7bd393831751119cd1741d9e741682ea7ce5cc17866e9090398fcc59002199ce

Sharing

Copy URL Twitter E-mail

General

Target

7bd393831751119cd1741d9e741682ea7ce5cc17866e9090398fcc59002199ce
Size

688KB
MD5

6720743e3de06bbc041efb76cfe02a60
SHA1

f27e3e850b6030e9be0cb0228d1b67ae3cc28f57
SHA256

7bd393831751119cd1741d9e741682ea7ce5cc17866e9090398fcc59002199ce
SHA512

2feaafacc29f1105cb1b368e89354e306aaac8e110ee4bfdbf521f3749d5d9134ff86d9e74c585fda9008b3beae29af9cf81ae260aba7d50d9cf3bed37584a95
SSDEEP

12288:ac9bmIq/+dg4/k7k6ZrDTXK1WpJ9mqbqN+lRIr71mf52XXPe0oXQn:ZJI+dg4c7ZBaA3s4qNGE7m5iPe0

Score

N/A

Malware Config

Signatures

Files

7bd393831751119cd1741d9e741682ea7ce5cc17866e9090398fcc59002199ce
.exe windows x86

2d83376b2a13a9b3e33bc577cf38d015

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SystemFunction029
RegOpenKeyA
AddAccessAllowedAce
LsaQueryTrustedDomainInfoByName
RegConnectRegistryW
AdjustTokenPrivileges
RegQueryMultipleValuesA
CreateProcessAsUserW
WmiReceiveNotificationsW
RegEnumValueA
GetServiceDisplayNameA
CreateRestrictedToken
CryptSetHashParam
QueryServiceLockStatusA
SetSecurityInfo
RegSetValueA
CryptAcquireContextA
IsValidSid
DecryptFileW

oleaut32

VariantChangeType
SysStringLen
VariantChangeTypeEx
SafeArrayCreate
SysAllocStringLen
VariantCopyInd
SysFreeString
VariantInit
SysAllocStringByteLen
GetErrorInfo
GetActiveObject
SafeArrayGetLBound
SafeArrayPtrOfIndex
VariantClear
SysReAllocStringLen
VariantCopy

kernel32

SetConsoleTitleW
GetCompressedFileSizeA
InterlockedExchange
AllocConsole
GetSystemWindowsDirectoryA
VirtualAlloc
FreeEnvironmentStringsA
GetProfileIntA
GetDateFormatW
GetCPInfo
LocalLock
DeviceIoControl
GetWindowsDirectoryA
FindAtomW
HeapWalk
FoldStringW
SetDefaultCommConfigW
CancelIo
IsValidCodePage
FillConsoleOutputCharacterW
GetStdHandle
DefineDosDeviceA
IsBadHugeWritePtr
UnhandledExceptionFilter
TlsFree
LocalUnlock
InterlockedIncrement
LocalFree

rasapi32

RasFreeEapUserIdentityW
RasGetHport
RasDialW
RasEnumConnectionsA
RasGetEapUserIdentityW
RasSetSubEntryPropertiesW
RasGetCredentialsW
RasGetConnectStatusW
RasSetEntryPropertiesW
RasGetAutodialAddressW
RasGetEntryDialParamsW
RasSetAutodialAddressW
RasGetEntryPropertiesW
RasConnectionNotificationW
RasSetEapUserDataA
RasEnumEntriesW
RasGetEntryHrasconnW
RasSetCustomAuthDataW
RasGetCustomAuthDataW

odbc32

CursorLibLockStmt
CursorLibLockDesc
CursorLibTransact
PostODBCComponentError
VRetrieveDriverErrorsRowCol
VFreeErrors
PostODBCError
LockHandle
SQLBrowseConnectA
CursorLibLockDbc
SearchStatusCode
ValidateErrorQueue

msvcrt

wcscat
_HUGE
_access
??_V@YAXPAX@Z
__winitenv
_CIsinh
vprintf
wcscpy
isxdigit
tmpnam
_endthread
_setjmp3
_statusfp
_endthreadex
_mbscspn
setbuf
iscntrl
_read
_makepath
_mbctolower
strrchr
_ltow
rand
getenv
_wcslwr
raise
_lock
_CItan
__badioinfo
fprintf
pow
_setmode
_mbslwr
log10
putchar
fopen
wcstol
printf
_wcsicmp
_spawnlp
_kbhit
__p__fmode
iswcntrl

Sections

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 555KB - Virtual size: 970KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d83376b2a13a9b3e33bc577cf38d015

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

oleaut32

kernel32

rasapi32

odbc32

msvcrt

Sections

.data Size: 5KB - Virtual size: 4KB

.text Size: 17KB - Virtual size: 432KB

.rdata Size: 555KB - Virtual size: 970KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 1024B - Virtual size: 198B

.data
Size: 5KB - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 432KB

.rdata
Size: 555KB - Virtual size: 970KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 1024B - Virtual size: 198B