c64ced79f981f4af42e5459f62c7c399480aa02eafda69a2f35bcc4984b84a6d

Sharing

Copy URL Twitter E-mail

General

Target

c64ced79f981f4af42e5459f62c7c399480aa02eafda69a2f35bcc4984b84a6d
Size

126KB
MD5

9d71d43c0cd496e77fbce4ff749ef2fe
SHA1

4e4526c562c7d14d4660209a8182c69ab028b9e5
SHA256

c64ced79f981f4af42e5459f62c7c399480aa02eafda69a2f35bcc4984b84a6d
SHA512

fc2f76c7a6a94cce021c2dbbba7ae2d7e88a65d6004618ec37edb76b7acd60fc15e23297e43e2fa876c8b23572bee8c187fb5f618fa16bf36ccffa6561da5b19
SSDEEP

3072:I/SmUjR3JjCP06LVN3TuJxDt2bm12EstfyvJ4ou3BVIHMCQJf:NmUjfGWJ1tb1ody7QIHMC2

Score

N/A

Malware Config

Signatures

Files

c64ced79f981f4af42e5459f62c7c399480aa02eafda69a2f35bcc4984b84a6d
.exe windows x86

3a22bb6c66ac2b25fc0d3e3e014cfe23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt20

?gbump@streambuf@@IAEXH@Z
??0ostream_withassign@@QAE@PAVstreambuf@@@Z
?seekoff@streambuf@@UAEJJW4seek_dir@ios@@H@Z
?oct@@YAAAVios@@AAV1@@Z
_ismbblead
_chdrive
??_Dostrstream@@QAEXXZ
?in_avail@streambuf@@QBEHXZ
_pipe
perror
??6ostream@@QAEAAV0@E@Z
_mbsnbicmp
_itow
wcstoul
_tcsspn
?sync@filebuf@@UAEHXZ
_CIsin
??0stdiostream@@QAE@ABV0@@Z
_rmdir
??0fstream@@QAE@PBDHH@Z
wcsftime
??_Dofstream@@QAEXXZ
?setmode@ifstream@@QAEHH@Z

kernel32

FindResourceA
BuildCommDCBAndTimeoutsA
GetGeoInfoA
DeviceIoControl
GetNumaHighestNodeNumber
OpenFileMappingW
GetComputerNameA
DosPathToSessionPathA
SetConsoleCursor
TerminateThread
EnumSystemCodePagesA
LZRead
FatalAppExitA
DeleteVolumeMountPointW
CompareStringA
WriteConsoleOutputCharacterA
FreeEnvironmentStringsW
QueueUserWorkItem
WriteProfileStringA
BaseCheckAppcompatCache
BindIoCompletionCallback
GetDateFormatA
ReadConsoleInputW
Sleep
WTSGetActiveConsoleSessionId
GetNumberFormatW
ReadProcessMemory
CreateHardLinkW
GetProcessPriorityBoost
SetLocaleInfoW
FindNextVolumeMountPointW
EndUpdateResourceW
CreateDirectoryExA
HeapWalk
SetConsoleCtrlHandler
LocalShrink
EnumResourceLanguagesW
RtlMoveMemory
CreatePipe
VirtualAlloc

opengl32

wglCopyContext
glPolygonOffset
GlmfEndGlsBlock
glAlphaFunc
glDisableClientState
glDrawPixels
glEvalCoord2dv
glColor3d
wglRealizeLayerPalette
glTexCoord2d
glTexCoord2f
glPixelStoref
glMapGrid1d
glEvalCoord1f
glColor4ubv
glColorPointer
glStencilFunc
glRasterPos2dv
glNormal3fv
glTexCoord1s
glTexCoord4fv
glColor3s
glBlendFunc
glPolygonMode
glFogfv
wglUseFontBitmapsA
glDepthMask
glShadeModel
glIndexMask
glVertex3sv
wglGetCurrentContext

dssenh

CPGetHashParam
CPExportKey
CPDuplicateHash
CPGenRandom
CPGetProvParam
CPCreateHash
CPAcquireContext
CPHashSessionKey
CPImportKey
CPGenKey
CPEncrypt
CPGetKeyParam
DllRegisterServer
CPVerifySignature
CPSetHashParam
CPSetProvParam
CPDestroyHash
CPDestroyKey
CPSetKeyParam
CPDuplicateKey
CPReleaseContext
DllUnregisterServer
CPSignHash
CPGetUserKey
CPHashData
CPDecrypt
CPDeriveKey

mfcsubs

??M@YG_NABVCString@@0@Z
?GetNextAssoc@CMapStringToPtr@@QBEXAAPAU__POSITION@@AAVCString@@AAPAX@Z
??4CString@@QAEABV0@PBD@Z
??1CSyncObject@@UAE@XZ
?AfxA2WHelper@@YGPAGPAGPBDH@Z
?FreeExtra@CString@@QAEXXZ
??YCString@@QAEABV0@D@Z
?Release@CString@@IAEXXZ
?ConcatCopy@CString@@IAEXHPBGH0@Z
?Lock@CCriticalSection@@QAEHXZ
??1CString@@QAE@XZ
?Empty@CString@@QAEXXZ
?AllocBeforeWrite@CString@@IAEXH@Z
??N@YG_NABVCString@@0@Z
?GetHashTableSize@CMapStringToPtr@@QBEIXZ
??_7CObject@@6B@
?GetBufferSetLength@CString@@QAEPAGH@Z
??ACString@@QBEGH@Z
??P@YG_NABVCString@@0@Z
?MakeReverse@CString@@QAEXXZ
??$HashKey@PBD@@YGIPBD@Z
?ConcatInPlace@CString@@IAEXHPBG@Z
?InitHashTable@CMapStringToPtr@@QAEXIH@Z
?GetUpperBound@CStringArray@@QBEHXZ
?GetAt@CString@@QBEGH@Z
??BCCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
??$CopyElements@VCString@@@@YGXPAVCString@@PBV0@H@Z
??_7CStringArray@@6B@
?GetStartPosition@CMapStringToPtr@@QBEPAU__POSITION@@XZ

user32

EnumDisplaySettingsA
GetClassLongW
GetUserObjectInformationW
ReleaseCapture
SetProcessWindowStation
EndDeferWindowPos
ChangeMenuA
CreateDesktopA
EnterReaderModeHelper
IsCharAlphaNumericW
CharNextW
DdeAddData
CreateMenu
CreateMDIWindowA
WaitMessage
ChildWindowFromPointEx
MenuItemFromPoint
SetThreadDesktop
GetClientRect
CallWindowProcA
CliImmSetHotKey
GetAltTabInfoA
MonitorFromWindow
SetMessageQueue
LoadIconA
TranslateMessageEx
GetWindowModuleFileName
RegisterMessagePumpHook
GetClassNameA
GetWindowTextLengthW
GetKeyboardState
GetMonitorInfoA

msvcp60

??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0bad_alloc@std@@QAE@ABV01@@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIABV12@I@Z
?log10@std@@YA?AV?$complex@M@1@ABV21@@Z
_Snan
??1strstream@std@@UAE@XZ
?seekg@?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV12@JW4seekdir@ios_base@2@@Z
?is@?$ctype@G@std@@QBEPBGPBG0PAF@Z
_Tolower
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?max@?$numeric_limits@I@std@@SAIXZ
?_Getyes@_Locinfo@std@@QBEPBDXZ
?signaling_NaN@?$numeric_limits@J@std@@SAJXZ
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?sin@std@@YA?AV?$complex@M@1@ABV21@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGPAG0@Z
?_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ
?pow@std@@YA?AV?$complex@O@1@ABV21@0@Z
??0locale@std@@QAE@XZ
?open@?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEXPBDH@Z
?epsilon@?$numeric_limits@C@std@@SACXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
?epsilon@?$numeric_limits@G@std@@SAGXZ
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Cltab@?$ctype@D@std@@0PBFB
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?_Getmonths@_Locinfo@std@@QBEPBDXZ
??0?$messages@D@std@@QAE@I@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z

odbc32

SQLGetInfo
SQLGetData
SQLDriverConnectW
SQLExtendedFetch
SQLFetchScroll
SQLDisconnect
SQLForeignKeys
SQLStatisticsW
SQLBrowseConnectW
SQLSetStmtAttrA
SQLSetConnectOption
SQLDriverConnectA
CollectODBCPerfData
SQLNumParams
SQLProceduresA
SQLNativeSqlA
SQLExecDirect
SQLGetCursorName
SQLCancel
SQLSetConnectAttr
SQLFreeEnv
SQLPrimaryKeys
SQLGetDescRecA
SQLGetDiagRecA
SQLSetDescRec
SQLGetConnectAttrW
SQLSetConnectOptionW
SQLConnect
SQLCopyDesc
SQLColAttributeA
ValidateErrorQueue
SQLBrowseConnectA

odbccp32

SQLConfigDriver
SQLRemoveDriverManager
SQLRemoveDefaultDataSource
SQLGetTranslator
SQLWritePrivateProfileStringW
SQLInstallDriverExW
SQLConfigDriverW
SQLWritePrivateProfileString
SQLGetConfigMode
SQLCreateDataSource
SQLReadFileDSNW
SQLGetAvailableDriversW
SQLRemoveDSNFromIni
SQLInstallDriverManager
SQLInstallTranslatorExW
SelectTransDlg
SQLInstallODBCW
SQLInstallerError
SQLRemoveTranslatorW
SQLWriteFileDSNW
SQLGetInstalledDrivers
SQLRemoveDriver
SQLRemoveDriverW

dnsrslvr

SvchostPushServiceGlobals
ServiceMain

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3a22bb6c66ac2b25fc0d3e3e014cfe23

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt20

kernel32

opengl32

dssenh

mfcsubs

user32

msvcp60

odbc32

odbccp32

dnsrslvr

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 30KB - Virtual size: 33KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 30KB - Virtual size: 33KB