1a4bb341cac6c6a701a3f611db1873d7bcb9aa1d5a584476e6023d87be7fb843

Sharing

Copy URL Twitter E-mail

General

Target

1a4bb341cac6c6a701a3f611db1873d7bcb9aa1d5a584476e6023d87be7fb843
Size

144KB
MD5

53000d7c936cea259632144c40689ef2
SHA1

ba8196ad0438aace4d6b60c87faa0ff38f510b7f
SHA256

1a4bb341cac6c6a701a3f611db1873d7bcb9aa1d5a584476e6023d87be7fb843
SHA512

eeb854888c5732b3636a36f12eef17bbae89b8f89881bbb0b475c9d11a2225b212821b0159505db91b5ae24f5b7d6639bcb541a1884df7fa6db459f7f4d821cc
SSDEEP

3072:mMxRMpxyBj7p0r/JIhUXpUNmmQAx7RDyBCh0309tUNy1qJogvYp2:mjyZ7p0r/APLx72ChtUNoqigP

Score

N/A

Malware Config

Signatures

Files

1a4bb341cac6c6a701a3f611db1873d7bcb9aa1d5a584476e6023d87be7fb843
.exe windows x86

a618473ab3a84a3c7e66e4708935759a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oracore10

lfird
lpminit
lpmterm
lpmmkpri
lsfcln
lpmloadpkg
lsfiniu
lmmtophp
lmmgetstmfp
lmmhpinit
lmmmalloc
lmmhpfree
lmmcalloc
lmmrealloc
lmmfree
lstmclo
lemini
lemfaa
lemfaf
lemfre
lemgec
lemgem
lemriv
lemrev
lemged
lfimkpth
lfimknam
slzgetevar
lfiflu
lsfpv
lfiwr
lemces
lficls
lfigfn
lfiopn
lfilini

oraclient10

OCISessionEnd
OCIServerDetach
OCIStmtPrepare
OCIBindByName
OCIStmtExecute
OCITransCommit
OCIStmtFetch
OCIStmtGetPieceInfo
OCIStmtSetPieceInfo
OCILobRead
OCILobTrim
OCILobWrite
OCIBindByPos
OCIDescriptorFree
OCIDefineByPos
OCIDescriptorAlloc
OCITransRollback
OCIDescribeAny
OCIAttrGet
OCIParamGet
OCIErrorGet
OCISessionBegin
OCIAttrSet
OCIServerAttach
OCIInitialize
OCIHandleFree
OCIHandleAlloc
OCIEnvInit

oranls10

lxsCpStr
lxCmpStr
lxinitc
lxhLaToId
lxhLangEnv
lxhidtolang
lxmcpen
lxoCnvCase
lxgcnv
lxoCpStr
lxoSchPat
lxsCnvSimple
lxscat
lxoCvChar
lxoWriChar
lxsCnvCase
lxscop
lxsulen
lxoCpChar
lxsCmpStr
lxsCntChar
lxmfwdx
lxmopen

msvcr71

_stat
_close
_write
_read
_open
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
__p___initenv
_cexit
_XcptFilter
_exit
_c_exit
memset
exit
fgets
fseek
fread
fopen
fclose
strftime
localtime
time
strncpy
qsort
atol

orauts

GetModuleHandleA

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.drdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a618473ab3a84a3c7e66e4708935759a

Headers

File Characteristics

Imports

oracore10

oraclient10

oranls10

msvcr71

orauts

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 2KB

.drdata Size: 28KB - Virtual size: 28KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 2KB

.drdata
Size: 28KB - Virtual size: 28KB