b8f0bde1c5fd05de416fd6c258cb14f8cd2ed783aed1b8a8726d910bd237ddf4

Sharing

Copy URL Twitter E-mail

General

Target

b8f0bde1c5fd05de416fd6c258cb14f8cd2ed783aed1b8a8726d910bd237ddf4
Size

800KB
MD5

80b9ee0134f388efacd157c3b705ed61
SHA1

9bf876af1de8ff6a17c7ad40b83975373fbf8d53
SHA256

b8f0bde1c5fd05de416fd6c258cb14f8cd2ed783aed1b8a8726d910bd237ddf4
SHA512

21516a755cc8a86f9fbb09906d0a82988240d4c2c7c0f780ef057e9e59da265fc85aff64f761bd3c3b85dca3eaf69fe6cfda422c8cd601a952eebe85f8a13416
SSDEEP

12288:Uja0YkJ6aNx0tvEJOhsb8JdCX12JU+q2Qw5LwMKXkAm/B9miGrEpfHlk281:ydpksOlUOhfCl2+8WMuyfHlj81

Score

N/A

Malware Config

Signatures

Files

b8f0bde1c5fd05de416fd6c258cb14f8cd2ed783aed1b8a8726d910bd237ddf4
.exe windows x86

17eb1b8d688488744e46252566c52c07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleProxyA
IID_IAccessible
GetStateTextA
WindowFromAccessibleObject
AccessibleObjectFromWindow
LIBID_Accessibility
GetStateTextW
AccessibleChildren
ObjectFromLresult
GetOleaccVersionInfo
GetRoleTextA
AccessibleObjectFromPoint
GetRoleTextW
IID_IAccessibleHandler
CreateStdAccessibleProxyW
CreateStdAccessibleObject
AccessibleObjectFromEvent

sqlunirl

_RegQueryInfoKey_@48
_GetFileAttributesEx_@12
_GetEnvironmentVariable_@12
_SetEnvironmentVariable_@8
_EnumPropsEx_@12
_SendMessageTimeout_@28
_ChangeDisplaySettings_@8
_PrivilegedServiceAuditAlarm_@20
_LoadMenuIndirect_@4
_CreateDirectoryEx_@12
_OpenMutex_@12
_GetServiceDisplayName_@16
_CharPrev_@8
_GetModuleHandle_@4
_RegConnectRegistry_@12
_PostThreadMessage_@16
_CreateDC_@16
_CreateFont@56
_LoadAccelerators_@8
_ReportEvent_@36
_lstrcat_@8
_OutputDebugString_@4
_GetToolsFilePath@16
_GlobalGetAtomName_@12
_GetTempPath_@8
_TranslateAccelerator@12
_LoadLibrary@4
_RegDeleteValue_@8
_CompareString_@24
_OpenSemaphore_@12
wsprintf_
_LookupPrivilegeDisplayName_@20
_GetMenuItemInfo_@16

pdh

PdhExpandWildCardPathA
PdhVbOpenQuery
PdhEnumObjectItemsHW
PdhComputeCounterStatistics
PdhFormatFromRawValue
PdhGetDataSourceTimeRangeA
PdhEnumObjectsHW
PdhEnumObjectItemsW
PdhGetDefaultPerfObjectHA
PdhEnumMachinesHA
PdhExpandCounterPathA
PdhReadRawLogRecord
PdhOpenLogA
PdhGetDefaultPerfObjectA
PdhGetRawCounterValue
PdhEnumObjectItemsHA
PdhGetDefaultPerfObjectHW
PdhAdd009CounterW
PdhLookupPerfIndexByNameW
PdhIsRealTimeQuery
PdhVbCreateCounterPathList
PdhSetDefaultRealTimeDataSource
PdhTranslate009CounterA
PdhRemoveCounter
PdhVbUpdateLog
PdhSetLogSetRunID
PdhRelogW
PdhAddCounterW
PdhRelogA
PdhListLogFileHeaderA
PdhUpdateLogFileCatalog
PdhLookupPerfNameByIndexA
PdhExpandWildCardPathW

kernel32

GetTempFileNameA
GetSystemWindowsDirectoryA
FormatMessageW
FreeLibrary
GetConsoleInputExeNameW
FindAtomW
SetComputerNameExW
GetCurrentThread
SetFileShortNameA
GetStringTypeExW
FindAtomA
FindResourceExW
IsValidCodePage
LZInit
CallNamedPipeA
FindNextVolumeMountPointA
LoadLibraryA
GetACP
GetConsoleTitleA
GetProcessId
LocalAlloc
GetThreadContext
SetConsoleCursorInfo
SetCommState
SetConsoleOS2OemFormat
VirtualAlloc
DebugBreak
GetSystemInfo
FindNextVolumeW
_lwrite
LoadLibraryExA

Sections

.text
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17eb1b8d688488744e46252566c52c07

Headers

DLL Characteristics

File Characteristics

Imports

oleacc

sqlunirl

pdh

kernel32

Sections

.text Size: 398KB - Virtual size: 398KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 173KB - Virtual size: 1.4MB

.rsrc Size: 79KB - Virtual size: 78KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 398KB - Virtual size: 398KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 173KB - Virtual size: 1.4MB

.rsrc
Size: 79KB - Virtual size: 78KB

.reloc
Size: 1KB - Virtual size: 1KB