fb224ea92cbadcb8dda51f2f34f4d02a1f3c512d0bade748402003c67faa1b8e

Sharing

Copy URL Twitter E-mail

General

Target

fb224ea92cbadcb8dda51f2f34f4d02a1f3c512d0bade748402003c67faa1b8e
Size

996KB
MD5

81659e64ed6494338d9d0ab684727940
SHA1

c391680f11603f48a21d2fe18acaafa56fb5bb33
SHA256

fb224ea92cbadcb8dda51f2f34f4d02a1f3c512d0bade748402003c67faa1b8e
SHA512

855ab94c2040894192fc6664c1e86261e72a83faff2db6719c36d04e3b57178f2656c848c210cfdb4139fe7338869101227f941df06fd7e5e53c75aa9ad4beda
SSDEEP

12288:oM+byYiWxsPah2NIFd2NJtZQ2ZX2ZB2bHjR9XD1cmeFBC4AiQe0GQE9D0QqswM4O:oM+byWLh22Fd2kF3dMGlD0QqswM4FPo

Score

N/A

Malware Config

Signatures

Files

fb224ea92cbadcb8dda51f2f34f4d02a1f3c512d0bade748402003c67faa1b8e
.exe windows x86

a1611828055044e65ee93ffe86227b24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

sisydbrelease

?DisableLogging@SISyQueryExecutor@@QAEXXZ
??1SISyODBCQueryExecutor@@UAE@XZ
??0SISyODBCQueryExecutor@@QAE@XZ
?EnableLogging@SISyQueryExecutor@@QAEXVCString@@@Z
?GetAsInteger@SISyDbField@@QAEHXZ
?WriteLog@SISyQueryExecutor@@QAEXVCString@@@Z
??0SISyDbField@@QAE@XZ
?SaveToFile@SISyDbField@@QAEXPBD@Z
?GetAsString@SISyDbField@@QAE?AVCString@@XZ
?UpdBlob@SISyODBCQueryExecutor@@UAEXXZ
?InTransaction@SISyODBCQueryExecutor@@UAEHXZ
?RollbackTransaction@SISyODBCQueryExecutor@@UAEXXZ
?CommitTransaction@SISyODBCQueryExecutor@@UAEXXZ
?BeginTransaction@SISyODBCQueryExecutor@@UAEXXZ
??1SISyDbField@@UAE@XZ
?ExecSQL@SISyODBCQueryExecutor@@UAEXXZ
?ExecuteSimpleQuery@SISyODBCQueryExecutor@@UAE?AVCString@@PBDH@Z
?InitDbTable@SISyODBCQueryExecutor@@UAEXPAVSISyDbTable@@@Z
?ConstructDbTable@SISyODBCQueryExecutor@@UAEPAVSISyDbTable@@XZ
?IsConnected@SISyODBCQueryExecutor@@UAEHXZ
?GetConnectionStatus@SISyODBCQueryExecutor@@UAEXAAVCString@@0AAH1@Z
?CloseConnection@SISyODBCQueryExecutor@@UAEHPBD@Z
?Connect@SISyODBCQueryExecutor@@UAEHPBD00H@Z
?ConstructException@SISyQueryExecutor@@UAEPAVSISyDbException@@PBDPAVCDBException@@@Z
?ConstructException@SISyQueryExecutor@@UAEPAVSISyDbException@@PBDPAVCMemoryException@@@Z
?ConstructException@SISyQueryExecutor@@UAEPAVSISyDbException@@PBDPAVCOleDispatchException@@@Z
?IsUpdate@SISyQueryExecutor@@UAEHVCString@@@Z
?UpdateBlob@SISyQueryExecutor@@UAEHABVCString@@0@Z
?IsQuery@SISyQueryExecutor@@UAEHVCString@@@Z
?ExecuteSQL@SISyQueryExecutor@@UAEHJABVCMapStringToString@@PAVSISyDbTable@@@Z
?ExecuteSQL@SISyQueryExecutor@@UAEHVCString@@ABVCMapStringToString@@PAVSISyDbTable@@@Z
?PrepareQuery@SISyQueryExecutor@@UAEXABVCMapStringToString@@H@Z
?GetCurrentQueryString@SISyQueryExecutor@@UAEABVCString@@XZ
?ExternalQueryInterface@SISyQueryExecutor@@UAEJABU_GUID@@PAPAX@Z
?ExternalRelease@SISyQueryExecutor@@UAEKXZ
?ExternalAddRef@SISyQueryExecutor@@UAEKXZ
?ExecuteQuery@SISyODBCQueryExecutor@@UAEXXZ
?ExecuteQuery@SISyQueryExecutor@@UAEHVCString@@ABVCMapStringToString@@PAVSISyDbTable@@@Z
?ExecuteQuery@SISyQueryExecutor@@UAEHJABVCMapStringToString@@PAVSISyDbTable@@@Z
?GetQueryString@SISyQueryExecutor@@UAEABVCString@@J@Z

mfc42

ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord801
ord800
ord616
ord641
ord860
ord541
ord540
ord567
ord324
ord825
ord2370
ord2302
ord4234
ord858
ord2642
ord3092
ord4710
ord1199
ord2818
ord6334
ord535
ord823
ord1825
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord2399
ord4387
ord3454
ord3198
ord6175
ord4623
ord4426
ord652
ord338
ord4823
ord4238
ord1168
ord4277
ord5683
ord6215
ord2864
ord6080
ord1841
ord4589
ord4588
ord4899
ord4370
ord4892
ord4533
ord5076
ord4340
ord4347
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord5240
ord5281
ord3748
ord1725
ord5260
ord2091
ord4432
ord364
ord2135
ord784
ord818
ord4241
ord939
ord4299
ord3495
ord922
ord924
ord4129
ord4189
ord4720
ord5037
ord537
ord4160
ord926
ord6283
ord2688
ord3619
ord3626
ord3663
ord2414
ord1641
ord941
ord2652
ord1669
ord4614
ord2535
ord3522
ord3521
ord6170
ord4133
ord4297
ord5788
ord472
ord4613
ord6883
ord2764
ord2614
ord1567
ord268
ord2289
ord6199
ord5981
ord1200
ord1858
ord4245
ord5101
ord2101
ord2723
ord2390
ord3059
ord5100
ord5104
ord4467
ord4303
ord3351
ord5012
ord976
ord5472
ord3403
ord2879
ord2878
ord4152
ord4077
ord5237
ord2382
ord5283
ord2649
ord1665
ord4436
ord5254
ord2445
ord4427
ord401
ord674
ord4858
ord2884
ord772
ord500
ord1768
ord5677
ord536
ord6142
ord5860
ord913
ord3610
ord656
ord764
ord1175
ord3028
ord3361
ord763
ord640
ord1126
ord2450
ord1147
ord3074
ord5953
ord2086
ord326
ord1640
ord323
ord1161
ord2915
ord3506
ord5572
ord3499
ord2515
ord355
ord483
ord2246
ord3517
ord2537
ord3692
ord3571
ord5791
ord5785
ord613
ord289
ord826
ord263
ord824
ord1727
ord3811
ord5583
ord3790
ord2393
ord2358
ord668
ord3178
ord2781
ord2770
ord356
ord3909
ord2860
ord6143
ord6282
ord5856
ord5710
ord700
ord398
ord2763
ord3439
ord2299
ord4204
ord4275
ord2379
ord4448
ord4671
ord4676
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord3350
ord975
ord2880
ord4153
ord2383
ord5284
ord4437
ord4428
ord554
ord402
ord807
ord2494
ord2627
ord2626
ord5871
ord6067
ord6000
ord2117
ord4163
ord2120
ord4457
ord5255
ord5805
ord4216
ord4875
ord3485
ord4220
ord2584
ord3654
ord2438
ord2455
ord3447
ord3196
ord2863
ord1576
ord1146
ord6403
ord4413
ord2784
ord2575
ord3574
ord2574
ord4396
ord3572
ord609
ord2639
ord6197
ord1660
ord3874
ord4224
ord6402
ord3317
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord617
ord3237
ord2623
ord6354
ord6352
ord5214
ord296
ord5500
ord2036
ord986
ord411
ord4159
ord859
ord6117
ord2621
ord1134
ord1205
ord2725
ord5606
ord665
ord1979
ord6385
ord5442
ord5186
ord354
ord353
ord6877
ord4615
ord2004
ord755
ord470
ord798
ord6407
ord532
ord5130
ord6779
ord4278
ord699
ord397
ord3438
ord912
ord4188
ord2298
ord2737
ord940
ord2814
ord3810
ord2645
ord4123
ord5651
ord3127
ord3616
ord350
ord2291
ord2367
ord2301
ord1997
ord5465
ord5194
ord533
ord2421
ord2859
ord6453
ord1206
ord1223
ord539
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord3803
ord2486
ord4003
ord1945
ord4341
ord4349
ord4723
ord4890
ord4964
ord4961
ord1726
ord560
ord813
ord4273
ord4055
ord6383
ord3177
ord713
ord414
ord3789
ord1259
ord1949
ord3528
ord6094
ord4034
ord1834
ord5067
ord4635
ord4607
ord4716
ord4750
ord4608
ord5016
ord4375
ord4852
ord4834
ord4229
ord958
ord794
ord527
ord5852
ord3481
ord2252
ord2919
ord2585
ord6154
ord2530
ord4365
ord4056
ord5471
ord4121
ord2389
ord5085
ord1709
ord1714
ord4404
ord5234
ord6369
ord5258
ord2444
ord3722
ord529
ord796
ord4265
ord2122
ord556
ord4454
ord6069
ord1088
ord2431
ord3294
ord5279
ord4202
ord5861
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353

msvcrt

_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
strrchr
_strlwr
malloc
isdigit
free
realloc
isalpha
strstr
__getmainargs
_access
strncpy
sprintf
_chdir
_getcwd
_mkdir
atol
_stricmp
_CxxThrowException
_ftol
atof
atoi
__CxxFrameHandler
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_controlfp
_setmbcp
_itoa
_except_handler3
strchr
__set_app_type

kernel32

GlobalUnlock
GetStartupInfoA
Sleep
GetSystemTime
SystemTimeToFileTime
GetLocalTime
GetModuleFileNameA
GlobalFree
GlobalAlloc
lstrlenA
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
MulDiv
GetPrivateProfileStringA
GetDriveTypeA
GetVersionExA
WinExec
HeapDestroy
HeapFree
HeapAlloc
HeapCreate
GetModuleHandleA
GetVersion
WideCharToMultiByte
CloseHandle
CreateFileA
LocalFree
LocalAlloc
SetErrorMode
GetCurrentProcessId
GetEnvironmentVariableA
lstrcmpA
ReadFile
WriteFile
GetFileSize
FindFirstFileA
FindNextFileA
FindClose
GlobalLock

user32

GetMenuStringA
SetForegroundWindow
FindWindowA
BringWindowToTop
ReleaseCapture
SetCapture
EnableMenuItem
DrawMenuBar
IsIconic
SetRectEmpty
GetWindow
GetClassNameA
GetDlgCtrlID
LoadMenuA
GetMenu
SetMenu
DestroyMenu
SetTimer
SendMessageA
EnableWindow
MessageBeep
PostMessageA
GetWindowRect
MessageBoxA
RedrawWindow
LoadImageA
UpdateWindow
wsprintfA
PeekMessageA
EmptyClipboard
SetClipboardData
OpenClipboard
CloseClipboard
SetRect
LoadBitmapA
GetDC
DrawTextA
ReleaseDC
GetDialogBaseUnits
GetSystemMetrics
GetClientRect
GetParent
KillTimer

gdi32

RealizePalette
CreateFontIndirectA
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
CreateHalftonePalette
GetDIBColorTable
CreatePalette
GetDeviceCaps
StretchBlt
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
AbortDoc
DPtoLP
CreateFontA
SelectObject
GetObjectA
CreateCompatibleDC
BitBlt
DeleteDC
DeleteObject

comdlg32

PrintDlgA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA
SHFormatDrive

oleaut32

RevokeActiveObject
RegisterActiveObject

Sections

.text
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1611828055044e65ee93ffe86227b24

Headers

File Characteristics

Imports

sisydbrelease

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 500KB - Virtual size: 499KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 24KB - Virtual size: 28KB

.rsrc Size: 364KB - Virtual size: 364KB

.text
Size: 500KB - Virtual size: 499KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 24KB - Virtual size: 28KB

.rsrc
Size: 364KB - Virtual size: 364KB