3984438d8fc409a3e42d0c3071347851dd666295dacc395815a3411dd5657285

Sharing

Copy URL Twitter E-mail

General

Target

3984438d8fc409a3e42d0c3071347851dd666295dacc395815a3411dd5657285
Size

124KB
MD5

6d805d74714a5a09aa19901cd2347350
SHA1

d1b689d14b7d73cd5daf87b49756f0e5018e92bf
SHA256

3984438d8fc409a3e42d0c3071347851dd666295dacc395815a3411dd5657285
SHA512

4ded0d2ce5c71cbc7921ac9bf6a332ec177bc4f4e58a2e6bc8100c60a6953d6e432a6f8bcc85abf51da2ed6cdf81b1237358dfe9657cc43cfa8db890e4c36b31
SSDEEP

1536:ONgaNZtjcdUMiEQi35Awd1gIIDgqn60pc:ONgMc5QiJAI1gIIgq6

Score

N/A

Malware Config

Signatures

Files

3984438d8fc409a3e42d0c3071347851dd666295dacc395815a3411dd5657285
.exe windows x86

de3bceed4c9b15efd23ac8aebca7372d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCancelConnection2A

kernel32

GetFileAttributesA
UnmapViewOfFile
MapViewOfFile
SetFileAttributesA
SetLastError
DeleteFileA
GetShortPathNameA
CopyFileA
GetCurrentProcess
SetFilePointer
GetStringTypeW
GetStringTypeA
OpenEventA
OpenFileMappingA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
WaitForSingleObject
GetVersion
lstrlenA
CreateFileA
lstrcmpiA
MultiByteToWideChar
GetComputerNameA
CreateProcessA
HeapReAlloc
GetStartupInfoA
lstrcatA
GetProcAddress
lstrcpyA
WideCharToMultiByte
GetModuleFileNameA
FreeLibrary
LoadLibraryA
CreateThread
GetVersionExA
LockResource
FindResourceA
LoadResource
LocalFree
GetLastError
FormatMessageA
CloseHandle
Sleep
GetExitCodeThread
HeapFree
GetProcessHeap
HeapAlloc
FlushFileBuffers
SetStdHandle
WriteFile
LCMapStringW
LCMapStringA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
GetModuleHandleA
ExitProcess

user32

GetWindowRect
GetSystemMetrics
SetWindowPos
DestroyWindow
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
SystemParametersInfoA
GetDlgItem
DefWindowProcA
SetWindowTextA
SendMessageA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
MessageBoxA
wsprintfA
LoadStringA

gdi32

DeleteObject
CreateFontIndirectA

advapi32

LookupAccountNameA
EqualSid
RegQueryValueExA
RegCloseKey
RegOpenKeyA
ChangeServiceConfigA
CreateServiceA
QueryServiceConfigA
StartServiceA
ControlService
EnumDependentServicesA
QueryServiceStatus
OpenServiceA
DeleteService
CloseServiceHandle
OpenSCManagerA

odbc32

ord36
ord9
ord35
ord11
ord31
ord24
ord75
ord41

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de3bceed4c9b15efd23ac8aebca7372d

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

advapi32

odbc32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 56KB - Virtual size: 56KB