c616fe3782c16734e969d809c407d9d15620d5bc7177e5f619309b9b74125904

Sharing

Copy URL Twitter E-mail

General

Target

c616fe3782c16734e969d809c407d9d15620d5bc7177e5f619309b9b74125904
Size

136KB
MD5

2538200ecc0d8023a78799b47dec87a9
SHA1

21b3ea7043fa1482aad7dddbb4ef231c22e14a18
SHA256

c616fe3782c16734e969d809c407d9d15620d5bc7177e5f619309b9b74125904
SHA512

556589952eecdc1cda3878229cdf9b27f3f2f3c5e7b1d7515cb43b3daf898f021eaebafe5d2cca0f96f16f7546653fa068d1eefcdf44964e03b582a36f695e3c
SSDEEP

3072:RC+I6OzXQNwxgT4HEM7yczHn1EqZRE80mSAUVF90pypyqiIRzwOJhV1MbPHLhWzI:01ziwxgT4HEM7yczHn1EWp1YRgHLhWzI

Score

N/A

Malware Config

Signatures

Files

c616fe3782c16734e969d809c407d9d15620d5bc7177e5f619309b9b74125904
.dll windows x86

a00ace465fd40f41da8cdf77cb078645

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
SetConsoleCtrlHandler
LeaveCriticalSection
GetEnvironmentStrings
GetLastError
IsDBCSLeadByte
TlsGetValue
RaiseException
GetStartupInfoA
GetFileAttributesA
CreateFileA
GetCommandLineA
GetProcAddress
InitializeCriticalSection
VirtualFree
TlsSetValue
SetHandleCount
RtlUnwind
GlobalMemoryStatus
GetStdHandle
GetModuleFileNameA
GetFileType
ExitProcess
CloseHandle
EnterCriticalSection
FreeEnvironmentStringsA
GetLocalTime
GetModuleHandleA
GetVersion
GetVersionExA
WriteFile
VirtualQuery
VirtualAlloc
UnhandledExceptionFilter
TlsFree
TlsAlloc
SetFilePointer

idapi32

OsCopyShare
OsNmZapExt
OsFileExists
OsNmChgExt
OsLoadString
OsCopy
XLTCharMap
DbiEndXlateMode
DbiBeginXlateMode
OsUnlink
SvDrvGetSize
OsDirFirst
XltRecStruct
OsNmPrsFName
OsNmBldFName
OsNmChgDrive
OsIsLocalDrive
SysGetStdTran
GetWorldFlags
GetszLDpx
GetszLDdb
OsLdMBRStrICmp
OsLdMBRStrChr
OsLdMBRStrNICmp
XlateRecordStructure
SysYield
DbiGetLdNameFromDb
DbiGetCurrXltFn
DbiOpenTable
OsSaveErrorByLang
CreateXltRecCurs
GetExtFromTblType
DbiGetLdName
OsLdBuildCharSetXform
XlateBuild
OsLdUnloadObj
_OsFree
SysRegVt
SysClientEntry
OsLdGetSymbName
GetTblTypeFromExt
SysDropPassword
OsLdLoadBySymbName
_OsRealloc
XltBuild
SysAddPassword
SysSetEnv
OsGetCurDrive
SysSetActiveSes
SysLoadDriver
OsSaveError
_OsCalloc
SysGetDb
SysGetCallBack
OsClearError
SysGetActiveSes
SrtTable
OsGetTempName
_OsMalloc
DbiGetErrorString
DbiCloseCursor
SvDrvGet

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
BatchAppendTable
BatchDoRestructure
BatchEmptyTable
BatchMove
BatchMoveQuery
BatchPackTable
BatchSortOpenedTable
BatchSortOpenedTable2
BatchSortTable
BatchSortTable2
WEP
__DebuggerHookData

Sections

CODE
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a00ace465fd40f41da8cdf77cb078645

Headers

File Characteristics

Imports

kernel32

idapi32

user32

Exports

Exports

Sections

CODE Size: 118KB - Virtual size: 120KB

DATA Size: 9KB - Virtual size: 24KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

CODE
Size: 118KB - Virtual size: 120KB

DATA
Size: 9KB - Virtual size: 24KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB