6997d51b55fb926340e096a8ec3e6136c2bfe6a99b8ec4c8a8089ebc86f188ec

Sharing

Copy URL

Twitter E-mail

General

Target

6997d51b55fb926340e096a8ec3e6136c2bfe6a99b8ec4c8a8089ebc86f188ec
Size

727KB
MD5

079455c0faa7b616ccf8b0bb26947e50
SHA1

34f4b1a0653d26fb8db3e7e7ecdc426af20f2d59
SHA256

6997d51b55fb926340e096a8ec3e6136c2bfe6a99b8ec4c8a8089ebc86f188ec
SHA512

8c87425e29f9683457ac6208511b572529065179806340b10b314c14b19a3c7d405b25acb4cdc9134a55d7b27839a5e628cd3ebc06955e8139870783502ed4a6
SSDEEP

12288:P/d4pan0Yv/byYLy+vuZQcnB41NWm4NiEvCDdzWT/dG2:68nPDycyEub4HWxvEdKT82

Score

N/A

Malware Config

Signatures

Files

6997d51b55fb926340e096a8ec3e6136c2bfe6a99b8ec4c8a8089ebc86f188ec
.exe windows x86

26826d5c7a3d2f20c658f19b0a9529c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

userenv

UnloadUserProfile
CreateEnvironmentBlock
GetAppliedGPOListW
RsopSetPolicySettingStatus
LeaveCriticalPolicySection
LoadUserProfileW
ForceSyncFgPolicy
DeleteProfileW
ExpandEnvironmentStringsForUserW
EnterCriticalPolicySection
RefreshPolicy
GetDefaultUserProfileDirectoryW
RsopResetPolicySettingStatus

advapi32

EqualPrefixSid
RevertToSelf
RegNotifyChangeKeyValue
LsaRemoveAccountRights
SetEntriesInAclA
IsValidAcl
ConvertStringSidToSidW
ElfReportEventW
RegEnumKeyA
RegSetValueExA
RegQueryMultipleValuesW
GetLengthSid
SetSecurityDescriptorSacl
WriteEncryptedFileRaw

kernel32

ReadFile
CreateToolhelp32Snapshot
HeapCompact
LCMapStringA
GetTempFileNameA
FlushConsoleInputBuffer
CreateIoCompletionPort
GetCurrentDirectoryA
MoveFileW
HeapSize
VirtualAlloc
DeviceIoControl
InterlockedIncrement
lstrcmpiW
FoldStringW
GetFullPathNameW
FindNextFileW
TransmitCommChar
VerLanguageNameA
SetCurrentDirectoryA

imagehlp

SymInitialize
ImageGetCertificateData
ImageEnumerateCertificates
SymSetOptions
ImageNtHeader
ImageRvaToVa
ImageRvaToSection
CheckSumMappedFile
ImageLoad
EnumerateLoadedModules64
ImageUnload
ImageDirectoryEntryToData

msvcrt

_findnext
_CIcosh
_swab
__setusermatherr
??1exception@@UAE@XZ
strtol
__pioinfo
strchr
_lock
pow
_mbsinc
fwprintf
_CIacos
ungetc
_chsize
_i64tow
iscntrl
_fpclass
calloc
__badioinfo
_memicmp
_filelength
_wgetenv
__p__fmode
??3@YAXPAX@Z
towlower
_ultow
ceil
_mbsnbcat
frexp
getchar
_Getmonths
_lseek
_msize
_except_handler3
localtime
__wgetmainargs
difftime
__p__commode
_strcmpi
memchr
vswprintf
??1type_info@@UAE@XZ
wcscspn

odbc32

ODBCGetTryWaitValue
CursorLibLockDbc
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
LockHandle
PostODBCComponentError
CursorLibTransact
CursorLibLockStmt
SearchStatusCode
VFreeErrors
ValidateErrorQueue
PostODBCError

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 172KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 133KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 288KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26826d5c7a3d2f20c658f19b0a9529c5

Headers

DLL Characteristics

File Characteristics

Imports

userenv

advapi32

kernel32

imagehlp

msvcrt

odbc32

Sections

.data Size: 6KB - Virtual size: 5KB

.text Size: 16KB - Virtual size: 349KB

.idata Size: 172KB - Virtual size: 248KB

.idata Size: 133KB - Virtual size: 328KB

.rdata Size: 288KB - Virtual size: 349KB

.rsrc Size: 109KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 5KB

.text
Size: 16KB - Virtual size: 349KB

.idata
Size: 172KB - Virtual size: 248KB

.idata
Size: 133KB - Virtual size: 328KB

.rdata
Size: 288KB - Virtual size: 349KB

.rsrc
Size: 109KB - Virtual size: 109KB