3a6e1c37924b8a0a97020798815cf59762eef2977b5b2bd81b0bd5385f5cd4d9

Sharing

Copy URL

Twitter E-mail

General

Target

3a6e1c37924b8a0a97020798815cf59762eef2977b5b2bd81b0bd5385f5cd4d9
Size

362KB
MD5

63f9b8787767e1ab0f131bd36bcea880
SHA1

3c270dd22d652225e4f3b7cfd72e4d4bec138d5e
SHA256

3a6e1c37924b8a0a97020798815cf59762eef2977b5b2bd81b0bd5385f5cd4d9
SHA512

7be69485fd8333885482c1b1fa6b8fb34769811bda67501c8aa8c893fbc68a09c326e02c59fb5f382588d70c677e8a99b009755f369e5e71aedda9390c60d489
SSDEEP

6144:8dL30vgXyEcP0ZOthNCNmS9cTrgKg1lECIYBGILudVBhLHnv50JJQPPUeL6AVrie:oL30vgfc8ZwhNacE1SC4nBhLP5jkY6Ax

Score

N/A

Malware Config

Signatures

Files

3a6e1c37924b8a0a97020798815cf59762eef2977b5b2bd81b0bd5385f5cd4d9
.exe windows x86

d0b0b66208900849c72027e41e5d9b89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

IsProcessInJob
GetExitCodeProcess
DosPathToSessionPathW
SetConsoleKeyShortcuts
SetLocaleInfoA
SetEnvironmentVariableA
MapUserPhysicalPagesScatter
Module32FirstW
GetDriveTypeW
OpenSemaphoreA
GetModuleHandleA
EnumerateLocalComputerNamesW
UnlockFile
HeapCreate
CloseHandle
PeekNamedPipe
GetConsoleKeyboardLayoutNameW
SetTapePosition
GetProcessWorkingSetSize
WriteConsoleW
_llseek
GetCurrentActCtx
VirtualQueryEx
GetMailslotInfo
GetSystemDefaultLCID
GetLogicalDriveStringsA
GetConsoleDisplayMode
GetLocaleInfoW
GlobalHandle
HeapSummary
MulDiv
AddLocalAlternateComputerNameA
LocalAlloc
PrepareTape
CmdBatNotification
LocalSize
GetStringTypeExA
DeleteAtom
InterlockedDecrement
VirtualAlloc
LoadLibraryA
GetSystemTimeAsFileTime

sqlsrv32

ConnectDlgProc
SQLDescribeColW
SQLSetPos
SQLProceduresW
LibMain
BCP_sendrow
SQLGetDescRecW
ConfigDSNW
WizIntSecurityDlgProc
SQLGetConnectOptionW
SQLExecDirectW
SQLGetEnvAttr
SQLGetConnectAttrW
SQLGetTypeInfoW
SQLGetInfoW
SQLRowCount
BCP_colptr
SQLCancel
WizDatabaseDlgProc
BCP_moretext
SQLPrimaryKeysW
SQLSetDescRec
SQLDriverConnectW
SQLParamData
SQLColumnPrivilegesW
BCP_done
SQLDescribeParam
SQLMoreResults
SQLNativeSqlW
SQLGetDiagRecW
SQLBrowseConnectW
SQLNumResultCols
SQLProcedureColumnsW
SQLSetDescFieldW
BCP_getcolfmt
SQLBindCol
SQLNumParams
BCP_writefmt
SQLStatisticsW
TestDlgProc
SQLDebug

crtdll

_mbsinc
_cprintf
_except_handler2
ftell
_cwait
_spawnve
_mbsnset
_access
wcscpy
_ismbchira
_heapwalk
memset
??2@YAPAXI@Z
_ismbbgraph
difftime
fwrite
_ctype
_basemajor_dll
_CIcosh
_mktemp
setvbuf
_ismbslead
wcstoul
fputc
_mbstok
strerror
_fcloseall
_loaddll
strchr
_fileinfo_dll
_isctype
_putenv
ldexp
sprintf
_strset
strtok
rand
_XcptFilter
_statusfp
freopen
atexit
_setjmp
_tzname
strcat

clusapi

GetClusterResourceNetworkName
ClusterNetworkEnum
GetClusterResourceState
FailClusterResource
ClusterGroupGetEnumCount
ClusterResourceEnum
ClusterRegCloseKey
GetClusterNetworkId
ClusterGroupEnum
ClusterRegDeleteValue
SetClusterResourceName
DeleteClusterResourceType
SetClusterQuorumResource
CloseClusterResource
CloseClusterNetwork
GetClusterQuorumResource
OpenClusterNetInterface
CloseClusterNetInterface
ClusterRegEnumKey
GetClusterNetInterface
GetClusterFromNetwork
SetClusterName
PauseClusterNode
ClusterRegOpenKey
GetClusterNetInterfaceKey
GetClusterKey
OnlineClusterGroup
ClusterCloseEnum
GetClusterNetInterfaceState
BackupClusterDatabase
ClusterNetworkCloseEnum
RemoveClusterResourceNode
ClusterResourceGetEnumCount
DeleteClusterResource
GetClusterNodeState
ClusterNodeOpenEnum
GetClusterGroupKey
GetClusterGroupState

rpcns4

RpcNsMgmtEntryCreateA
RpcNsProfileDeleteW
RpcNsBindingSelect
RpcNsProfileDeleteA
RpcNsMgmtEntryInqIfIdsA
RpcNsBindingExportPnPW
RpcNsEntryExpandNameW
RpcNsGroupDeleteA
RpcNsBindingLookupDone
RpcNsGroupMbrInqNextW
RpcNsBindingLookupNext
RpcNsGroupMbrRemoveA
RpcNsMgmtBindingUnexportW
RpcNsBindingUnexportA
RpcNsProfileEltInqDone
RpcNsProfileEltInqBeginA
RpcNsProfileEltInqNextA
RpcNsGroupMbrInqDone
RpcNsGroupMbrAddW
RpcIfIdVectorFree
RpcNsMgmtHandleSetExpAge
RpcNsBindingImportBeginW
RpcNsEntryObjectInqBeginA
RpcNsGroupMbrInqNextA
RpcNsGroupMbrAddA
RpcNsMgmtInqExpAge
RpcNsMgmtEntryDeleteW
RpcNsBindingUnexportPnPW
RpcNsMgmtEntryCreateW
I_RpcNsGetBuffer
RpcNsMgmtSetExpAge
RpcNsProfileEltAddW
RpcNsBindingImportBeginA
RpcNsBindingUnexportW
RpcNsEntryExpandNameA
RpcNsBindingLookupBeginA
RpcNsGroupMbrRemoveW
RpcNsBindingExportW
RpcNsGroupDeleteW
RpcNsMgmtEntryDeleteA
RpcNsProfileEltRemoveA
RpcNsEntryObjectInqDone
RpcNsProfileEltRemoveW
I_RpcReBindBuffer
RpcNsProfileEltInqNextW

atl

AtlAxGetControl
AtlAxCreateControl
AtlModuleInit
AtlDevModeW2A
AtlAxCreateDialogW
AtlModuleUpdateRegistryFromResourceD
AtlModuleAddCreateWndData
AtlSetErrorInfo
AtlGetObjectSourceInterface
AtlHiMetricToPixel
AtlAxGetHost
AtlInternalQueryInterface
AtlModuleGetClassObject
AtlModuleRegisterWndClassInfoA
AtlCreateTargetDC
AtlPixelToHiMetric
AtlAxDialogBoxA
AtlModuleAddTermFunc
AtlUnadvise
AtlModuleUnregisterServer
AtlIPersistStreamInit_Save
AtlComQIPtrAssign
AtlFreeMarshalStream
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlAxAttachControl
AtlAxWinInit
DllGetClassObject
AtlModuleRegisterWndClassInfoW
AtlModuleLoadTypeLib
AtlAxCreateDialogA
AtlAxDialogBoxW
AtlModuleTerm
AtlIPersistPropertyBag_Load
AtlMarshalPtrInProc
AtlGetVersion
AtlModuleRegisterClassObjects
AtlModuleRegisterServer
AtlModuleUnregisterServerEx
AtlAdvise
AtlRegisterClassCategoriesHelper
AtlModuleUnRegisterTypeLib
AtlModuleRegisterTypeLib
AtlAxCreateControlEx

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0b0b66208900849c72027e41e5d9b89

Headers

File Characteristics

Imports

kernel32

sqlsrv32

crtdll

clusapi

rpcns4

atl

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 1KB - Virtual size: 454KB

.rsrc Size: 121KB - Virtual size: 121KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 1KB - Virtual size: 454KB

.rsrc
Size: 121KB - Virtual size: 121KB

.reloc
Size: 1024B - Virtual size: 1024B