General

Malware Config

Signatures

Files

• 2ccc434c331d14c62f5c17d769689a20a84e12ed4c62a6915fbe5eeb7f36f49d

  .zip
• 2014_11informationen_finanzgruppe_000070002.000038622.771714407-0044.exe

  .exe windows x86

  8f42ac020919e71042b3281f56acbacb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  oddbse32

  ConfigDSNW

  kernel32

  GetModuleHandleW

  VirtualAlloc

  GetFileAttributesW

  lstrcmpA

  LoadLibraryW

  GetCurrentProcess

  QueryPerformanceCounter

  mgmtapi

  SnmpMgrGetTrapEx

  catsrv

  DllRegisterServer

  ?ReleaseReadICR@@YGXPAPAUIComponentRecords@@@Z

  DllGetClassObject

  Sections

  .text

  Size: 265KB - Virtual size: 264KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 536B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 712B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ