6e6cf13db671c6549d83485d5d7f70f26eac5b41edf8148db752aa097783b714

Sharing

Copy URL Twitter E-mail

General

Target

6e6cf13db671c6549d83485d5d7f70f26eac5b41edf8148db752aa097783b714
Size

692KB
MD5

0d56b4749a62fe8a4014d0bbd7df9bb4
SHA1

fc54b04d2eaa7f3037598421fedde5d5053d531b
SHA256

6e6cf13db671c6549d83485d5d7f70f26eac5b41edf8148db752aa097783b714
SHA512

cc9e838d492f28b37477a34518a45ae02cc6f7114f1a12aadb11aa676447b9c7001c91cb024b2701ef651d60bcef188119301f9c93a1395f73240eeda78244d3
SSDEEP

12288:7vQ8JJoUKqZA/BzMTVpOrQe4Sb+Vwz552gMPqHzl4HnNJ+GKMfPCXtqRxQde:bQ8JJoUKKcI5pOUe4Sb+yH2yzl4t/KM5

Score

N/A

Malware Config

Signatures

Files

6e6cf13db671c6549d83485d5d7f70f26eac5b41edf8148db752aa097783b714
.exe windows x86

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

VFreeErrors
PostODBCError
SQLDriversA
SearchStatusCode
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
PostODBCComponentError
ValidateErrorQueue
LockHandle
CursorLibTransact
CursorLibLockDbc
CursorLibLockStmt

kernel32

InterlockedDecrement
OpenFile
CreateWaitableTimerA
CancelIo
Process32Next
HeapSize
SizeofResource
InterlockedExchange
GetVolumePathNameW
GetDiskFreeSpaceW
GetConsoleMode
SetCurrentDirectoryA
GetTempPathW
FindAtomW
UnlockFileEx
VirtualAlloc
VirtualProtectEx
WriteProcessMemory
SetFilePointerEx
OpenEventA

advapi32

CloseEncryptedFileRaw
LsaFreeMemory
QueryRecoveryAgentsOnEncryptedFile
ReportEventA
TreeResetNamedSecurityInfoW
RegisterTraceGuidsW
RegisterServiceCtrlHandlerExW
SystemFunction036
InitiateSystemShutdownW
WmiFileHandleToInstanceNameW
ObjectCloseAuditAlarmW
LookupPrivilegeNameW
SetSecurityDescriptorOwner
AreAnyAccessesGranted
AddUsersToEncryptedFile
RegSaveKeyW
EnableTrace
RegSetValueW
RegSetValueA
GetServiceKeyNameW
AddAuditAccessAce
TraceMessage
SetSecurityDescriptorSacl
CryptDeriveKey
AddAccessDeniedObjectAce
GetCurrentHwProfileA
GetSecurityDescriptorLength
IsWellKnownSid
ConvertSecurityDescriptorToStringSecurityDescriptorW
QueryServiceConfigW
GetFileSecurityA
RegQueryInfoKeyW
GetKernelObjectSecurity
RegDeleteValueW

winmm

OpenDriver
mciDriverYield
mciDriverNotify
waveOutMessage
mmioAscend
waveInStop
midiOutSetVolume
mciGetErrorStringW
mciSendCommandW
mciLoadCommandResource
mciSendStringA
midiStreamPosition
timeBeginPeriod
mciGetDriverData
timeSetEvent

shell32

SHGetMalloc
SHInvokePrinterCommandW
SHGetSpecialFolderLocation
ShellAboutW
SHOpenFolderAndSelectItems
SHGetSpecialFolderPathA
DragQueryFileW
DragQueryFileA
ExtractIconA
SHCreateDirectoryExW
SHBindToParent
SHFormatDrive
SHFileOperationA

Sections

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 348KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 272KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c69b4ddcb713866e6672e41623e888a

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

kernel32

advapi32

winmm

shell32

Sections

.edata Size: 4KB - Virtual size: 3KB

.edata Size: 9KB - Virtual size: 9KB

.text Size: 14KB - Virtual size: 317KB

.idata Size: 348KB - Virtual size: 456KB

.idata Size: 272KB - Virtual size: 467KB

.rsrc Size: 43KB - Virtual size: 42KB

.edata
Size: 4KB - Virtual size: 3KB

.edata
Size: 9KB - Virtual size: 9KB

.text
Size: 14KB - Virtual size: 317KB

.idata
Size: 348KB - Virtual size: 456KB

.idata
Size: 272KB - Virtual size: 467KB

.rsrc
Size: 43KB - Virtual size: 42KB