c0d11d2c8d53efcd98f77b3df9ca551f077621c2d56071a8e72bfeae84bb3406

Sharing

Copy URL Twitter E-mail

General

Target

c0d11d2c8d53efcd98f77b3df9ca551f077621c2d56071a8e72bfeae84bb3406
Size

679KB
MD5

4d0a265d991ff8fac38ecfb64cd30ac0
SHA1

410ea03097a8fad5b5b4bae8190ca456e6d9dd09
SHA256

c0d11d2c8d53efcd98f77b3df9ca551f077621c2d56071a8e72bfeae84bb3406
SHA512

05504cf16b7d9832026613005b7bad4403a6869284ef895e46edacb6448fe25dc0db599842a5ed8dd438b3c2a7ae6efaec21accfe1870863703f8308b4d3e33b
SSDEEP

12288:Nl3dfGRsJN3sZqq5hg68SWGqtKHBJzfmCgL+k:NJdfGRQN3sA+0G40BkCgak

Score

N/A

Malware Config

Signatures

Files

c0d11d2c8d53efcd98f77b3df9ca551f077621c2d56071a8e72bfeae84bb3406
.exe windows x86

25a8d921b63987e001bc93be45718b18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetDiskFreeSpaceA
GetSystemTimeAsFileTime
ReleaseMutex
lstrcpynW
GetConsoleWindow
EnterCriticalSection
PeekNamedPipe
DeleteFileW
AssignProcessToJobObject
ReadConsoleInputW
GlobalFree
GetModuleHandleW
GetCommandLineA
GetDriveTypeA
GetLastError
_lopen
GetSystemInfo
FileTimeToSystemTime
GetDriveTypeW
GetShortPathNameA
FindVolumeClose
EnumResourceTypesW
FoldStringW
GetEnvironmentStringsW
MoveFileW
GetStdHandle
SetConsoleTitleA
SetConsoleOutputCP
InterlockedIncrement
AllocConsole
SetFileTime
CreateProcessA
GlobalHandle
OpenThread
GetComputerNameW
SetFileApisToOEM
QueueUserWorkItem
VirtualAlloc
GetModuleFileNameW
SetProcessWorkingSetSize
SleepEx
DefineDosDeviceW
DefineDosDeviceA
HeapReAlloc
GetProcAddress
GlobalMemoryStatusEx
TransactNamedPipe
GetSystemDirectoryA
GetTimeZoneInformation

oleaut32

VariantInit
SysAllocStringByteLen
VariantCopy
SysStringLen
SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex
GetActiveObject
VariantClear
SysReAllocStringLen
SysAllocStringLen
VariantCopyInd
VariantChangeType
SafeArrayGetLBound
SafeArrayCreate
VariantChangeTypeEx
SafeArrayGetUBound

advapi32

UnlockServiceDatabase
GetSecurityDescriptorLength
OpenServiceW
GetNumberOfEventLogRecords
InitializeSid
OpenThreadToken
CryptGenKey
AddAuditAccessObjectAce
CryptHashSessionKey
InitiateSystemShutdownW
AbortSystemShutdownA
BackupEventLogW
InitializeSecurityDescriptor
RegSetValueExW
DeregisterEventSource
ImpersonateSelf
SetKernelObjectSecurity
AreAllAccessesGranted

shell32

ExtractAssociatedIconW
DragQueryFileA
ExtractIconA
SheChangeDirExW
DragFinish
SHCreateDirectoryExW
ShellExecuteW
SHGetSettings
SHInvokePrinterCommandW
SHGetSpecialFolderPathW
SHBrowseForFolderA
SHGetDesktopFolder
SHGetIconOverlayIndexW
SHGetSpecialFolderPathA
SHOpenFolderAndSelectItems
ShellAboutW
SHGetDataFromIDListW
SHGetInstanceExplorer
SHGetPathFromIDListA
SHGetFileInfoA
SHAppBarMessage
SHGetFileInfoW

odbc32

PostODBCComponentError
VFreeErrors
LockHandle
CursorLibLockStmt
CursorLibLockDesc
CursorLibTransact
ValidateErrorQueue
SQLStatistics
CursorLibLockDbc
VRetrieveDriverErrorsRowCol
SearchStatusCode
PostODBCError

winmm

mciLoadCommandResource
mixerGetID
midiOutClose
mmioSetInfo
waveOutWrite
midiOutLongMsg
midiOutOpen
mixerClose
waveInUnprepareHeader
midiStreamProperty
mmioGetInfo
midiStreamOpen
mciSendCommandW
midiOutUnprepareHeader
waveOutRestart
midiOutPrepareHeader
mmTaskCreate
waveOutMessage
waveInAddBuffer
waveInClose
mciDriverNotify
waveInPrepareHeader
waveInOpen
midiOutGetDevCapsA
OpenDriver
PlaySoundW
waveOutUnprepareHeader
CloseDriver
midiOutCacheDrumPatches
timeGetDevCaps
sndPlaySoundW
mixerGetDevCapsA

Sections

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 11KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 152KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 262KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 195KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25a8d921b63987e001bc93be45718b18

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

advapi32

shell32

odbc32

winmm

Sections

.edata Size: 5KB - Virtual size: 4KB

.edata Size: 9KB - Virtual size: 8KB

.text Size: 11KB - Virtual size: 346KB

INIT Size: 152KB - Virtual size: 195KB

CRT Size: 262KB - Virtual size: 478KB

.rdata Size: 195KB - Virtual size: 269KB

.rsrc Size: 44KB - Virtual size: 43KB

.edata
Size: 5KB - Virtual size: 4KB

.edata
Size: 9KB - Virtual size: 8KB

.text
Size: 11KB - Virtual size: 346KB

INIT
Size: 152KB - Virtual size: 195KB

CRT
Size: 262KB - Virtual size: 478KB

.rdata
Size: 195KB - Virtual size: 269KB

.rsrc
Size: 44KB - Virtual size: 43KB