f09fb967714e496b4428eef0ef9a7976859593b2faeb63a73a504f59175cdc92

Sharing

Copy URL Twitter E-mail

General

Target

f09fb967714e496b4428eef0ef9a7976859593b2faeb63a73a504f59175cdc92
Size

826KB
MD5

0c3c33469c5e8f2196c24e478714422c
SHA1

272181474a536589fbc0e54086aa4bae34b9ea7a
SHA256

f09fb967714e496b4428eef0ef9a7976859593b2faeb63a73a504f59175cdc92
SHA512

fdd44557c3c20543a3a447b507b3b3383f03ea5622c5ae7b3c22f55713b5ff025c1ca0b6b4f0bf7510d7d929d31a3312a8632ad40f302406d2e57b57e9a0a5c9
SSDEEP

24576:Kvhisy+QL49jYD0BjGq/jx0g6Akc7VuZnW9K:EBwzsaYpVuk9K

Score

N/A

Malware Config

Signatures

Files

f09fb967714e496b4428eef0ef9a7976859593b2faeb63a73a504f59175cdc92
.exe windows x86

beea16980e1eaff5fc2d5fd9e39e685c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DdEntry8
GdiEntry2
SetWindowOrgEx
GetStockObject
GetTextCharacterExtra
GetROP2
GdiCreateLocalMetaFilePict
OffsetClipRgn
GdiRealizationInfo
DdEntry35
AbortPath
SetTextColor
TranslateCharsetInfo
PlayMetaFileRecord
ExtTextOutA
GetBitmapDimensionEx
SetBkMode
GdiConvertFont

kernel32

VirtualProtectEx
SetConsoleInputExeNameW
OpenFileMappingA
GetCalendarInfoW
LoadLibraryW
PostQueuedCompletionStatus
GetSystemPowerStatus
GetCurrentThread
GetLocaleInfoW
IsBadStringPtrA
DefineDosDeviceA
GetModuleHandleW
HeapCreate
GetConsoleCommandHistoryA
SetConsoleLocalEUDC
SystemTimeToTzSpecificLocalTime
GlobalGetAtomNameW

ntdll

RtlUnhandledExceptionFilter
NtMapUserPhysicalPages
ZwRenameKey
NtQueryFullAttributesFile
NtQueueApcThread
RtlZeroHeap
NtReleaseSemaphore
NtCreateSection
ZwQueryIoCompletion
NtStopProfile
_strcmpi
RtlSetEnvironmentVariable
NtRequestPort
NtTestAlert
RtlExtendedLargeIntegerDivide
ZwAllocateLocallyUniqueId
wcsncpy
KiUserCallbackDispatcher
_i64tow
NtSetIntervalProfile
RtlResetRtlTranslations
ZwQueryPerformanceCounter
NtQueryInstallUILanguage
RtlDumpResource
towlower
RtlFreeUnicodeString
RtlIsDosDeviceName_U
RtlApplyRXact
ZwQueryEaFile
RtlSetCriticalSectionSpinCount
NtWaitForSingleObject

odbc32

SQLForeignKeysA
SQLGetTypeInfoA
SQLExtendedFetch
SQLSetConnectAttrW
SQLColAttributeA
SQLErrorA
SQLColAttribute
SQLDriversA
PostODBCError
SQLErrorW
SQLGetInfo
SQLSetConnectAttr
SQLGetEnvAttr
LockHandle
SQLGetInfoW
SQLTablePrivilegesA
SQLParamOptions
SQLBrowseConnectW
SQLDataSourcesW
SQLGetData
SQLSetStmtAttr
SQLEndTran
SQLProceduresA
ODBCSetTryWaitValue

samlib

SamTestPrivateFunctionsUser
SamSetMemberAttributesOfGroup
SamLookupDomainInSamServer
SamQueryInformationDomain
SamCreateGroupInDomain
SamOpenUser
SamiSetBootKeyInformation
SamConnect
SamEnumerateGroupsInDomain
SamChangePasswordUser3
SamRidToSid
SamGetMembersInAlias
SamRemoveMemberFromAlias
SamAddMultipleMembersToAlias
SamGetAliasMembership
SamDeleteGroup
SamTestPrivateFunctionsDomain

crypt32

RegQueryInfoKeyU
CertSerializeCTLStoreElement
CertSerializeCertificateStoreElement
CryptSetProviderU
I_CryptReleaseLruEntry
CryptExportPublicKeyInfo
CertRegisterSystemStore
CryptLoadSip
CertOpenStore
CertStrToNameW

oleaut32

LPSAFEARRAY_UserFree
VarI1FromR8
VarI2FromUI2
VarUI2FromDate
VarDateFromUdate
SetOaNoCache
LPSAFEARRAY_Unmarshal
VarDateFromDec
VarR8FromDate
VarBoolFromUI1
GetRecordInfoFromTypeInfo
SafeArrayPutElement
VarUI1FromI4
VarUI1FromStr
VarI8FromStr
VarBoolFromStr
OleLoadPictureFileEx
VarCyFromI8
VariantTimeToSystemTime
VarI4FromR4
VarDecSub
VarBoolFromI4
VarR8FromI8
VarUI2FromUI8
VarI8FromI1

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

beea16980e1eaff5fc2d5fd9e39e685c

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ntdll

odbc32

samlib

crypt32

oleaut32

Sections

.text Size: 390KB - Virtual size: 390KB

.rdata Size: 146KB - Virtual size: 145KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 130KB - Virtual size: 129KB

.reloc Size: 1024B - Virtual size: 872B

.text
Size: 390KB - Virtual size: 390KB

.rdata
Size: 146KB - Virtual size: 145KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 130KB - Virtual size: 129KB

.reloc
Size: 1024B - Virtual size: 872B