516ae83233508e4247c1b8b3db34976add2a22a779582198750d96ef6a7fc5c8

Sharing

Copy URL Twitter E-mail

General

Target

516ae83233508e4247c1b8b3db34976add2a22a779582198750d96ef6a7fc5c8
Size

826KB
MD5

0cb4a88e0756fa47b0c3c63ea667cef0
SHA1

3d23a70a023258849eb8282b4b9794b6ab635f79
SHA256

516ae83233508e4247c1b8b3db34976add2a22a779582198750d96ef6a7fc5c8
SHA512

e462b92e49fcc8d8474a0e48b743dbff7233a9bc03e7c779157f1e44a34435b64e1b364b2968edec1d8cd8f1dc4a6d90d5c32bb0ef54d82b9264ce1c99397163
SSDEEP

24576:v6QTr97R1pkmMlD4OV4+s8WGt8jtUQs2bczuQJj:v6Ql1fHMlHyY8jttXYC0j

Score

N/A

Malware Config

Signatures

Files

516ae83233508e4247c1b8b3db34976add2a22a779582198750d96ef6a7fc5c8
.exe windows x86

a9a6fccbe7ec1a0739fc23f77ec540ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

?_query_new_handler@@YAP6AHI@ZXZ
memchr
vprintf
_findclose
exit
__RTtypeid
??0bad_cast@@QAE@ABV0@@Z
__getmainargs
_memicmp
??_7exception@@6B@
iswpunct
_mbsncmp
_safe_fdivr
iswupper
wcsftime
_ismbbkalnum
??0bad_cast@@QAE@PBD@Z
strcpy
_strlwr
__set_app_type
_mbbtombc
_i64toa
sinh
__unDName
_adj_fdiv_m16i
_mbsnbicoll
_statusfp
__p___initenv
_i64tow
_seh_longjmp_unwind
_wstrtime
rename
strcmp
_strdup
_winminor
ungetwc
wcsxfrm
_adj_fdivr_m64
_mbsnbicmp
strtok
fseek
_isnan
__p__commode

oleaut32

VarDecFromUI1
VarR4FromR8
VarDateFromBool
VarUI2FromStr
SafeArrayAllocDescriptor
VarUI2FromI1
VarDateFromI1
SysAllocString
SafeArrayGetVartype
OleTranslateColor
SysAllocStringLen
VarI2FromI8
SafeArrayCreate
VarUI4FromI8
VarI2FromStr
VarR8FromDisp

kernel32

InitializeCriticalSection
SetThreadLocale
OpenFileMappingA
SetHandleContext
SetCalendarInfoA
QueryPerformanceCounter
LoadLibraryW
GetLocaleInfoW
GetModuleHandleW
GetConsoleCP
GetCurrentThread
PeekConsoleInputW
GetPriorityClass
TryEnterCriticalSection

sqlunirl

_QueryDosDevice_@12
_LoadCursorFromFile_@4
_PropertySheet_@4
_NDdeGetTrustedShare_@20
_GlobalGetAtomName_@12
_lstrcpyn_@12
_GetDlgItemText@16
_CreateIC_@16
_GetCharABCWidths_@16
_lstrcmpi_@8
_CreateDesktop_@24
_UnregisterClass_@8
_NDdeShareAdd_@20
_GetWindowLong@8

wmi

ControlTraceA
StartTraceW
RegisterTraceGuidsW
WmiFileHandleToInstanceNameA
SetTraceCallback
TraceEvent
WmiSetSingleItemA
WmiFreeBuffer
WmiQueryAllDataW
WmiDevInstToInstanceNameW
QueryAllTracesA
WmiNotificationRegistrationA
WmiExecuteMethodW
WmiOpenBlock
WmiMofEnumerateResourcesW
CloseTrace
RegisterTraceGuidsA

user32

DefWindowProcA
RegisterClassA
PostQuitMessage

Sections

.text
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9a6fccbe7ec1a0739fc23f77ec540ce

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

oleaut32

kernel32

sqlunirl

wmi

user32

Sections

.text Size: 363KB - Virtual size: 362KB

.rdata Size: 105KB - Virtual size: 105KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 175KB - Virtual size: 174KB

.reloc Size: 1024B - Virtual size: 800B

.text
Size: 363KB - Virtual size: 362KB

.rdata
Size: 105KB - Virtual size: 105KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 175KB - Virtual size: 174KB

.reloc
Size: 1024B - Virtual size: 800B