3e17ca9f293a396377a7643039eef050feeee0f29d83d64c50453d260b4cf9ff

Sharing

Copy URL Twitter E-mail

General

Target

3e17ca9f293a396377a7643039eef050feeee0f29d83d64c50453d260b4cf9ff
Size

692KB
MD5

68c381b4005ed2778045bf2018e70d90
SHA1

191089b5452ac35710a8992bd22492b05c0996c9
SHA256

3e17ca9f293a396377a7643039eef050feeee0f29d83d64c50453d260b4cf9ff
SHA512

368185c93510e69295f33347357024fa00599d3e68376ed2c2d30f036a3668d6dbf3187e7a993ce2798dbb5fd14d51f4385c31128b063f12e3ef8a02a464a6a8
SSDEEP

12288:UvQ8JJoUKqZA/BzMTVpOrQe4Sb+Vwz552gMPqHzl4HnNJ+GKMfPCXtqRxQdC:gQ8JJoUKKcI5pOUe4Sb+yH2yzl4t/KM1

Score

N/A

Malware Config

Signatures

Files

3e17ca9f293a396377a7643039eef050feeee0f29d83d64c50453d260b4cf9ff
.exe windows x86

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

VFreeErrors
PostODBCError
SQLDriversA
SearchStatusCode
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
PostODBCComponentError
ValidateErrorQueue
LockHandle
CursorLibTransact
CursorLibLockDbc
CursorLibLockStmt

kernel32

InterlockedDecrement
OpenFile
CreateWaitableTimerA
CancelIo
Process32Next
HeapSize
SizeofResource
InterlockedExchange
GetVolumePathNameW
GetDiskFreeSpaceW
GetConsoleMode
SetCurrentDirectoryA
GetTempPathW
FindAtomW
UnlockFileEx
VirtualAlloc
VirtualProtectEx
WriteProcessMemory
SetFilePointerEx
OpenEventA

advapi32

CloseEncryptedFileRaw
LsaFreeMemory
QueryRecoveryAgentsOnEncryptedFile
ReportEventA
TreeResetNamedSecurityInfoW
RegisterTraceGuidsW
RegisterServiceCtrlHandlerExW
SystemFunction036
InitiateSystemShutdownW
WmiFileHandleToInstanceNameW
ObjectCloseAuditAlarmW
LookupPrivilegeNameW
SetSecurityDescriptorOwner
AreAnyAccessesGranted
AddUsersToEncryptedFile
RegSaveKeyW
EnableTrace
RegSetValueW
RegSetValueA
GetServiceKeyNameW
AddAuditAccessAce
TraceMessage
SetSecurityDescriptorSacl
CryptDeriveKey
AddAccessDeniedObjectAce
GetCurrentHwProfileA
GetSecurityDescriptorLength
IsWellKnownSid
ConvertSecurityDescriptorToStringSecurityDescriptorW
QueryServiceConfigW
GetFileSecurityA
RegQueryInfoKeyW
GetKernelObjectSecurity
RegDeleteValueW

winmm

OpenDriver
mciDriverYield
mciDriverNotify
waveOutMessage
mmioAscend
waveInStop
midiOutSetVolume
mciGetErrorStringW
mciSendCommandW
mciLoadCommandResource
mciSendStringA
midiStreamPosition
timeBeginPeriod
mciGetDriverData
timeSetEvent

shell32

SHGetMalloc
SHInvokePrinterCommandW
SHGetSpecialFolderLocation
ShellAboutW
SHOpenFolderAndSelectItems
SHGetSpecialFolderPathA
DragQueryFileW
DragQueryFileA
ExtractIconA
SHCreateDirectoryExW
SHBindToParent
SHFormatDrive
SHFileOperationA

Sections

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 348KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 272KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

advapi32

winmm

shell32

Sections

.edata Size: 4KB - Virtual size: 3KB

.edata Size: 9KB - Virtual size: 9KB

.text Size: 14KB - Virtual size: 317KB

.idata Size: 348KB - Virtual size: 456KB

.idata Size: 272KB - Virtual size: 467KB

.rsrc Size: 43KB - Virtual size: 42KB

.edata
Size: 4KB - Virtual size: 3KB

.edata
Size: 9KB - Virtual size: 9KB

.text
Size: 14KB - Virtual size: 317KB

.idata
Size: 348KB - Virtual size: 456KB

.idata
Size: 272KB - Virtual size: 467KB

.rsrc
Size: 43KB - Virtual size: 42KB