a2c46cb50361fba0962b7ca5f399f917a46d2ee735954120466b55c5051b5409

Sharing

Copy URL Twitter E-mail

General

Target

a2c46cb50361fba0962b7ca5f399f917a46d2ee735954120466b55c5051b5409
Size

692KB
MD5

631d2bd64ae2b7a2e06b640ee74afec0
SHA1

1f4783181750e93768f2005b9e4783958dcd7604
SHA256

a2c46cb50361fba0962b7ca5f399f917a46d2ee735954120466b55c5051b5409
SHA512

448d3f2e028de1755978a3d747a51b9d0a5eff42fa291911c7c91e5ed144c43c88799e1bbe631ca9712e206be348a5882f32a2a84077d13e2e8b05a3462d3340
SSDEEP

12288:0vQ8JJoUKqZA/BzMTVpOrQe4Sb+Vwz552gMPqHzl4HnNJ+GKMfPCXtqRxQd2:AQ8JJoUKKcI5pOUe4Sb+yH2yzl4t/KMh

Score

N/A

Malware Config

Signatures

Files

a2c46cb50361fba0962b7ca5f399f917a46d2ee735954120466b55c5051b5409
.exe windows x86

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

VFreeErrors
PostODBCError
SQLDriversA
SearchStatusCode
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
PostODBCComponentError
ValidateErrorQueue
LockHandle
CursorLibTransact
CursorLibLockDbc
CursorLibLockStmt

kernel32

InterlockedDecrement
OpenFile
CreateWaitableTimerA
CancelIo
Process32Next
HeapSize
SizeofResource
InterlockedExchange
GetVolumePathNameW
GetDiskFreeSpaceW
GetConsoleMode
SetCurrentDirectoryA
GetTempPathW
FindAtomW
UnlockFileEx
VirtualAlloc
VirtualProtectEx
WriteProcessMemory
SetFilePointerEx
OpenEventA

advapi32

CloseEncryptedFileRaw
LsaFreeMemory
QueryRecoveryAgentsOnEncryptedFile
ReportEventA
TreeResetNamedSecurityInfoW
RegisterTraceGuidsW
RegisterServiceCtrlHandlerExW
SystemFunction036
InitiateSystemShutdownW
WmiFileHandleToInstanceNameW
ObjectCloseAuditAlarmW
LookupPrivilegeNameW
SetSecurityDescriptorOwner
AreAnyAccessesGranted
AddUsersToEncryptedFile
RegSaveKeyW
EnableTrace
RegSetValueW
RegSetValueA
GetServiceKeyNameW
AddAuditAccessAce
TraceMessage
SetSecurityDescriptorSacl
CryptDeriveKey
AddAccessDeniedObjectAce
GetCurrentHwProfileA
GetSecurityDescriptorLength
IsWellKnownSid
ConvertSecurityDescriptorToStringSecurityDescriptorW
QueryServiceConfigW
GetFileSecurityA
RegQueryInfoKeyW
GetKernelObjectSecurity
RegDeleteValueW

winmm

OpenDriver
mciDriverYield
mciDriverNotify
waveOutMessage
mmioAscend
waveInStop
midiOutSetVolume
mciGetErrorStringW
mciSendCommandW
mciLoadCommandResource
mciSendStringA
midiStreamPosition
timeBeginPeriod
mciGetDriverData
timeSetEvent

shell32

SHGetMalloc
SHInvokePrinterCommandW
SHGetSpecialFolderLocation
ShellAboutW
SHOpenFolderAndSelectItems
SHGetSpecialFolderPathA
DragQueryFileW
DragQueryFileA
ExtractIconA
SHCreateDirectoryExW
SHBindToParent
SHFormatDrive
SHFileOperationA

Sections

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 348KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 272KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

advapi32

winmm

shell32

Sections

.edata Size: 4KB - Virtual size: 3KB

.edata Size: 9KB - Virtual size: 9KB

.text Size: 14KB - Virtual size: 317KB

.idata Size: 348KB - Virtual size: 456KB

.idata Size: 272KB - Virtual size: 467KB

.rsrc Size: 43KB - Virtual size: 42KB

.edata
Size: 4KB - Virtual size: 3KB

.edata
Size: 9KB - Virtual size: 9KB

.text
Size: 14KB - Virtual size: 317KB

.idata
Size: 348KB - Virtual size: 456KB

.idata
Size: 272KB - Virtual size: 467KB

.rsrc
Size: 43KB - Virtual size: 42KB