474f4d048ac241590bb94ce8c6ea79bc4730dfcc3412b9c25b0ab2409c849c7a

General

Target

474f4d048ac241590bb94ce8c6ea79bc4730dfcc3412b9c25b0ab2409c849c7a
Size

776KB
MD5

626537d555350f178de1b7e62557c063
SHA1

699f688a239a72ccd9f90a4816021677c1b75af2
SHA256

474f4d048ac241590bb94ce8c6ea79bc4730dfcc3412b9c25b0ab2409c849c7a
SHA512

cdb77fcad5a147cba85c55c6481599098a23b2df4c87fe9ce89a8cf97c29f6aa92de259a16b42c71754ebfd6c4fc13605145d6b80f6dcd5b2e097e03f3342bc5
SSDEEP

24576:dwdFIXEPHvCg6xmWiz780JilMeXKlhOw:2dSXgvCgJ/PolMe6rO

Score

N/A

Malware Config

Signatures

Files

474f4d048ac241590bb94ce8c6ea79bc4730dfcc3412b9c25b0ab2409c849c7a
.exe windows x86

7eb88778c9600589d452ab1bf1148c06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

odbctrac

TraceSQLFetch
TraceSQLError
TraceSQLBindCol

shell32

SHCreateShellItem
ShellMessageBoxA
StrChrA
DragFinish
SHFree
DllUnregisterServer
SHGetMalloc
SHChangeNotify
SHGetFileInfoA
SHFileOperationA
ShellAboutA
DragQueryPoint
SHGetDiskFreeSpaceA
DragAcceptFiles

kernel32

GetVersionExW
GetGeoInfoA
SetVolumeLabelW
GetTickCount
LoadLibraryExW
HeapCreate
GetPrivateProfileIntA
IsBadReadPtr
LoadLibraryA
WaitForSingleObject
GetSystemDirectoryW
GetExpandedNameA
GetConsoleAliasW
GetCurrentProcessId
CreateWaitableTimerA
WriteConsoleA
lstrcpyW

crypt32

CertFindChainInStore
CryptMemRealloc
CertFreeCRLContext
CertFindCRLInStore
CryptHashMessage
CertAlgIdToOID
CertCompareCertificate
CertCloseStore
CertFreeCertificateChain
CertFindExtension
CryptEnumOIDInfo
CryptFindOIDInfo
CryptMsgClose
CertDeleteCRLFromStore

shlwapi

PathIsRootW
UrlUnescapeW
UrlHashW
PathCombineW
UrlCanonicalizeW
UrlIsA
PathIsPrefixA
UrlGetPartW
UrlEscapeA
PathCommonPrefixW

msimg32

DllInitialize
GradientFill
TransparentBlt
AlphaBlend

Sections

text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

hdata
Size: 767KB - Virtual size: 767KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7eb88778c9600589d452ab1bf1148c06

Headers

DLL Characteristics

File Characteristics

Imports

odbctrac

shell32

kernel32

crypt32

shlwapi

msimg32

Sections

text Size: 6KB - Virtual size: 6KB

hdata Size: 767KB - Virtual size: 767KB

.rsrc Size: 2KB - Virtual size: 1KB

text
Size: 6KB - Virtual size: 6KB

hdata
Size: 767KB - Virtual size: 767KB

.rsrc
Size: 2KB - Virtual size: 1KB