85368879bcbcdee7864c96b80f9cd11fad7b907af22e1a789a440f583b8cba27

Sharing

Copy URL Twitter E-mail

General

Target

85368879bcbcdee7864c96b80f9cd11fad7b907af22e1a789a440f583b8cba27
Size

292KB
MD5

08cde06233f3e0c1ac344a622047052f
SHA1

5f62776fafac8d2beede0ab0a66b42cf8272b628
SHA256

85368879bcbcdee7864c96b80f9cd11fad7b907af22e1a789a440f583b8cba27
SHA512

21e9a21d53067737aa22b5e45dc1dd5c0c9356fba99cbc445dd0eb5e0c7a69a7e957f420ceb2f1d32b5eeb87f70bd971c3c6b396e11ab9781e6d959bab030dec
SSDEEP

6144:Pd0Ddgr3ZGzLI2hXWaBn4GgmRhXjxS6fgALAo4pg+dF6vuNxQSyYZ:FIdfzE2lBFr5zg8Sr

Score

N/A

Malware Config

Signatures

Files

85368879bcbcdee7864c96b80f9cd11fad7b907af22e1a789a440f583b8cba27
.exe windows x86

da4e0f774b640455ee7aa7311f0fe566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateThread
GlobalFree
OpenMutexA
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
IsDBCSLeadByte
SetFilePointer
ReadFile
CreateFileA
CopyFileA
GetCurrentProcess
GetPrivateProfileSectionA
LocalFree
FormatMessageA
GetModuleFileNameA
MulDiv
GetFileAttributesA
CreateDirectoryA
FindClose
FindFirstFileA
FindNextFileA
lstrcmpA
GetPrivateProfileStringA
ExpandEnvironmentStringsA
lstrcpyA
SetLastError
CreateMutexA
GetLastError
lstrcatA
lstrcmpiA
GetPrivateProfileIntA
CreateProcessA
CloseHandle
WaitForSingleObject
GetExitCodeProcess
lstrcpynA
GetSystemDefaultLCID
GetVersionExA
GetOEMCP
GetStringTypeA
GetStringTypeW
GetACP
HeapAlloc
LCMapStringW
GetCPInfo
IsBadWritePtr
lstrlenA
LCMapStringA
WriteFile
HeapFree
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
VirtualFree
GetFileType
GetStdHandle
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
TerminateProcess
ExitProcess
UnhandledExceptionFilter
GetCommandLineA
GetStartupInfoA
GetVersion
RtlUnwind
IsBadCodePtr
VirtualAlloc
GetModuleHandleA
HeapReAlloc
IsBadReadPtr
MultiByteToWideChar

user32

DefWindowProcA
EndPaint
GetWindowRect
SetWindowPos
GetSysColor
GetSystemMetrics
BeginPaint
GetWindowLongA
SetWindowLongA
RegisterClassA
LoadCursorA
UpdateWindow
CreateWindowExA
SetForegroundWindow
DestroyWindow
InvalidateRect
ShowWindow
wsprintfA
UnregisterClassA
MessageBoxA
CharNextA
LoadStringA
ExitWindowsEx
DispatchMessageA
TranslateMessage
PostMessageA
FindWindowA
MsgWaitForMultipleObjects
PeekMessageA
ReleaseDC
GetDC

gdi32

TextOutA
SetTextColor
SetBkMode
SelectObject
CreateFontIndirectA
GetDeviceCaps
AddFontResourceA
RemoveFontResourceA
GetTextExtentPoint32A

advapi32

EqualSid
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
FreeSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteKeyA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoGetMalloc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

PlaySoundA

sqlresld

SQLUIUnloadResourceDLL
SQLUILoadResourceDLL

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

p$�
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da4e0f774b640455ee7aa7311f0fe566

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

winmm

sqlresld

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 144KB - Virtual size: 140KB

p$� Size: 80KB - Virtual size: 80KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 144KB - Virtual size: 140KB

p$�
Size: 80KB - Virtual size: 80KB