3
ord145
ord51
ord139
ord107
ord141
ord9
ord1
ord14
ord110
ord23
ord111
ord106
ord13
ord43

odbcbcp

ord9
ord12
ord4
ord8
ord18

sqlwoa

_GetComputerName@8
_FormatMessage@28
_CreateFile@28
_LoadString@16
_GetVersionEx@4
_DeleteFile@4

atl

ord32
ord16
ord17
ord20
ord23
ord18
ord22

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCommandLineA
ReadFile
CreateFileMappingA
LoadLibraryExA
LocalFree
GetSystemDefaultLangID
GetLastError
CloseHandle
CreateEventA
ResetEvent
SetEvent
WaitForMultipleObjects
CreateThread
WaitForSingleObject
MultiByteToWideChar
SetFilePointer
GetStdHandle
ReleaseMutex
WriteFile
WideCharToMultiByte
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
FormatMessageA
LoadLibraryA
lstrlenA
lstrcatA
lstrcpyA
ExpandEnvironmentStringsA
lstrlenW
GetSystemInfo
GetProcAddress
GetFileSize
UnmapViewOfFile
MapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
GetLocalTime
GetTickCount
HeapFree
FlushFileBuffers
ReadProcessMemory
HeapAlloc
GetProcessHeap
GetCurrentProcess
GetEnvironmentVariableA
CreateFileA
QueryPerformanceFrequency
GlobalMemoryStatus
GetVersionExA
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
AllocConsole
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement

user32

MessageBoxA
wsprintfA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
MakeSelfRelativeSD
GetSecurityDescriptorLength
RegOpenKeyA
SetSecurityDescriptorDacl
GetTokenInformation
OpenProcessToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor

ole32

CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
CoCreateInstance

oleaut32

LoadRegTypeLi
SysFreeString
GetErrorInfo

msvcrt

fclose
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_strnicmp
wcschr
malloc
time
localtime
asctime
strchr
iswalpha
__set_app_type
__dllonexit
_onexit
??1type_info@@UAE@XZ
_controlfp
strstr
_iob
iswspace
freopen
wcscat
_wcsicmp
_wsplitpath
swscanf
wcscmp
wcsncmp
wprintf
??3@YAXPAX@Z
wcsncpy
_purecall
wcsstr
??2@YAPAXI@Z
wcscpy
wcslen
wcsrchr
_vsnwprintf
_wstrtime
swprintf
wcsncat
strncpy
_wstrdate
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_mbsrchr
strcpy
_CxxThrowException
_except_handler3
_beginthreadex
_wcsnicmp
free
sprintf
printf
_wcsdup
_wcslwr

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

976bd6bd4e9117e9ac7d679bab8a690b

Headers

File Characteristics

Imports

imagehlp

odbc32

odbcbcp

sqlwoa

atl

version

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 30KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 80KB - Virtual size: 80KB