f9f53ddb8a669e95392f452ba32bccecdf407555dbb25bca99fc6d359203eee6

Sharing

Copy URL

Twitter E-mail

General

Target

f9f53ddb8a669e95392f452ba32bccecdf407555dbb25bca99fc6d359203eee6
Size

857KB
MD5

0ef243331f42c24396726337f74be4e1
SHA1

5bc4643e25884cbc5759f2b9006ed4449603a299
SHA256

f9f53ddb8a669e95392f452ba32bccecdf407555dbb25bca99fc6d359203eee6
SHA512

b94ff32a589f19dc8291aa91ca4d7382706d2ad6d8b53ce0fd274e3192f22ac845ac10caab2f39aab9b6247f858aeb550b4391b0a4515c42595e52b597e163c5
SSDEEP

12288:JTf6kjc3gNkQ46KLsLKQmBg9pBD6IBBq4riQc3D/j2lv9ZSYhM85HBwIHgQpeKaW:J+3e4qZGQd64OQc3P4TSy5OI/peKaW

Score

N/A

Malware Config

Signatures

Files

f9f53ddb8a669e95392f452ba32bccecdf407555dbb25bca99fc6d359203eee6
.exe windows x86

ee5d87259ab0b9c99ea97adff7f35f69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_rotl
_dup2
_msize
_commode_dll
gets
fgetwc
memmove
__argv_dll
_mbsncpy
_logb
fgets
_mbctype
__dllonexit
_mbsnbset
_strinc
_nextafter
_CIatan2
_local_unwind2
asctime
_mbsrchr
wcscat
_mbsrev
strstr
_gcvt
_fmode_dll
strchr
_ismbblead
_fullpath
tolower
ferror
_pipe
isxdigit
strcoll
_cpumode_dll
_mbsnbcmp
iswupper
_y0
_putch
_pgmptr_dll
isprint
__mb_cur_max_dll
_CIfmod
_strrev
_mbcjistojms
ceil
_seterrormode
acos
tan
_getdiskfree
_write
difftime
fputs
iswpunct
strlen
_winmajor_dll
_assert
_mbctohira
_popen
_ismbclegal
isgraph
strcspn
ldexp
_HUGE_dll
_ismbbgraph
_commit
__threadid
_ecvt
__pxcptinfoptrs
strtol
fwrite
islower
wcsstr
iswalnum
strpbrk
_c_exit
iswcntrl
__threadhandle
_filbuf
_toupper
_wcsnicmp
_CIlog
_iob
_clearfp

msoert2

CryptFreeFunc
FIsSpaceA
UlStripWhitespaceW
OpenFileStreamShareW
HrGetMsgParam
CreateLogFile
FBuildTempPath
strtrim
HrLPSZCPToBSTR
FIsEmptyA
StrToUintW
HrGetBodyElement
PszToUnicode
CleanupFileNameInPlaceA
CreateSystemHandleName
IsPrint
IUnknownList_CreateInstance
HrIsStreamUnicode
FreeTempFileList
HrStreamSeekCur
DeleteTempFileOnShutdownEx
FIsSpaceW
HrGetStreamSize
OpenFileStreamShare
PVGetCertificateParam
PszDupW
PszSkipWhiteA
StripCRLF
HrIndexOfWeek
CrackNotificationPackage
OpenFileStreamWithFlagsW
HrStreamSeekBegin
RicheditStreamOut
HrLPSZToBSTR
HrCopyStreamCB
CreateEnumFormatEtc
BrowseForFolder
FMissingCert
CreateStreamOnHFileW
PszAllocW
FIsHTMLFileW
FIsEmptyW
HrGetCertKeyUsage
GenerateUniqueFileName

kernel32

SetLocalPrimaryComputerNameW
SetHandleInformation
GetProcessHeaps
SetFileShortNameW
SetTapeParameters
InitializeCriticalSection
RegisterConsoleVDM
Heap32First
SetInformationJobObject
SetPriorityClass
ResetEvent
SetDefaultCommConfigA
FreeLibraryAndExitThread
EnumerateLocalComputerNamesW
GlobalFindAtomA
GetProfileIntW
GetStartupInfoA
Module32FirstW
ConvertFiberToThread
HeapAlloc
GetNumaNodeProcessorMask
lstrcatA
SetLastConsoleEventActive
ReleaseActCtx
TermsrvAppInstallMode
LoadLibraryA
EnumSystemCodePagesA
VirtualAlloc
LockFileEx
BeginUpdateResourceA
GlobalFree
CopyFileExW
GetFirmwareEnvironmentVariableA
HeapCompact
FindNextVolumeMountPointA
GetCommMask
ReadConsoleInputExW
IsBadReadPtr
GetConsoleDisplayMode
HeapDestroy
_lopen
lstrcmpi
EnumDateFormatsA
EnumCalendarInfoExW

w32topl

ToplDeleteSpanningTreeEdges
ToplGraphFindEdgesForMST
ToplHeapDestroy
ToplScheduleIsEqual
ToplEdgeSetVtx
ToplEdgeGetFromVertex
ToplHeapExtractMin
ToplMakeGraphState
ToplScheduleImport
ToplVertexGetId
ToplGraphInit
ToplIterAdvance
ToplHeapIsEmpty
ToplVertexGetOutEdge
ToplGraphSetVertexIter
ToplSTHeapInit
ToplSTHeapAdd
ToplIterFree
ToplScheduleCacheDestroy
ToplListNumberOfElements
ToplScheduleExportReadonly
ToplVertexDestroy
ToplGraphMakeRing
ToplScheduleCacheCreate
ToplEdgeGetToVertex
ToplEdgeAssociate
ToplDeleteGraphState
ToplSTHeapExtractMin
ToplEdgeInit
ToplListSetIter
ToplGraphCreate
ToplEdgeGetWeight
ToplAddEdgeSetToGraph
ToplScheduleMaxUnavailable
ToplPScheduleValid
ToplHeapCreate
ToplHeapIsElementOf
ToplSTHeapCostReduced
ToplEdgeDestroy
ToplGetSpanningTreeEdgesForVtx
ToplIsToplException

sqlsrv32

SQLFetchScroll
SQLNumResultCols
SQLPrimaryKeysW
SQLSetDescRec
BCP_getcolfmt
SQLFreeStmt
SQLBindParameter
SQLGetDescRecW
SQLPutData
SQLFetch
SQLGetData
SQLColumnsW
WizDSNDlgProc
SQLBrowseConnectW
BCP_control
SQLProcedureColumnsW
BCP_collen
BCP_readfmt
ConfigDSNW
SQLSetScrollOptions
SQLCloseCursor
SQLExecDirectW
SQLSpecialColumnsW
SQLParamData
SQLForeignKeysW
SQLGetFunctions
SQLDisconnect

msasn1

ASN1utf8string_free
ASN1BERDecNull
ASN1_CloseEncoder
ASN1open_cmp
ASN1BERDecFlush
ASN1BERDecUTF8String
ASN1BEREncZeroMultibyteString
ASN1BERDecS32Val
ASN1BEREncUTF8String
ASN1_SetDecoderOption
ASN1BERDecEndOfContents
ASN1BEREncOctetString
ASN1CEREncEndBlk
ASN1DecSetError
ASN1BEREncFlush
ASN1BERDecZeroMultibyteString
ASN1BERDecOctetString
ASN1generalizedtime_cmp
ASN1BEREncGeneralizedTime
ASN1CEREncFlushBlkElement
ASN1BEREncU32
ASN1BEREncNull
ASN1_Encode
ASN1CEREncCharString
ASN1BEREncObjectIdentifier
ASN1BEREncBool
ASN1DecRealloc
ASN1_CloseModule
ASN1_CloseDecoder
ASN1CEREncBeginBlk
ASN1BERDecObjectIdentifier
ASN1octetstring_free
ASN1EncSetError
ASN1BERDecExplicitTag
ASN1intx_setuint32
ASN1bitstring_cmp
ASN1charstring_free
ASN1BEREoid2DotVal
ASN1CEREncNewBlkElement

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee5d87259ab0b9c99ea97adff7f35f69

Headers

DLL Characteristics

File Characteristics

Imports

crtdll

msoert2

kernel32

w32topl

sqlsrv32

msasn1

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 188KB - Virtual size: 188KB

.data Size: 296KB - Virtual size: 1.7MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 188KB - Virtual size: 188KB

.data
Size: 296KB - Virtual size: 1.7MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B