7c34517fe31c2919110638c3b3ff42f41907d29f55e8d787e33a7b31a334c37d

Sharing

Copy URL Twitter E-mail

General

Target

7c34517fe31c2919110638c3b3ff42f41907d29f55e8d787e33a7b31a334c37d
Size

826KB
MD5

04291d39c90cc63c05d63b7dc5f62269
SHA1

9e03b8081a2efde9a5138615e5631df2346eb481
SHA256

7c34517fe31c2919110638c3b3ff42f41907d29f55e8d787e33a7b31a334c37d
SHA512

7cff8468f340fc9f799c14a2f39c5936a447ea80354f717b8324ef0ecc8ff61f3d5e6dd8f1e2b030d77e9b6e54969c5fe2f53789f50baad24ef41b2a2a8f3328
SSDEEP

24576:o4Oh8w9nhq24UQhLRGyJbajnHxyHktiSDb2kAzPhL3mIh:o4Oty2FQhLFRknHkEFikAzZRh

Score

N/A

Malware Config

Signatures

Files

7c34517fe31c2919110638c3b3ff42f41907d29f55e8d787e33a7b31a334c37d
.exe windows x86

09baeb54e4318a4042322bd0be741ebd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
EnumDateFormatsA
SetDefaultCommConfigW
SetLastError
GetTickCount
GetLastError
MapViewOfFile
PrivCopyFileExW
SetEnvironmentVariableA
CreateMailslotW
QueryDepthSList
lstrlenW
OpenProcess
EnterCriticalSection
RequestWakeupLatency
PeekNamedPipe
LoadLibraryW
GetVolumePathNamesForVolumeNameW
EnumerateLocalComputerNamesA
Process32FirstW
GetExitCodeThread
GetProfileIntA
WriteFileEx
GetTimeZoneInformation
IsBadStringPtrA
SetVolumeLabelW

msvcrt

_CIsqrt
_mbschr
abort
??0bad_cast@@AAE@PBQBD@Z
_ctype
tolower
__set_app_type
_fmode
__CxxCallUnwindDtor
_wpgmptr
_strrev
exit
wcsncmp
signal
_kbhit
__p__winminor
??1type_info@@UAE@XZ
__p__commode
_sleep
_mbsncat
__getmainargs
_getws
__p__fmode
_ecvt
?set_terminate@@YAP6AXXZP6AXXZ@Z

shlwapi

SHRegGetBoolUSValueA
StrCatChainW
GetMenuPosFromID
PathIsSystemFolderA
SHRegGetPathA
UrlApplySchemeA
SHRegSetUSValueA
HashData
SHCopyKeyW
UrlEscapeW
PathSetDlgItemPathA
SHLoadIndirectString
PathMakePrettyA
StrCatBuffW
PathAddBackslashW
PathIsUNCServerShareA
StrToIntExW
PathFindFileNameW
UrlGetLocationW
StrRetToBufW
SHSkipJunction
PathRelativePathToA
StrCpyW
StrCSpnA
SHDeleteEmptyKeyA
PathIsContentTypeA
AssocQueryStringA
UrlUnescapeA
UrlIsNoHistoryW
PathGetArgsA

adsldpc

SchemaGetPropertyInfoByIndex
LdapCompareExt
ADSIExecuteSearch
SchemaGetClassInfo
ADsEncodeBinaryData
LdapSearchInitPage
BuildADsPathFromLDAPPath2
LdapSearchExtS
ADsSetObjectAttributes
PathName
FreeObjectInfo
LdapModifyS
ADsGetNextRow
LdapCloseObject

sqlunirl

_CharToOemBuff_@12
_GrayString_@36
_ReadEventLog_@28
_GetEnvironmentVariable_@12
_NDdeIsValidShareName_@4
_NDdeGetTrustedShare_@20
_CopyEnhMetaFile_@8
_RegSetValue_@20
_CreateStatusWindow_@16
_GetClassInfo@12
_SetWindowsHook_@8

shell32

StrRChrIW
StrRChrA
SHAddToRecentDocs
ExtractIconA
StrRStrW
DllGetVersion
SHGetIconOverlayIndexA
SheGetDirA
SHIsFileAvailableOffline
ShellAboutW
InternalExtractIconListW
RealShellExecuteA
SHEmptyRecycleBinA
FreeIconList
SHOpenFolderAndSelectItems
InternalExtractIconListA
SHGetSpecialFolderLocation
DllUnregisterServer
Options_RunDLLA
CheckEscapesW
SHCreateDirectoryExW
Options_RunDLL

user32

EndDialog

Sections

.text
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09baeb54e4318a4042322bd0be741ebd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shlwapi

adsldpc

sqlunirl

shell32

user32

Sections

.text Size: 380KB - Virtual size: 380KB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 1024B - Virtual size: 920B

.text
Size: 380KB - Virtual size: 380KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 1024B - Virtual size: 920B