44576fb187023288e764a7f69f9b3c051545a49616807d6a4ec35495a32977d0

Sharing

Copy URL

Twitter E-mail

General

Target

44576fb187023288e764a7f69f9b3c051545a49616807d6a4ec35495a32977d0
Size

105KB
MD5

0c9e3bbfa8abd14ee73c127a0fd291a0
SHA1

6aebafd7381911a651967a1b84ff86ec594ccde0
SHA256

44576fb187023288e764a7f69f9b3c051545a49616807d6a4ec35495a32977d0
SHA512

f4c549cece06d5a523b52652c7b66a29fdc53170ea63533281046dd6edbe0e402ffadf9d941cd5038cace6e161e1ae9f5f42e91bdda79f3aa11ec5b47d2a1746
SSDEEP

3072:Ngxtrp5XDMe3VaxiN4qJLmjwa2vrMix4RyAOT:GxrtDpVax9qLEeYix4Yd

Score

N/A

Malware Config

Signatures

Files

44576fb187023288e764a7f69f9b3c051545a49616807d6a4ec35495a32977d0
.exe windows x86

74027d71494afc80803395a395fc04e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetVersionExW
GetUserDefaultLCID
GetModuleHandleW
GetSystemDefaultLCID
InterlockedDecrement
OutputDebugStringA
HeapReAlloc
HeapFree
HeapAlloc
EnterCriticalSection
HeapCompact
LeaveCriticalSection
HeapDestroy
DeleteCriticalSection
HeapCreate
InitializeCriticalSection
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetComputerNameW
GetComputerNameA
GetCurrentThread
GetLastError
GetCurrentProcess
CloseHandle
GetModuleFileNameW
GetModuleFileNameA
FormatMessageW
FormatMessageA
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
ExitProcess

msvcr71

_exit
??1type_info@@UAE@XZ
wcsncmp
_wcsnicmp
strlen
strcpy
wcsncpy
_CxxThrowException
memcpy
_vsnwprintf
wcslen
wcscmp
_wcsicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
__p___initenv
exit
_cexit
_XcptFilter
?terminate@@YAXXZ
_c_exit
_onexit
_ltow
iswspace
printf
__dllonexit
_except_handler3
__security_error_handler
memcmp
strcmp
__CxxFrameHandler

ole32

CoUninitialize
OleUninitialize
CoCreateInstance
OleInitialize

oleaut32

SetErrorInfo
GetErrorInfo
VariantClear
SysFreeString

sqlresld

SQLUIUnloadResourceDLL
SQLUILoadResourceDLL

user32

LoadStringW
LoadStringA

advapi32

GetUserNameA
LookupAccountSidW
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74027d71494afc80803395a395fc04e6

Headers

File Characteristics

Imports

kernel32

msvcr71

ole32

oleaut32

sqlresld

user32

advapi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 228B

.rsrc Size: 73KB - Virtual size: 76KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 228B

.rsrc
Size: 73KB - Virtual size: 76KB