dab5567a226b31462d9d4e222b7eab77b67c380615ae5801632f8be700851bad

Sharing

Copy URL Twitter E-mail

General

Target

dab5567a226b31462d9d4e222b7eab77b67c380615ae5801632f8be700851bad
Size

852KB
MD5

527472b94b1f763d9284bd898c6f37e0
SHA1

5625ddf3b9c981f7862101c4d706812806723f47
SHA256

dab5567a226b31462d9d4e222b7eab77b67c380615ae5801632f8be700851bad
SHA512

7bf598c111b8d0b41e8f03f8c036cb7063a35bf0b375acf124ec49086280eb1e6aa2ac2490b105965390392637e8f95f397e88964d3b17c7b41b65041b053617
SSDEEP

24576:jFbq7A41meLwqZmD4O8jXjyjh3aW1XV99Pr3:jFbqnmeLJZmOrjgL1F

Score

N/A

Malware Config

Signatures

Files

dab5567a226b31462d9d4e222b7eab77b67c380615ae5801632f8be700851bad
.exe windows x86

1e7334867bb5fe2633c789bef30b7b11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetTimeFormat_@24
_VkKeyScanEx_@8
_StartDoc@8
_DlgDirListComboBox_@20
_RegUnLoadKey_@8
_OemToChar_@8
_WritePrivateProfileStruct_@20
_SendNotifyMessage_@16
_CharUpperBuff_@8
_RegSetValueEx_@24
_GetTextMetrics@8
_BuildCommDCBAndTimeouts_@12
_SetDlgItemText@12
_SetWindowText@8
_EnumFontFamilies_@16
_DragQueryFile_@16
AbortSystemShutdown_
_RegCreateKey_@12
_DefineDosDevice_@12

sxs

SxsUninstallW
SxsInstallW
SxspGenerateManifestPathOnAssemblyIdentity
SxsProbeAssemblyInstallation
SxsRunDllInstallAssembly
SxsBeginAssemblyInstall
SxsRunDllInstallAssemblyW
SxsOleAut32RedirectTypeLibrary
CreateAssemblyCache
CreateAssemblyNameObject
SxsEndAssemblyInstall
SxsOleAut32MapReferenceClsidToConfiguredClsid
SxsGenerateActivationContext
SxsQueryManifestInformation

msvcrt

_CIcosh
_access
_inpw
_adj_fdivr_m32i
_waccess
log10
_fgetwchar
iswalpha
_y0
_wopen
_strset
_locking
feof
_ftol
_mbcjistojms
__getmainargs
__p__pgmptr
_wfindnexti64
_mbctoupper
atan2
_chsize
_adj_fdiv_m64

kernel32

GetStartupInfoA
RegisterConsoleVDM
GetCommTimeouts
VirtualAlloc
FindCloseChangeNotification
InterlockedDecrement
LocalAlloc
IsValidLocale
lstrcmpiA
WaitForMultipleObjectsEx
UnhandledExceptionFilter
FoldStringW
FindFirstVolumeMountPointA
LoadLibraryA
SwitchToFiber
ReadConsoleInputW
ExpungeConsoleCommandHistoryA
GetCommProperties
FillConsoleOutputAttribute
GetSystemTimeAsFileTime

wininet

CreateUrlCacheGroup
InternetFortezzaCommand
GopherGetLocatorTypeA
InternetClearAllPerSiteCookieDecisions
InternetGoOnlineA
ShowClientAuthCerts
UnlockUrlCacheEntryFile
IncrementUrlCacheHeaderData
GopherFindFirstFileA
HttpEndRequestW
CreateUrlCacheContainerA
FindNextUrlCacheEntryW
FindNextUrlCacheEntryExW
InternetEnumPerSiteCookieDecisionA
DeleteUrlCacheContainerA
InternetConfirmZoneCrossing

shlwapi

StrNCatW
SHDeleteValueW
PathIsUNCA
UrlIsNoHistoryW
SHDeleteOrphanKeyW
SHRegDeleteUSValueW
StrCSpnW
SHRegQueryInfoUSKeyW
SHEnumValueA
StrDupA
PathIsDirectoryA
PathQuoteSpacesA
PathRemoveFileSpecA
PathUndecorateA
PathSearchAndQualifyW
UrlCreateFromPathW
PathIsUNCServerShareA
SHEnumValueW
PathIsURLW
AssocQueryStringByKeyW
PathCompactPathW
StrStrIA

Sections

.text
Size: 727KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e7334867bb5fe2633c789bef30b7b11

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

sxs

msvcrt

kernel32

wininet

shlwapi

Sections

.text Size: 727KB - Virtual size: 727KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 4KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 727KB - Virtual size: 727KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 4KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB