0076d7a1763456d197154dcebec25a551b93b4413b587100b4190f67da4f2656

Sharing

Copy URL Twitter E-mail

General

Target

0076d7a1763456d197154dcebec25a551b93b4413b587100b4190f67da4f2656
Size

819KB
MD5

1b5c2f41cb99db3f99d2c958982f4746
SHA1

bcf50433c70b341939b10189a4e85ad67e11ef1f
SHA256

0076d7a1763456d197154dcebec25a551b93b4413b587100b4190f67da4f2656
SHA512

b1131191921be56b971edac4010f92c3a041c6caf06c0df9c5e96071ad7ac3389131795594fe0fd744f39b1a970ceeab71bc23f63fe9dc6b73fdee52b519ca95
SSDEEP

24576:UQCgXewvWoYpf343flENxVIzPztRaIb2eZCAblvreBTC:jfq/y2dIzPztYIbjZxetC

Score

N/A

Malware Config

Signatures

Files

0076d7a1763456d197154dcebec25a551b93b4413b587100b4190f67da4f2656
.exe windows x86

e632eefd6628887da218cc20b74c521b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtm

RtmCreateDestEnum
RtmGetRouteInfo
RtmReleaseChangedDests
MgmGroupEnumerationEnd
MgmTakeInterfaceOwnership
RtmDeleteRouteTable
MgmDeRegisterMProtocol
RtmDequeueRouteChangeMessage
RtmBlockDeleteRoutes
RtmInsertInRouteList
RtmReadAddressFamilyConfig
CheckTable
RtmGetDestInfo
RtmGetOpaqueInformationPointer
MgmGetFirstMfeStats
RtmDereferenceHandles
RtmGetLessSpecificDestination
RtmIgnoreChangedDests
RtmDeleteNextHop
MgmAddGroupMembershipEntry
RtmGetEntityMethods
RtmDeleteRoute
RtmReleaseEntities
RtmIsRoute
SearchInTable

catsrvut

RegDBRestore
??1CComPlusComponent@@UAE@XZ
??1CComPlusInterface@@UAE@XZ
QueryUserDllW
CGMIsAdministrator
??0CComPlusMethod@@QAE@ABV0@@Z
??4CComPlusMethod@@QAEAAV0@ABV0@@Z
COMPlusUninstallActionW
??4CComPlusObject@@QAEAAV0@ABV0@@Z
??0CComPlusObject@@QAE@ABV0@@Z
DllCanUnloadNow
??_7CComPlusMethod@@6B@
RunMTSToCom

ole32

PropVariantClear
StgOpenPropStg
HBITMAP_UserUnmarshal
OleConvertIStorageToOLESTREAM
OleGetIconOfClass
HBRUSH_UserMarshal
OleCreateEmbeddingHelper
CreateStdProgressIndicator
OleGetClipboard
CoBuildVersion
HDC_UserFree
CreateItemMoniker
OleDuplicateData
OleRegGetUserType
CoGetDefaultContext
OleInitializeWOW
DllDebugObjectRPCHook
CreateOleAdviseHolder
StgGetIFillLockBytesOnFile
OleDoAutoConvert

kernel32

GetOverlappedResult
VerLanguageNameA
GetUserDefaultLCID
CopyFileExW
LoadLibraryW
SetConsoleOutputCP
SetLastError
ReadConsoleW
GetTickCount
CreateActCtxA
SetWaitableTimer
WriteConsoleInputVDMW
ConvertDefaultLocale
GetThreadContext
CreateThread

odbc32

SQLBindParam
SQLTables
SQLProceduresW
SQLMoreResults
SQLFetch
SQLAllocEnv
SQLExtendedFetch
SQLSetStmtOption
SQLSetDescField
SQLGetTypeInfoW
SQLRowCount
SQLForeignKeys
CursorLibLockDesc
SQLGetConnectAttrW
SQLConnectW
SQLDataSourcesW

cryptdll

CDBuildVect
CDBuildIntegrityVect
CDRegisterCSystem
MD5Update
MD5Init
CDFindCommonCSystemWithKey
CDRegisterRng
CDLocateCSystem
CDFindCommonCSystem
CDGenerateRandomBits
CDLocateCheckSum
CDLocateRng
MD5Final
CDRegisterCheckSum

oleaut32

VarDateFromDisp
VarI4FromI8
VARIANT_UserFree
VarR8Round
SetErrorInfo
VarI2FromDate
VarI4FromDec
VarPow
VarI2FromUI2
VarUI4FromI8
BSTR_UserMarshal
VarR4CmpR8
VarUI2FromI4
VarCyFromI4
VarUI2FromR8
VarFix
VarI8FromUI1
VarI1FromUI4
VarCyRound
VarDateFromUI1

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e632eefd6628887da218cc20b74c521b

Headers

DLL Characteristics

File Characteristics

Imports

rtm

catsrvut

ole32

kernel32

odbc32

cryptdll

oleaut32

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 107KB - Virtual size: 106KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 191KB - Virtual size: 191KB

.reloc Size: 1024B - Virtual size: 804B

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 107KB - Virtual size: 106KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 191KB - Virtual size: 191KB

.reloc
Size: 1024B - Virtual size: 804B