a9428f1a0a6908a13cc5be2a9ac5471d4efda6714f823664b49abe07e6ef186e

Sharing

Copy URL Twitter E-mail

General

Target

a9428f1a0a6908a13cc5be2a9ac5471d4efda6714f823664b49abe07e6ef186e
Size

388KB
MD5

004c3a3a82d3e557a7735754c6113d60
SHA1

2de129a52f1b2fd1e2c47407d71ae6ac736599af
SHA256

a9428f1a0a6908a13cc5be2a9ac5471d4efda6714f823664b49abe07e6ef186e
SHA512

ade882ca27ebf53062449ddcdeee003704e4db45dfd4dd82145bf9f6af5bcde53084a96d071fe48bb0773f29672f94857d15c3e37011aead2c05cb2fe8707fc6
SSDEEP

6144:iHFIVerwxeGAVDD+nFssQUm++/ICSOEt5zpaiRhcuGE07v689XZyT:iHWVerS0DDGFsseQ8wNxRhTKj689XZy

Score

N/A

Malware Config

Signatures

Files

a9428f1a0a6908a13cc5be2a9ac5471d4efda6714f823664b49abe07e6ef186e
.exe windows x86

f06b45c20e943155627c747090d799a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FindClose
FindNextFileW
FindFirstFileW
GetLocalTime
FormatMessageA
GetLastError
MultiByteToWideChar
GetTempFileNameA
GetTempPathA
GetTempFileNameW
GetTempPathW
GetVersion
WideCharToMultiByte
CloseHandle
GetFileType
GetUserDefaultLCID
GetTimeFormatA
GetDateFormatA
CreateDirectoryA
FormatMessageW
CopyFileW
GetFileAttributesA
GetFileAttributesW
GetSystemTime
GetFileTime
GetSystemTimeAsFileTime
DeleteFileW
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
ExitProcess
GetModuleHandleW
GetTimeFormatW
CreateFileW
GetDateFormatW
GetCurrentProcessId

msvcr71

wprintf
_wsetlocale
__CxxFrameHandler
??3@YAXPAX@Z
wcscpy
wcstoul
wcsncpy
fwprintf
difftime
_wcsicmp
memset
_wcsrev
wcschr
fflush
mktime
memcpy
puts
printf
_strrev
fputws
_putws
??_U@YAPAXI@Z
fclose
remove
_wremove
fopen
_wfopen
strcat
iswdigit
_wrename
memcmp
??2@YAPAXI@Z
_purecall
_snwprintf
free
realloc
qsort
rand
srand
memmove
_except_handler3
__security_error_handler
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
__p___winitenv
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
swprintf
time
localtime
wcscat
wcsncat
wcslen
??_V@YAXPAX@Z
_wtol
wcscmp
_vsnwprintf

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

user32

LoadStringA
LoadStringW
wsprintfW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
SysFreeString

sqlresld

SQLUILoadResourceDLL
SQLUIUnloadResourceDLL

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.�tXJ�
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f06b45c20e943155627c747090d799a3

Headers

File Characteristics

Imports

kernel32

msvcr71

advapi32

user32

ole32

oleaut32

sqlresld

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 4KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 1KB

.�tXJ� Size: 224KB - Virtual size: 224KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 4KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 1KB

.�tXJ�
Size: 224KB - Virtual size: 224KB