cd09dd5144d432ce38f8c2c1ebf790a5657ad772db27c339d83ea22f0bbbd3f3

Sharing

Copy URL

Twitter E-mail

General

Target

cd09dd5144d432ce38f8c2c1ebf790a5657ad772db27c339d83ea22f0bbbd3f3
Size

838KB
MD5

0c38a9e9e55418944a119490e066cc4a
SHA1

3bd4b1c891d08286e7375387cfa12ffb12f18280
SHA256

cd09dd5144d432ce38f8c2c1ebf790a5657ad772db27c339d83ea22f0bbbd3f3
SHA512

d4bd38190fb1885c49d75aa7366541e1c0cec050c6bf0ab5b9e154ebae91238788ff54f8a4aa09f3adb7c9380be48f754292deabf3bc7b863c0a4042a29b248e
SSDEEP

24576:XX+GDT2HgTKTW5DHyog1qCcWsPcwzer2DiWeR7rsIr:XOGDTi6TmVqcQvzeci1yIr

Score

N/A

Malware Config

Signatures

Files

cd09dd5144d432ce38f8c2c1ebf790a5657ad772db27c339d83ea22f0bbbd3f3
.exe windows x86

bc17d1e83af5d35ba9fa2720b68730d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
FindResourceExA
GetSystemDefaultUILanguage
SetFileShortNameA
GetCPInfoExA
GlobalAlloc
IsValidLocale
EnumSystemCodePagesA
GetPrivateProfileIntA
SetProcessShutdownParameters
GetACP
BuildCommDCBA
LoadLibraryA

sqlwoa

_GetTextExtentPoint32@16
_CommDlg_OpenSave_GetSpec@12
_GetClassInfo@12
_CharUpper@4
_LoadBitmap@8
_SendDlgItemMessage@20
_DefWindowProc@16
ConvertMultiSZNameToW
_GetOpenFileName@4
_trename
newMultiByteFromWideCharSize
_GetTextMetrics@8
_FreeEnvironmentStrings@4
_SetWindowText@8
_CommDlg_OpenSave_GetFilePath@12
_GetFileTitle@12

oleaut32

SafeArrayAllocDescriptor
VarDecFix
VarDecDiv
SafeArrayGetRecordInfo
VarCyFromUI8
GetRecordInfoFromTypeInfo
VariantChangeTypeEx
VarDateFromUI2
VarPow
SafeArrayCreateVector
VarI1FromI4
CreateErrorInfo
VarUI1FromR4
LPSAFEARRAY_UserSize
VarCyFromDate
VarUI1FromR8
LHashValOfNameSysA
VarUI8FromStr
VarBstrFromR4
VarR8FromStr

w32topl

ToplDeleteSpanningTreeEdges
ToplScheduleMaxUnavailable
ToplAddEdgeToGraph
ToplIsToplException
ToplVertexGetId
ToplScheduleImport

advapi32

RegQueryValueA
QueryServiceObjectSecurity
CredReadA
WmiQueryAllDataA
EncryptedFileKeyInfo

Sections

.text
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc17d1e83af5d35ba9fa2720b68730d6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

sqlwoa

oleaut32

w32topl

advapi32

Sections

.text Size: 389KB - Virtual size: 388KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 165KB - Virtual size: 1.5MB

.rsrc Size: 161KB - Virtual size: 161KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 389KB - Virtual size: 388KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 165KB - Virtual size: 1.5MB

.rsrc
Size: 161KB - Virtual size: 161KB

.reloc
Size: 1KB - Virtual size: 1KB