3023C1ACB8D00014B641EAABFD0ADEE1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3023C1ACB8D00014B641EAABFD0ADEE1.exe
Size

224KB
MD5

3023c1acb8d00014b641eaabfd0adee1
SHA1

ea5a53b06adfa51c970dd0672265bf2fefa65550
SHA256

42ef63c5cd3aad91b9d7702b6f8b976b7acce4e031f751638fe4714e0932fbc7
SHA512

cb40c8fcfcd5e94d9485f5f11980bd7235e8bdcdbfb0fd7c73df6b90fd962b15f906cc18964802c94464f971e412d82d5daef11eb84818ded31c4b60f1973b04
SSDEEP

3072:sUX0PfGOFN6Wn7zs0BXDMoH/gexDmavq1dCr3DvrtfQXtwV56tFixy:sW0XGOFN6WVBXiVOxQX6V56tc

Score

N/A

Malware Config

Signatures

Files

3023C1ACB8D00014B641EAABFD0ADEE1.exe
.exe windows x86

3242ee226951c0b2b1eb8fae959e7ff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nsw2lib

GETLISTBOXCELL
wLoadTemplateInDll
wDlgAddCheckBox
wDlgAddCombBoxEntry
wSetTitle
wCreateAccelTable
wSetMainWindow
wGetMainWindow
wIsSelected
ACTIVATEEDITINPLACE
BEGINEDITINPLACE
wDlgAddStaticText
wSetCBack2
wDlgAddCombBox
wAsk2
wExit
wSelect
wTerminate1
wDlgAddPushButton
wTerminateMem
wExecute
wDlgSetWindowPos
wSetCharSet
wInitialize2
wDlgAddEntryField
wDeleteAll
wSendEvent
wDlgSetDevice
wUpdate
wDlgOpenWindow
wCloseWindow
wSetUser
wProcess
wS2I
wGetText
wSelection
wDismissOrCloseWindow
wPtr2S
wMemDispose
wGrantCCDataBuffersAccess
wSetText
wI2S
wCtrl
wStopTimer
wStartTimer
wLock
wHide
wInsert
wGetUser
wFill
wMemNew
wStrCpy
wDlgSetMLECursor
wDlgAddMLE
wSetQualifier
wStrCopy
wLStrCpy
wStrLength
wStrPos
wSetFocus
wF2S
wMessage
wIsLocked
wMemNew2
wYield
wDlgAddListBox
wDestroyPopupMenuWindow
wProcessPopupMenu
wGetQualifier
wStrDelete
wStrCmp
wLStrFill
wDlgSetCurItem
wAppendMenuItem
wCreatePopupMenuWindow
wCtrlCpy
wGetClientHeight
wGetHeight
wS2R
wStrUpcase
wIsInt
wStrSkip
wShow
wMov
wDlgCheck1
wCallBack
wStrInsert
wLineCount
wChr

nsw2help

HLPOPEN@8

nsw2dstr

ord58
ord33
ord44
ord35
ord31
ord71
ord29
ord5
ord28
ord27
ord30

nsw2fed

NSMLE_SETDSTEXT
NSMLE_GETDSTEXT

nsw2misc

T_WRITE
REAL2STRING
NSEXISTFILE
MESSAGE
FGETDIR
NSFGETNAME
T_WRITEEX
T_WRITELN
GETDISK
GETDIR
CHDISK
NSCHDIR
NSGETENV
T_WRITELNEX
WINDOWFROMCONTROL
SELFFROMCONTROL
FOCUSCONTROL
CONTROLNAME

nsw2grap

GPI_CLOSEMEMPS
GPI_VDELETEFONT
GPI_CHARSTRINGWIDTH
GPI_VSELECTFONT
GPI_VCREATEFONT
GPI_CREATEMEMPS
GETSETRGBPALETTE

nsw2_sql

wSqlExec
wSqlOpenCursor
wSqlError
wSqlCloseCursor

nsw2comm

WRITETOCLIPBOARD

nsw2date

CURRENTDATE
CURRENTTIME

nsw2thfr

THINGS_TERMINATE_NSDK
THINGS_INITIALIZE_NSDK

nsw2tas

tas_dbox_getfilename
tas_mail_simplesend
tas_dbox_getdirname

cdll

Tempo_table

stdproc

szSQL_SELECTGETVAL
iSQL_OPEN
szSQL_GETLASTERROR
iASKON
iSQL_FETCH
szSQL_GETWINSGBD
szSQL_GETWINDRIVER
szSQL_GETWINPASSWORD
szSQL_GETWINBDD
CTRL_SHOWCTRL
CTRL_HIDECTRL
LIST_SETCELBACKCOLOR
LIST_SETLINEBACKCOLOR
szTIMESTAMPGETTIME
szTIMESTAMPGETDATEFR
iSQL_SELECT
LIST_SETTITLECOLORS
LIST_SETCOLUMNTITLE
LIST_SETTITLECOLUMNFORECOLOR
LIST_SETLINESEPARATOR
LIST_RESIZECOLUMN
SQL_GETSEGSQLCONNECT
LIST_SETCEL
szINI_GETVALUE
iINI_SETVALUE
szRCARACT
iLIKE
iFILE_OPEN
FILE_CLOSE
szT_ERROR
MSG_LOG
szPATH_CORRECT
szEXTRACT_BETWEEN_POS
iLIST_GETNBCOLUMNS
szLIST_GETCELDESCRIPTEUR
szINSERT_STD
szLIST_GETCEL
szEXTRACT_STD
CTRL_LOCKALLCTRL
LIST_SELECTLINE
iCALL_CONNEXION_SQL2
iINI_ISSECTIONEXIST
szRECUP_MDP_BDD
szDATE_GETCURRENTTIMESTAMP
szSQL_SELECTGETCOLNAME
iLIST_GETCOLUMNWIDTH
CB_SETNBLINES
LIST_SETCOLUMNWIDTH
iSQL_GETNBCOLUMNS
LIST_SETLINESHEIGHT
iDT_DATETIMEDIFFERENCE
iLIST_GETCELBACKCOLOR
iLIST_GETCELFORECOLOR
iSQL_CLOSE
szASKOET
LIST_SETNBCOLUMNS
iLIST_NB_COLONNES
szSQL_GETWINUSER

kernel32

HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
RtlUnwind
HeapReAlloc
VirtualAlloc
Sleep
InitializeCriticalSection
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
HeapDestroy
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
VirtualFree

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3242ee226951c0b2b1eb8fae959e7ff9

Headers

File Characteristics

Imports

nsw2lib

nsw2help

nsw2dstr

nsw2fed

nsw2misc

nsw2grap

nsw2_sql

nsw2comm

nsw2date

nsw2thfr

nsw2tas

cdll

stdproc

kernel32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 40KB - Virtual size: 49KB

.rsrc Size: 4KB - Virtual size: 776B

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 40KB - Virtual size: 49KB

.rsrc
Size: 4KB - Virtual size: 776B