151e8041bbb4e9065c9588252e4cfaf0178b72af3c1fbb22760b34ea5604e37c

Sharing

Copy URL

Twitter E-mail

General

Target

151e8041bbb4e9065c9588252e4cfaf0178b72af3c1fbb22760b34ea5604e37c
Size

696KB
MD5

3971291b0cb2c85553463cda7f29fbf0
SHA1

6c7ea8cbd96c08d301ef768d1275ff4528607c33
SHA256

151e8041bbb4e9065c9588252e4cfaf0178b72af3c1fbb22760b34ea5604e37c
SHA512

ca7ceff7ddfd8ece2be9fe64c7442e40e45310c37db37a16706781acd2a9fa4834280e3a42ee7ff41ecf200e9447ab52ccd7507e05c5c975e23b7f65b7041940
SSDEEP

6144:uZy9cS8bujkflWs/uBHk0eKg0SqKo3INU7fbYJWSCFPZma7I0M+W:Gy2S8CQflWs/uSXKLSqK2poJ9CFh3M+

Score

N/A

Malware Config

Signatures

Files

151e8041bbb4e9065c9588252e4cfaf0178b72af3c1fbb22760b34ea5604e37c
.exe windows x86

a0a5bc03333cde869f25a6c1131d4a8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

oraslax10

pxnrcov
pxnmstt
pxnmove
pxngoto
pxnspus

msvcrt

_mktemp
_controlfp
_except_handler3
strlen
abs
toupper
sprintf
memset
strcat
vfprintf
rewind
fgets
fseek
remove
longjmp
_setjmp3
exit
fclose
printf
strcpy
fopen
malloc
free
realloc
vsprintf
qsort
strcmp
_pctype
_isctype
__mb_cur_max
fprintf
memcpy
strpbrk
strchr
fgetc
fputc
fputs
getc
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

oracore10

slzgetevar
lpmdone
lpminit
lcv42b
lstup
lstmclo
lctbval
lstlo
ldxini
lcvb24

oranls10

lxsCnvSimple
lxsCpStr
lxwalnx
lxwdigx
lxhcsn
lxhnlangid
lxsCatStr
lxoCpStr
lxoSchPat
lxoCmpStr
lxoCnvNumStrToInt
lxmcpen
lxhidtolang
lxwspax
lmsatrm
lmsaicmt
lmsagbf
lxsCnvCase
lxwc2ux
lxmc2wx
lxsCntChar
lxsCpToWide
lxsCpFrWide
lxoCpToOp
lxoWriWChar
lxmr2w
lxlterm
lxldfcb
lxldini
lxlinit
lxinitc
lxhLangEnv
lxscat
lxsCntByte
lxoWriChar
lxsCmpStr
lxsulen
lxscop
lxoCpChar
lxmfwdx
lxmopen
lxmdssln

oraclient10

OCISessionEnd
kguqsdh
OCIStmtExecute
OCIDefineByPos
OCIStmtPrepare
OCIHandleAlloc
OCIErrorGet
OCIPEnvCreate
OCIInitialize
upiopn
upicls
upiosq
upigml
upih2o
kguqvld
OCIEnvInit
kpusvc2hst
OCISessionBegin
OCIAttrSet
OCIServerAttach
OCIHandleFree
OCIServerDetach
upicpr

oracommon10

slsprom
slfnp

orageneric10

slgfn
kgesec0
kodmgcn
kodmcon
kglget
kglpin
kglpgpv

orapls10

pcisem
pcisyn
psiini
psiinp
psiinu
psiins
psiksu
psoconn
psflod
psfcex
psfchk
psfnrc
psikgsf

oraplp10

STANDA_S
STANDA_B
PLITBLM_S

Sections

.text
Size: 492KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a0a5bc03333cde869f25a6c1131d4a8d

Headers

File Characteristics

Imports

oraslax10

msvcrt

oracore10

oranls10

oraclient10

oracommon10

orageneric10

orapls10

oraplp10

Sections

.text Size: 492KB - Virtual size: 490KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 132KB - Virtual size: 132KB

.text
Size: 492KB - Virtual size: 490KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 132KB - Virtual size: 132KB