57d8942a5cc9bd998fa2be50850ddfd3cfa44ed2986f57e7ec839f519a4a0b91

Sharing

Copy URL Twitter E-mail

General

Target

57d8942a5cc9bd998fa2be50850ddfd3cfa44ed2986f57e7ec839f519a4a0b91
Size

759KB
MD5

f1654eb76600ba8f24f7f51be4002fef
SHA1

94fbe7bececeddac52c47813d156b5f3ed92f952
SHA256

57d8942a5cc9bd998fa2be50850ddfd3cfa44ed2986f57e7ec839f519a4a0b91
SHA512

4e71ff2908793956640b129d0eca803520f6ae7736ceff5e380672739b44b9b5dfe4f421c1cdbe5e51e21d8dddfadd1ce0118e5aa570dfbb27772e72c504cef4
SSDEEP

12288:vJnk7ZR0/EcSf5ZmLSvS9qoS/+xxzIq4aQpKh7tbPHnGBs+8q3KGkTAHpA+L:vpk7ZR6tSf5s2a9la+x2Ppc7g6GSAJDL

Score

N/A

Malware Config

Signatures

Files

57d8942a5cc9bd998fa2be50850ddfd3cfa44ed2986f57e7ec839f519a4a0b91
.exe windows x86

edf07ec8523389248c4259154df47e13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

odbc32

SearchStatusCode
CursorLibLockStmt
LockHandle
VRetrieveDriverErrorsRowCol
ValidateErrorQueue
SQLTablesA
VFreeErrors
CursorLibTransact
CursorLibLockDbc
CursorLibLockDesc
PostODBCComponentError
PostODBCError

advapi32

RegSetValueExA
RegEnumKeyA
SystemFunction041
ReadEventLogW
GetSecurityDescriptorOwner
RegEnumValueW
RegRestoreKeyW
ControlService
CryptSignHashW
RegisterEventSourceW
GetTraceEnableFlags
ImpersonateSelf
RegRestoreKeyA
SystemFunction040

shlwapi

wnsprintfA
SHOpenRegStream2W
StrChrIW
PathBuildRootW
StrCmpIW
SHDeleteValueA
AssocQueryStringA
PathRemoveBlanksW
SHCreateStreamOnFileEx
PathRenameExtensionW
StrTrimW
SHCreateShellPalette
PathIsDirectoryEmptyW
PathQuoteSpacesW
UrlGetPartW
UrlCombineA
PathFindOnPathW
SHSetValueA
PathIsSameRootW
StrFormatByteSizeW
PathIsUNCServerW
UrlCompareW
StrToIntExA
UrlIsW

iphlpapi

GetIcmpStatistics
InternalGetIpNetTable
UnenableRouter
GetIpAddrTable
InternalDeleteIpForwardEntry
AllocateAndGetIpAddrTableFromStack
DeleteIpForwardEntry
InternalGetTcpTable
GetBestRoute
GetAdaptersInfo
InternalCreateIpNetEntry
InternalGetIfTable
InternalCreateIpForwardEntry
InternalSetIpStats
GetInterfaceInfo
GetBestInterface
GetIpNetTable
DeleteProxyArpEntry
CreateProxyArpEntry
SendARP
GetUdpStatistics
InternalSetIpForwardEntry
FlushIpNetTable
GetPerAdapterInfo
GetNetworkParams
EnableRouter
NhGetInterfaceNameFromGuid

user32

DrawTextExA
GetMenuBarInfo
EnumThreadWindows
GetAppCompatFlags2
EnumDisplayDevicesW
RegisterClipboardFormatA
LoadIconW
SendMessageW
ToAsciiEx
DrawCaptionTempW
DialogBoxIndirectParamW
LoadCursorA
EmptyClipboard

mscms

GetColorProfileElement
OpenColorProfileW
InternalGetPS2PreviewCRD
TranslateBitmapBits
CloseColorProfile
InternalGetPS2ColorSpaceArray
TranslateColors
CreateColorTransformA
InternalGetPS2ColorRenderingDictionary
CreateColorTransformW
OpenColorProfileA
InstallColorProfileW
CheckBitmapBits
InternalGetPS2CSAFromLCS
EnumColorProfilesA
GetStandardColorSpaceProfileW
GetColorDirectoryW
EnumColorProfilesW
DeleteColorTransform
IsColorProfileValid
GetColorProfileHeader
UninstallColorProfileW
GetColorDirectoryA

ole32

OleSetMenuDescriptor
CoCreateInstanceEx
OleQueryLinkFromData
CoUninitialize
HMENU_UserSize
CoMarshalHresult
HWND_UserSize
OleConvertIStorageToOLESTREAM
CreateOleAdviseHolder
OleCreateFromData
OleCreateLinkFromData
HICON_UserUnmarshal
CoCreateFreeThreadedMarshaler
OleGetClipboard
HBITMAP_UserUnmarshal
WriteClassStm
OleRegGetMiscStatus

kernel32

DnsHostnameToComputerNameA
LCMapStringA
GetCurrentProcessId
TlsFree
GetLongPathNameA
MoveFileWithProgressW
BeginUpdateResourceA
FatalExit
GlobalAddAtomW
IsBadCodePtr
SetThreadIdealProcessor
FindVolumeClose
WTSGetActiveConsoleSessionId
GetExitCodeProcess
GetCurrentThread
FindFirstFileExW
UnlockFile
ReadProcessMemory
GetFullPathNameA
FindAtomW
OpenEventW
CreateFiber
GetWindowsDirectoryW
CreateProcessInternalW
MapViewOfFileEx
OpenProcess
RtlZeroMemory
VirtualAlloc
GetModuleHandleA
SetVDMCurrentDirectories
GetDriveTypeA
CreateProcessW
GlobalAlloc
lstrcatW
Process32NextW
GetExitCodeThread
UnmapViewOfFile
GetShortPathNameA
AddAtomA
FatalAppExitA
HeapAlloc
CreateTimerQueueTimer
GetLocaleInfoW
GetProcAddress
OpenFileMappingW

Sections

.pdata
Size: 1024B - Virtual size: 279B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ldata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 11KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 259KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 134KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 242KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edf07ec8523389248c4259154df47e13

Headers

DLL Characteristics

File Characteristics

Imports

odbc32

advapi32

shlwapi

iphlpapi

user32

mscms

ole32

kernel32

Sections

.pdata Size: 1024B - Virtual size: 279B

.ldata Size: 2KB - Virtual size: 1KB

.code Size: 11KB - Virtual size: 312KB

.idata Size: 259KB - Virtual size: 376KB

DATA Size: 134KB - Virtual size: 184KB

.idata Size: 242KB - Virtual size: 374KB

.rsrc Size: 109KB - Virtual size: 108KB

.pdata
Size: 1024B - Virtual size: 279B

.ldata
Size: 2KB - Virtual size: 1KB

.code
Size: 11KB - Virtual size: 312KB

.idata
Size: 259KB - Virtual size: 376KB

DATA
Size: 134KB - Virtual size: 184KB

.idata
Size: 242KB - Virtual size: 374KB

.rsrc
Size: 109KB - Virtual size: 108KB