d514deeed38c49414aa830808334fd6e4bdf0fca513f8958ae7c5b5b7d8c5b7b

Sharing

Copy URL Twitter E-mail

General

Target

d514deeed38c49414aa830808334fd6e4bdf0fca513f8958ae7c5b5b7d8c5b7b
Size

727KB
MD5

5705992311c8cac72cfa2443596bbfce
SHA1

44f5fc53e4def70addf68a821005928c72dd02b1
SHA256

d514deeed38c49414aa830808334fd6e4bdf0fca513f8958ae7c5b5b7d8c5b7b
SHA512

aa10fb84affa6a4673822abea03ecf579fc8f162ce2e4d5381a1cab04526cdf17770b5eb56eddee4f3c4df9b696da542d98d09609fc3de8d640c17132b92ac63
SSDEEP

12288:Q/d4pan0Yv/byYLy+vuZQcnB41NWm4NiEvCDdzWT/dGZ:T8nPDycyEub4HWxvEdKT8Z

Score

N/A

Malware Config

Signatures

Files

d514deeed38c49414aa830808334fd6e4bdf0fca513f8958ae7c5b5b7d8c5b7b
.exe windows x86

26826d5c7a3d2f20c658f19b0a9529c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

userenv

UnloadUserProfile
CreateEnvironmentBlock
GetAppliedGPOListW
RsopSetPolicySettingStatus
LeaveCriticalPolicySection
LoadUserProfileW
ForceSyncFgPolicy
DeleteProfileW
ExpandEnvironmentStringsForUserW
EnterCriticalPolicySection
RefreshPolicy
GetDefaultUserProfileDirectoryW
RsopResetPolicySettingStatus

advapi32

EqualPrefixSid
RevertToSelf
RegNotifyChangeKeyValue
LsaRemoveAccountRights
SetEntriesInAclA
IsValidAcl
ConvertStringSidToSidW
ElfReportEventW
RegEnumKeyA
RegSetValueExA
RegQueryMultipleValuesW
GetLengthSid
SetSecurityDescriptorSacl
WriteEncryptedFileRaw

kernel32

ReadFile
CreateToolhelp32Snapshot
HeapCompact
LCMapStringA
GetTempFileNameA
FlushConsoleInputBuffer
CreateIoCompletionPort
GetCurrentDirectoryA
MoveFileW
HeapSize
VirtualAlloc
DeviceIoControl
InterlockedIncrement
lstrcmpiW
FoldStringW
GetFullPathNameW
FindNextFileW
TransmitCommChar
VerLanguageNameA
SetCurrentDirectoryA

imagehlp

SymInitialize
ImageGetCertificateData
ImageEnumerateCertificates
SymSetOptions
ImageNtHeader
ImageRvaToVa
ImageRvaToSection
CheckSumMappedFile
ImageLoad
EnumerateLoadedModules64
ImageUnload
ImageDirectoryEntryToData

msvcrt

_findnext
_CIcosh
_swab
__setusermatherr
??1exception@@UAE@XZ
strtol
__pioinfo
strchr
_lock
pow
_mbsinc
fwprintf
_CIacos
ungetc
_chsize
_i64tow
iscntrl
_fpclass
calloc
__badioinfo
_memicmp
_filelength
_wgetenv
__p__fmode
??3@YAXPAX@Z
towlower
_ultow
ceil
_mbsnbcat
frexp
getchar
_Getmonths
_lseek
_msize
_except_handler3
localtime
__wgetmainargs
difftime
__p__commode
_strcmpi
memchr
vswprintf
??1type_info@@UAE@XZ
wcscspn

odbc32

ODBCGetTryWaitValue
CursorLibLockDbc
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
LockHandle
PostODBCComponentError
CursorLibTransact
CursorLibLockStmt
SearchStatusCode
VFreeErrors
ValidateErrorQueue
PostODBCError

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 172KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 133KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 288KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26826d5c7a3d2f20c658f19b0a9529c5

Headers

DLL Characteristics

File Characteristics

Imports

userenv

advapi32

kernel32

imagehlp

msvcrt

odbc32

Sections

.data Size: 6KB - Virtual size: 5KB

.text Size: 16KB - Virtual size: 349KB

.idata Size: 172KB - Virtual size: 248KB

.idata Size: 133KB - Virtual size: 328KB

.rdata Size: 288KB - Virtual size: 349KB

.rsrc Size: 109KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 349KB

.idata
Size: 172KB - Virtual size: 248KB

.idata
Size: 133KB - Virtual size: 328KB

.rdata
Size: 288KB - Virtual size: 349KB

.rsrc
Size: 109KB - Virtual size: 109KB