5c9150e87cd82606483be69400d89db97171aa6dfbe1eb829ba73aa23f5700e4

Sharing

Copy URL

Twitter E-mail

General

Target

5c9150e87cd82606483be69400d89db97171aa6dfbe1eb829ba73aa23f5700e4
Size

336KB
MD5

ee2c91d89897e4d2f4c2865cb7315798
SHA1

0a1fff66df61c96d878a2c4b58adbfb41f55b1c8
SHA256

5c9150e87cd82606483be69400d89db97171aa6dfbe1eb829ba73aa23f5700e4
SHA512

75fc5b71c2f454192a2d65918345e6e8f2ee55c9a8ec41501c434bb85616a42b7e61a060ff0dd2bb97b65ddee4cc9b4ccadf59347000c8c521f4e6cc3b698f20
SSDEEP

6144:j2EeGfzPHr2eXL1lCy6Jpuxh3qXLU7OvNEy0U0vjcKrxc8Y776ZKo7YC:j2EZzPHr2ML3Cy6JpuL3YU7OvNEyuV/D

Score

N/A

Malware Config

Signatures

Files

5c9150e87cd82606483be69400d89db97171aa6dfbe1eb829ba73aa23f5700e4
.exe windows x86

48050a86e53e2bee3873a1870717e0fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessMemoryInfo
EnumProcessModules
GetModuleBaseNameA
EnumProcesses

ftsclient

FTS_OpenConn
FTS_ExecSql
FTS_GetSystemInfo
FTS_CheckServer
FTS_CloseSql
FTS_GetTableInfoByName
FTS_GetTableHandle
FTS_CloseConn

mpr

WNetAddConnection2A
WNetCancelConnection2A

kernel32

EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GlobalDeleteAtom
FreeLibrary
GetCurrentThreadId
GetCurrentThread
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
SetThreadPriority
GetFileAttributesA
GetFileSize
GetFileTime
lstrcmpW
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
FlushFileBuffers
LoadLibraryA
UnlockFile
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
GetCPInfo
GetOEMCP
VirtualProtect
VirtualQuery
RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitThread
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
SetErrorMode
GetProcAddress
lstrcpyA
lstrcatA
SetLastError
GlobalLock
GlobalUnlock
CreateWaitableTimerA
CancelWaitableTimer
SetWaitableTimer
ExitProcess
CreateProcessA
TerminateProcess
DeleteFileA
ResetEvent
SuspendThread
ResumeThread
lstrcpynA
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
CopyFileA
MoveFileA
SetFileAttributesA
RemoveDirectoryA
CreateToolhelp32Snapshot
Process32First
Process32Next
GetPrivateProfileStructA
WritePrivateProfileStructA
FindFirstFileA
FindClose
FindNextFileA
GetPrivateProfileStringA
ReadFile
CreateFileA
SetFilePointer
WriteFile
SetEndOfFile
GetDriveTypeA
CreateDirectoryA
OpenProcess
FindResourceA
LoadResource
LockResource
SizeofResource
LocalAlloc
GetTickCount
GlobalAlloc
GlobalFree
FormatMessageA
LocalFree
WaitForSingleObject
GetCommandLineA
GetModuleHandleA
GetQueuedCompletionStatus
InterlockedIncrement
ReleaseSemaphore
CreateEventA
CreateSemaphoreA
CreateIoCompletionPort
GetSystemInfo
InterlockedExchangeAdd
CompareStringW
CompareStringA
CreateThread
Sleep
InterlockedDecrement
GetModuleFileNameA
GetPrivateProfileIntA
WritePrivateProfileStringA
HeapFree
GetProcessHeap
HeapAlloc
TerminateThread
GetExitCodeThread
CloseHandle
SetEvent
PostQueuedCompletionStatus
WaitForMultipleObjects
VirtualAlloc
VirtualFree
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LockFile

user32

SetWindowTextA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetCursor
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsWindowEnabled
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
EnableWindow
SetForegroundWindow
GetClientRect
GetMenu
GetSysColor
AdjustWindowRectEx
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
PtInRect
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
ShowWindow
DestroyMenu
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
UnregisterClassA
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
FindWindowA
EnumChildWindows
GetClassNameA
GetWindowRect
SendMessageA
CopyRect
GetParent
wsprintfA
MessageBoxA
CharUpperA
GetClassInfoA

gdi32

ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
CreateBitmap
DeleteDC
TextOutA
ScaleWindowExtEx
SetWindowExtEx
SetBkColor
GetDeviceCaps
GetStockObject
GetClipBox
SetTextColor
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

StartServiceA
RegQueryValueA
RegEnumKeyA
CreateProcessAsUserA
ImpersonateLoggedOnUser
OpenProcessToken
QueryServiceConfigA
LockServiceDatabase
ChangeServiceConfigA
UnlockServiceDatabase
RegCreateKeyExA
RegDeleteValueA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegCloseKey
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
SetServiceStatus
RegOpenKeyA
RegQueryValueExA

comctl32

ord17

shlwapi

UrlUnescapeA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

ole32

CoUninitialize
CoInitialize

oleaut32

VarDateFromStr
VariantClear
VariantChangeType
VariantInit

wininet

InternetGetLastResponseInfoA
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetCloseHandle
HttpQueryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryDataAvailable

ws2_32

WSAStartup
WSASocketA
htons
WSAAccept
listen
__WSAFDIsSet
select
recv
send
inet_ntoa
gethostbyname
gethostname
socket
connect
inet_addr
bind
WSAGetLastError
WSARecv
WSASend
WSACleanup
closesocket

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48050a86e53e2bee3873a1870717e0fd

Headers

File Characteristics

Imports

psapi

ftsclient

mpr

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

wininet

ws2_32

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 4KB - Virtual size: 3KB