06577f08891a6adec96250a77184593ac443fd68865b5cda79ec1ab1e2607ead

Sharing

Copy URL

Twitter E-mail

General

Target

06577f08891a6adec96250a77184593ac443fd68865b5cda79ec1ab1e2607ead
Size

220KB
MD5

637825b27b2f63e97a83ce9e11c80e24
SHA1

aa0ad6cc14ff59d5850688e527d6291a2a2a4448
SHA256

06577f08891a6adec96250a77184593ac443fd68865b5cda79ec1ab1e2607ead
SHA512

cb1574c386acfeb48cb503fb79b8de90d99c2e0194911ac2c304b91ed1d0f6d464788301082e46d43fcd6aceabdeb809a341ed71e56ed08b2e4285bb75238d6e
SSDEEP

3072:X56MafTWYAERtam8vpsrsKr/ibjbFbEbe/LsU4qyOm6f5Um5U37z:kMafAm8BstIHJEqTLyO7356

Score

N/A

Malware Config

Signatures

Files

06577f08891a6adec96250a77184593ac443fd68865b5cda79ec1ab1e2607ead
.exe windows x86

10c7a1558c827560bccd2b5641bf2a01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbc32

ord75
ord24
ord31
ord111
ord141
ord9
ord135
ord136

mpr

WNetCancelConnection2W

kernel32

lstrlenA
FindClose
UnmapViewOfFile
MapViewOfFile
GetExitCodeProcess
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetOEMCP
FreeResource
SizeofResource
LockResource
LoadResource
GetSystemDefaultLCID
GetCurrentProcess
GetExitCodeThread
CreateThread
GetWindowsDirectoryW
AllocConsole
LoadLibraryW
LoadLibraryA
GetEnvironmentStringsW
CreateEventA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
WriteFile
LCMapStringW
LCMapStringA
VirtualProtect
VirtualQuery
InterlockedExchange
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetModuleFileNameW
OpenEventA
WaitForSingleObject
GetStartupInfoW
GetSystemDirectoryW
GetTickCount
CreateFileW
lstrlenW
CloseHandle
HeapReAlloc
lstrcatW
MultiByteToWideChar
HeapAlloc
GetVersion
GetSystemInfo
WideCharToMultiByte
GetVersionExA
GetModuleHandleA
Sleep
SetLastError
LocalFree
ReadFile
HeapFree
GetProcessHeap
SetErrorMode
GetProcAddress
GetVersionExW
GetLastError
FreeLibrary
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetCPInfo
GetACP
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
CreateFileA
HeapSize
HeapDestroy
SetUnhandledExceptionFilter
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetEndOfFile
FreeEnvironmentStringsW
GetCommandLineA
GetStartupInfoA
RtlUnwind
ExitProcess

user32

ShowWindow
TranslateMessage
GetClientRect
EndDialog
GetDlgItem
PostQuitMessage
SetFocus
MsgWaitForMultipleObjects
wsprintfA
DestroyWindow
GetWindowRect
GetSystemMetrics
GetParent
SetWindowPos
SetCursor
MessageBoxW
IsDialogMessage

gdi32

GetStockObject

advapi32

ControlService
DeleteService
QueryServiceStatus
RegOpenKeyExA
CloseServiceHandle
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
SHGetDesktopFolder

comctl32

ord17

sqlresld

SQLUIUnloadResourceDLL
SQLUILoadResourceDLL

sqdedev

PN_Enumerate
PN_StartScan
PN_GetNext
SQLI_GetNameW
SQLI_GetVersionW
SQLI_IsClustered
SQLI_GetPackageId
DeleteTopology
SQLI_GetVSNameW
CreateSetupTopologyW
ST_GetType
ST_GetPhysicalNode

sqlunirl

_LoadIcon@8
_SendDlgItemMessage@20
_PostMessage@16
_GetProcAddress_@8
_CreateFile@28
_DeleteFile@4
_PeekMessage@20
_FormatMessage@28
_FindResource@12
_CreateDialogIndirectParam@20
_DefWindowProc@16
_SendMessage@16
_SetWindowText@8
_GetToolsFilePath@16
_GetUnicodeRedirectionLayer@0
_GetComputerName@8
_GetVersionEx@4
_MAKEINTRESOURCE@4
_LoadCursor@8
_LoadString@16
_CreateWindowEx@48
_GetModuleFileName@12
_LoadLibrary@4
_MessageBox@16

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

"�%UA�
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10c7a1558c827560bccd2b5641bf2a01

Headers

File Characteristics

Imports

odbc32

mpr

kernel32

user32

gdi32

advapi32

shell32

comctl32

sqlresld

sqdedev

sqlunirl

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 1KB

"�%UA� Size: 84KB - Virtual size: 84KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 1KB

"�%UA�
Size: 84KB - Virtual size: 84KB