579a6e5bbda716788c2b8a8c52c18f54a6151c7415c93e66d58caea33785caac

Sharing

Copy URL Twitter E-mail

General

Target

579a6e5bbda716788c2b8a8c52c18f54a6151c7415c93e66d58caea33785caac
Size

160KB
MD5

82d72cc50ec67b700808bf0c97c717d5
SHA1

ab1180c31439e8cd9f68d2e30267d2ccf112b1cc
SHA256

579a6e5bbda716788c2b8a8c52c18f54a6151c7415c93e66d58caea33785caac
SHA512

20ba437bb91fcbe3b21823bfa0cad3b2a3983681c4197e420660b9d8955c0cb4d07c72703d9f4fa46b2f622b55b819fad7de0d763276c889d1d078fe59cc05ba
SSDEEP

1536:5COPvO7+/gI5MIsGeTyKM8BzUOC6VkYqk1+4LQmLMssS2RAGBLopc3ai9sADHHFl:5CxF3IsGyMevzq6UmWS2RdopcK4sALl

Score

N/A

Malware Config

Signatures

Files

579a6e5bbda716788c2b8a8c52c18f54a6151c7415c93e66d58caea33785caac
.dll windows x86

0f947c9cff1a26e3bfe199fe3d097e47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
connect
htons
gethostname
recv
gethostbyname
socket
send

kernel32

GetFileTime
GetFileSize
GetFileAttributesA
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetTimeZoneInformation
SetErrorMode
LCMapStringA
LCMapStringW
TlsGetValue
SetLastError
GetVersion
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
InterlockedDecrement
InterlockedIncrement
Sleep
MultiByteToWideChar
lstrlenA
GetComputerNameA
GetUserDefaultLCID
lstrlenW
EnterCriticalSection
LocalReAlloc
TlsSetValue
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GlobalAlloc
FreeLibrary
lstrcmpA
GetCurrentThread
SetUnhandledExceptionFilter
lstrcatA
WideCharToMultiByte
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetHandleCount
GetStdHandle
GetACP

user32

LoadIconA
PostMessageA
SetWindowTextA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
TranslateMessage
ShowWindow
LoadStringA
LoadBitmapA
GetClassNameA
PtInRect
ClientToScreen
ReleaseDC
GetDC
TabbedTextOutA
GetMessageA
GrayStringA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
UnregisterClassA
GetClientRect
CopyRect
DrawTextA
MapWindowPoints
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
DestroyWindow
GetParent
GetWindowLongA
IsWindowVisible
GetDlgItem
IsWindowEnabled
SendMessageA
GetSystemMetrics
CharUpperA
wsprintfA
MessageBoxA
EnableWindow
RemovePropA
GetMessageTime
GetKeyState

gdi32

SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject
GetDeviceCaps
GetStockObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
RectVisible
TextOutA
PtVisible
Escape
ExtTextOutA
DeleteObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
ControlService
OpenSCManagerA
OpenServiceA
RegCloseKey
RegSetValueExA
StartServiceA
QueryServiceStatus
RegOpenKeyExA

comctl32

ord17

ole32

CoInitialize
CLSIDFromProgID
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

VariantClear
SysAllocString
GetErrorInfo

Exports

Exports

CappDBSetup
ConfigGlobalFile
CreateDatabase
CreateLogin
DeleteDatabase
GetCompName
GetDbInfo
PdmDBSetup
PrintCenterDBSetup
ReplaceStr
StartService
StopService
ValidateDatabase
ValidateIMS
ValidateSQL

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f947c9cff1a26e3bfe199fe3d097e47

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 16KB - Virtual size: 12KB