aa3a28383699a465c30cd40fb560d1e342ee1c40f05f87b87d477f016934a891

Sharing

Copy URL Twitter E-mail

General

Target

aa3a28383699a465c30cd40fb560d1e342ee1c40f05f87b87d477f016934a891
Size

128KB
MD5

0430144958c73b24507412e63b4c7d30
SHA1

b9e58f49b2c904b3e371543c774f04b27e4bb673
SHA256

aa3a28383699a465c30cd40fb560d1e342ee1c40f05f87b87d477f016934a891
SHA512

75cd2c8c7e4c73aa08cbc20f4901c1540f9db29d2c4a070bc9738c0e59b4ffd74cf8b7b83bb6b56b774e77cb65aadd78f2e3c8d2f45f3d6c710014183ad07b41
SSDEEP

1536:9xcLANfcCWvPkJzwrmm0VNxkUstQKW1sNiebFBnHtkBqq+F5DORLPC+bfoQkYZc6:9xVeCrJz0DQKRiexZtF5DILP/kYXE4

Score

N/A

Malware Config

Signatures

Files

aa3a28383699a465c30cd40fb560d1e342ee1c40f05f87b87d477f016934a891
.exe windows x86

178beb39249ef6df426ab16cbfc8037e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetWindowsDirectoryW
GetStartupInfoA
ExitProcess
MapViewOfFile
UnmapViewOfFile
lstrlenA
LoadLibraryA
CreateEventA
SetLastError
WaitForSingleObject
GetSystemDirectoryW
GetLastError
OpenEventA
LoadLibraryW
GetTickCount
lstrcpyW
lstrcatW
FreeLibrary
GetVersionExW
GetVersionExA
GetModuleHandleA
GetProcAddress
GetCommandLineW
GetModuleFileNameW
lstrcpynW
lstrlenW
GetPrivateProfileStringW
CreateThread
GetExitCodeThread
MultiByteToWideChar
CloseHandle
GetFileSize
SetFilePointer
Sleep
HeapAlloc
GetVersion
LoadResource
LockResource
HeapFree
GetProcessHeap
WriteFile
WideCharToMultiByte
QueryPerformanceCounter

user32

RegisterClassExA
MessageBoxA
UpdateWindow
GetClientRect
GetDesktopWindow
GetWindowRect
GetDlgItem
SetWindowTextA
PostQuitMessage
TranslateMessage
DestroyWindow
SetWindowPos
LoadCursorA
LoadIconA
wsprintfW
wsprintfA
ClientToScreen
GetSystemMetrics
MoveWindow
ShowWindow

gdi32

DeleteObject

advapi32

CloseServiceHandle
AllocateAndInitializeSid
LookupAccountSidW
FreeSid
RegOpenKeyA
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
QueryServiceStatus
DeleteService
ControlService

ole32

CoTaskMemAlloc
CoTaskMemFree

odbc32

ord75
ord135
ord141
ord24
ord31
ord111
ord9
ord136

sqlunirl

_MAKEINTRESOURCE@4
_MessageBox@16
_SendMessage@16
_LoadString@16
_CreateFile@28
_SetWindowText@8
_DefWindowProc@16
_CreateFontIndirect@4
_GetComputerName@8
_DeleteFile@4
_GetProcAddress_@8
_LoadLibrary@4
_GetUnicodeRedirectionLayer@0
_FindResource@12

msvcr71

__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_onexit
_exit
_c_exit
?terminate@@YAXXZ
__security_error_handler
setlocale
_wtoi
swprintf
vswprintf
_wcsupr
_wcsnicmp
_purecall
_controlfp
_XcptFilter
??3@YAXPAX@Z
_except_handler3
malloc
free
strstr
strncpy
??_V@YAXPAX@Z
wcsstr
??_U@YAPAXI@Z
wcsncpy
wcsncat
__CxxFrameHandler
??2@YAPAXI@Z
wcslen
_wcsicmp
_stricmp
wcscat
wcscpy
_ltoa
wcsrchr

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

178beb39249ef6df426ab16cbfc8037e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

odbc32

sqlunirl

msvcr71

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 140B

.rsrc Size: 76KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 140B

.rsrc
Size: 76KB - Virtual size: 76KB