45269632ed4b1ffc2851b81e4e12629240f5d097246147d74ef8bfee64a66273

Sharing

Copy URL Twitter E-mail

General

Target

45269632ed4b1ffc2851b81e4e12629240f5d097246147d74ef8bfee64a66273
Size

722KB
MD5

066493b5cbc64f76eb1714bd2e8094f0
SHA1

8b5f23bc966cf3a38f15b67785960a093ab8ad10
SHA256

45269632ed4b1ffc2851b81e4e12629240f5d097246147d74ef8bfee64a66273
SHA512

37c097a2906a0762145c7571bcecfb882cf5cf655172cf33a82934377aabc4fe33d40a349ef13738e21dec0f0a96692bfa75aca0f92c12278f0d9ed10423f26d
SSDEEP

12288:jDX9IiublAp5WXDsb99VcBXz17/MylErwiyqmbM+SAzQ/N:j7mAXwDqVSMcE0mqXQ/

Score

N/A

Malware Config

Signatures

Files

45269632ed4b1ffc2851b81e4e12629240f5d097246147d74ef8bfee64a66273
.exe windows x86

ce3c3e109f1355c0932f80c9684d2241

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strchr
??1bad_cast@@UAE@XZ
__setusermatherr
_iob
_dup2
strtoul
setlocale
_CIexp
memset
_spawnl
__mb_cur_max
isdigit
strtok
mktime
strcpy
iswcntrl
srand
_except_handler3
_itoa
_chdir
wcscmp
_fdopen
_wopen
frexp
_splitpath
_strdate

odbc32

CursorLibTransact
SearchStatusCode
CursorLibLockDesc
LockHandle
ValidateErrorQueue
PostODBCError
VRetrieveDriverErrorsRowCol
VFreeErrors
CursorLibLockDbc
SQLNativeSqlA
PostODBCComponentError
CursorLibLockStmt

advapi32

IsValidSecurityDescriptor
ConvertSidToStringSidW
ControlTraceW
RegEnumValueA
InitializeSecurityDescriptor
RegQueryMultipleValuesA
CheckTokenMembership
RegQueryMultipleValuesW
CryptSetProvParam
FreeSid
ChangeServiceConfigA
LsaOpenAccount
RegSetValueExA
ImpersonateLoggedOnUser
FreeEncryptionCertificateHashList
CryptHashData
LsaQueryInformationPolicy
RegSetValueExW
RegOpenKeyA
GetSidIdentifierAuthority
OpenSCManagerW
CreateProcessAsUserA
CloseEncryptedFileRaw
GetTraceLoggerHandle
RegOpenCurrentUser
LsaLookupNames

mscms

CreateColorTransformA
InstallColorProfileW
GetColorProfileElement
GetStandardColorSpaceProfileW
GetColorDirectoryA
CloseColorProfile
OpenColorProfileA
InternalGetPS2ColorRenderingDictionary
TranslateColors
EnumColorProfilesA
DeleteColorTransform
InternalGetPS2ColorSpaceArray
GetColorDirectoryW
InternalGetPS2PreviewCRD
InternalGetPS2CSAFromLCS
UninstallColorProfileW
EnumColorProfilesW
CreateColorTransformW
GetColorProfileHeader
CheckColors
TranslateBitmapBits
OpenColorProfileW
IsColorProfileValid

wintrust

WinVerifyTrust
WintrustRemoveActionID
CryptCATOpen
WinVerifyTrustEx
WintrustAddActionID
IsCatalogFile
WTHelperGetProvSignerFromChain
CryptCATAdminReleaseCatalogContext
CryptCATClose
CryptCATGetMemberInfo
CryptCATEnumerateMember
CryptCATAdminAddCatalog
CryptCATAdminCalcHashFromFileHandle
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
CryptCATAdminReleaseContext
CryptCATGetAttrInfo
CryptCATEnumerateAttr
CryptCATGetCatAttrInfo
CryptCATCatalogInfoFromContext
CryptCATAdminAcquireContext
WintrustLoadFunctionPointers
WTHelperGetFileHash
CryptCATEnumerateCatAttr
CryptCATAdminEnumCatalogFromHash

netapi32

DsRoleFreeMemory
NetShareGetInfo
NetShareSetInfo
NetGetAnyDCName
NetServerSetInfo
NetUserModalsGet
NetLocalGroupAdd
NetpwNameValidate
NetStatisticsGet
NetapipBufferAllocate
NetWkstaTransportEnum
DsEnumerateDomainTrustsW
NetServiceInstall
NetUserGetGroups
NetUserModalsSet
NetApiBufferAllocate
NetUserEnum
NetpIsRemote
NetFileEnum
NetUserGetInfo
NetUseAdd

kernel32

DisconnectNamedPipe
SetConsoleMode
GetEnvironmentVariableA
SignalObjectAndWait
GetLongPathNameW
lstrcatA
GetModuleHandleA
RemoveDirectoryW
OutputDebugStringA
GetVolumeInformationW
VerifyVersionInfoA
MoveFileA
BindIoCompletionCallback
ReadConsoleOutputW
FindVolumeMountPointClose
GetCommConfig
SetCurrentDirectoryW
lstrcmpiW
SetFileAttributesW
CopyFileA
OutputDebugStringW
CompareStringW
GetTempFileNameA
SetHandleCount
IsBadStringPtrW
SleepEx
GetTickCount
VirtualAlloc

user32

AppendMenuA
DdeAbandonTransaction
CopyAcceleratorTableW
CreateMenu
GetLastActivePopup
KillTimer
InvalidateRgn
ReleaseDC
SendMessageW
DestroyCaret
DestroyWindow
GetWindowInfo
GetScrollInfo
IsWindowEnabled
GetMonitorInfoW
PostQuitMessage
GetNextDlgTabItem
WaitForInputIdle
ToAscii
HideCaret
CharToOemBuffA
OpenInputDesktop
LockWindowUpdate
OemToCharBuffW
IsCharAlphaA

gdi32

AddFontResourceW
CreateFontW
GdiGetDC
EnumFontFamiliesA
GetWorldTransform
CreateFontA
GetCharABCWidthsA
Escape
EngAlphaBlend
CreatePenIndirect
STROBJ_bEnum
EngFindResource
AddFontResourceA
GetGraphicsMode
CreateMetaFileA
GetEnhMetaFilePaletteEntries
GetCharABCWidthsW
GetFontResourceInfoW
GdiEntry3
GdiGetSpoolFileHandle
GetPath
CreateBitmap

Sections

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 10KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CRT
Size: 599KB - Virtual size: 929KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce3c3e109f1355c0932f80c9684d2241

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

odbc32

advapi32

mscms

wintrust

netapi32

kernel32

user32

gdi32

Sections

.idata Size: 2KB - Virtual size: 1KB

.code Size: 10KB - Virtual size: 339KB

CRT Size: 599KB - Virtual size: 929KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 1024B - Virtual size: 48B

.idata
Size: 2KB - Virtual size: 1KB

.code
Size: 10KB - Virtual size: 339KB

CRT
Size: 599KB - Virtual size: 929KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 1024B - Virtual size: 48B