89e9a2a7084b03c9ba58b67eb892ceb021b0e6b85e9f969c38c280ab7e0592ba

Sharing

Copy URL Twitter E-mail

General

Target

89e9a2a7084b03c9ba58b67eb892ceb021b0e6b85e9f969c38c280ab7e0592ba
Size

59KB
MD5

0f2a9b3f3109ea684b662cf3c9fd001a
SHA1

fdf04413b9a480f5bffbae6505499a758d247339
SHA256

89e9a2a7084b03c9ba58b67eb892ceb021b0e6b85e9f969c38c280ab7e0592ba
SHA512

a6d3611463b0a64963ee5245df35a8ce2bd4ad0b66065aa081c6750eab34eccc7260ccbba1faa563f9ac8178d0be01e0fad5b2ad2b5e01f76eef57b5e0e7e068
SSDEEP

1536:Uje9HdUVcT8sOKKU8su0YA1HrajF8pGplU2O87:hNdU9O8sKklG7U2O8

Score

N/A

Malware Config

Signatures

Files

89e9a2a7084b03c9ba58b67eb892ceb021b0e6b85e9f969c38c280ab7e0592ba
.exe windows x86

6bab51a4a19de8f5559363ff38c769b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
lstrcmpiA
SwitchToThread
LZOpenFileA
ReadDirectoryChangesW
ClearCommBreak
CreateToolhelp32Snapshot
GetConsoleAliasExesW
EnumResourceNamesW
SetCommBreak
GetProcessHeaps
DisconnectNamedPipe
GetSystemTimeAsFileTime
VirtualAlloc
FindFirstVolumeA
GlobalFlags
FindCloseChangeNotification
QueryDosDeviceW
SetLastError
SwitchToFiber
GetBinaryTypeW
GetPrivateProfileStringW
RtlCaptureStackBackTrace
LocalShrink
GetStartupInfoW
InitializeCriticalSection
GlobalHandle
lstrlenW
DebugBreakProcess
FreeEnvironmentStringsW
GetStdHandle
GetCommState
CreateThread
lstrcatA
SetVolumeLabelA
SetComPlusPackageInstallStatus
GetACP
ExitVDM
EnumTimeFormatsW
LoadLibraryA
GetDefaultCommConfigW
GlobalReAlloc

odbctrac

TraceSQLProcedureColumns
TraceSQLSetConnectAttrW
TraceSQLFetchScroll
TraceSQLSpecialColumnsW
TraceOpenLogFile
FireVSDebugEvent
TraceSQLConnectW
TraceSQLGetDescRec
TraceSQLNativeSql
TraceSQLGetTypeInfo
TraceSQLMoreResults
TraceSQLGetCursorName
TraceSQLRowCount
TraceSQLSetStmtAttr
TraceSQLGetInfo
TraceSQLAllocEnv
TraceSQLGetConnectAttrW
TraceSQLSetScrollOptions
TraceSQLExtendedFetch
TraceSQLSetDescField
TraceSQLGetConnectAttr
TraceSQLBindParameter
TraceReturn
TraceSQLBrowseConnectW
TraceSQLSetConnectOptionW
TraceSQLSetEnvAttr
TraceSQLGetDiagRecW
TraceSQLSetCursorNameW
TraceSQLGetDescFieldW
TraceSQLAllocHandle
TraceSQLDescribeParam
TraceSQLCancel

mssip32

CryptSIPPutSignedDataMsg
CryptSIPGetSignedDataMsg
CryptSIPCreateIndirectData
CryptSIPGetRegWorkingFlags
CryptSIPRemoveSignedDataMsg
CryptSIPGetInfo
CryptSIPVerifyIndirectData

glu32

gluDisk
gluGetTessProperty
gluCylinder
gluTessProperty
gluDeleteQuadric
gluProject
gluQuadricTexture
gluPwlCurve
gluBeginPolygon
gluBeginTrim
gluEndTrim
gluBeginSurface
gluNurbsCallback
gluBeginCurve
gluTessNormal
gluEndCurve
gluBuild1DMipmaps
gluQuadricDrawStyle
gluPerspective
gluNewTess
gluQuadricCallback
gluBuild2DMipmaps
gluTessVertex
gluNextContour
gluEndSurface
gluTessBeginPolygon
gluGetString
gluLoadSamplingMatrices
gluGetNurbsProperty
gluQuadricNormals
gluNewNurbsRenderer
gluNewQuadric
gluOrtho2D

wsock32

WSACancelBlockingCall
ntohl
getservbyname
WSACancelAsyncRequest
gethostbyname
inet_ntoa
recvfrom
listen
gethostname
WSApSetPostRoutine
inet_addr
GetAddressByNameW
htons
connect
WSAAsyncGetHostByAddr
WSAAsyncGetServByPort
EnumProtocolsA
htonl
GetNameByTypeA
WEP
getsockopt
gethostbyaddr
GetAcceptExSockaddrs
GetAddressByNameA
EnumProtocolsW

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bab51a4a19de8f5559363ff38c769b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbctrac

mssip32

glu32

wsock32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 768B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 768B

.rsrc
Size: 3KB - Virtual size: 3KB