34dba1593a7938a5f96ac4f1a6fe74461df9afd65e35f15876c98df36bb85b8a

Sharing

Copy URL Twitter E-mail

General

Target

34dba1593a7938a5f96ac4f1a6fe74461df9afd65e35f15876c98df36bb85b8a
Size

114KB
MD5

91ad18d15f423880c9dea30a16eef838
SHA1

208bb613b13493f4dae66f84f72635261058959e
SHA256

34dba1593a7938a5f96ac4f1a6fe74461df9afd65e35f15876c98df36bb85b8a
SHA512

ad36af019501adf52160c217f481294355936722f28a17211311874ed38be5a4b961e33a836e870f252422039934c34bc53a99d9dc4c64a4243179171f776c5c
SSDEEP

3072:eNOV1feHBoK8fryNklmsccZxQkYEJVv9JyaFwDtG1ZyiN:jV1feHByjr/wCvrV

Score

N/A

Malware Config

Signatures

Files

34dba1593a7938a5f96ac4f1a6fe74461df9afd65e35f15876c98df36bb85b8a
.exe windows x86

fb9abc1d05fdd5dfbbb661342581da04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

SymFunctionTableAccess
SymInitialize
SymGetModuleInfo
StackWalk
SymGetModuleBase
SymCleanup
SymSetOptions
SymGetSymFromAddr
SymUnDName

odbc32

ord107
ord3
ord145
ord51
ord150
ord141
ord139
ord9
ord1
ord14
ord23
ord16
ord110
ord111
ord2
ord13
ord72
ord43
ord5
ord15

sqlunirl

_GetUnicodeRedirectionLayer@0
_CreateFile@28
_GetProcAddress_@8
_LoadString@16
_GetVersionEx@4
_GetComputerName@8
_FormatMessage@28

atl

ord23
ord22
ord21
ord20
ord17
ord18
ord30
ord58
ord32
ord16

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

FlushFileBuffers
GlobalMemoryStatus
SetErrorMode
lstrlenA
GetFileSize
HeapAlloc
GetSystemDefaultLangID
ReadProcessMemory
GetProcessHeap
HeapFree
WaitForMultipleObjects
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
ReadFile
GetSystemInfo
ExitProcess
Sleep
GetCommandLineA
GetCurrentThreadId
AllocConsole
SetConsoleCtrlHandler
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
QueryPerformanceFrequency
CreateFileA
GetEnvironmentVariableA
GetCurrentProcess
GetModuleHandleA
FreeLibrary
GetLocalTime
CreateEventA
WaitForSingleObject
WriteFile
ReleaseMutex
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
CloseHandle
GetLastError
GetStdHandle
SetFilePointer
ResetEvent
SetEvent
InterlockedDecrement
GetSystemDefaultLCID
GlobalAlloc
GetModuleFileNameA
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalLock
ExpandEnvironmentStringsA
LoadLibraryA
lstrcatA
FormatMessageA
lstrcpyA
InterlockedIncrement

user32

MessageBoxA
wsprintfA

advapi32

GetSecurityDescriptorLength
MakeSelfRelativeSD
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString

msvcrt

__set_app_type
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__dllonexit
_onexit
_controlfp
_wtoi
_snwprintf
_strnicmp
strchr
asctime
localtime
_ftol
time
_wcslwr
swscanf
_exit
_XcptFilter
wprintf
_wstrdate
_wstrtime
_wcsdup
memmove
strncpy
wcsstr
sprintf
wcsrchr
wcschr
malloc
wcsncat
_except_handler3
iswspace
_iob
_stricmp
swprintf
free
wcscat
wcscmp
_wcsicmp
_vsnwprintf
wcslen
wcsncpy
??2@YAPAXI@Z
wcscpy
wcsncmp
_wsplitpath
_initterm
__getmainargs
__p___initenv
exit
_purecall
_wcsnicmp
??3@YAXPAX@Z
freopen
printf
fclose
_beginthreadex

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fb9abc1d05fdd5dfbbb661342581da04

Headers

File Characteristics

Imports

imagehlp

odbc32

sqlunirl

atl

version

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 8KB - Virtual size: 12KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 8KB - Virtual size: 12KB