a450af2f4d24cf14ba9b4350de1e73f541300717240aa58436fa039a21233504

Sharing

Copy URL Twitter E-mail

General

Target

a450af2f4d24cf14ba9b4350de1e73f541300717240aa58436fa039a21233504
Size

849KB
MD5

e2ab4dcaab69efa25158e60a086cf64d
SHA1

c8ededf7a1c872f5b0cb102d2f9691849139a777
SHA256

a450af2f4d24cf14ba9b4350de1e73f541300717240aa58436fa039a21233504
SHA512

9a55811a9a05d623c9c33734f0a4981988bca694081022e8b58f19817e364a981eb2f161aa99d5a8e355761e4c55eb83e521c20c50626751094f4af403b8b32d
SSDEEP

24576:bp73/CQPHeU3V/TRdYRSTaa8X/telk+IYxfJClGs+:bJqQP+sV/TmxVe8QRCl8

Score

N/A

Malware Config

Signatures

Files

a450af2f4d24cf14ba9b4350de1e73f541300717240aa58436fa039a21233504
.exe windows x86

145fa97351de73f461a6e09964cc9f6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbcjt32

SQLStatisticsW
SQLSetDescRec
SQLExecute
SQLParamData
SQLFreeStmt
AdvancedDialogProc
SQLExecDirectW
SQLNumResultCols
SQLFetchScroll
SQLBindParameter
SQLGetStmtAttrW
InitDialogAgain
SQLSetCursorNameW
SelectIndexDlgProc
SQLGetInfoW
SQLCloseCursor
SQLSetConnectAttrW
SQLCopyDesc
SQLExtendedFetch
SQLTablesW
SQLSetScrollOptions
SQLGetDiagFieldW
SQLDriverConnectW
SelectUIdxDlgProc

kernel32

RequestDeviceWakeup
HeapSize
EnumDateFormatsExA
SetTermsrvAppInstallMode
BaseCheckAppcompatCache
IsValidCodePage
BuildCommDCBW
GetThreadLocale
LZOpenFileW
WriteConsoleInputA
GetComputerNameA
FileTimeToDosDateTime
ExpungeConsoleCommandHistoryA
PrivMoveFileIdentityW
Heap32First
InitializeCriticalSection
HeapDestroy
QueryDosDeviceW
GetMailslotInfo
LoadLibraryExA
Beep
RtlCaptureStackBackTrace
LoadLibraryA
ResetWriteWatch
LocalUnlock
VirtualAlloc

mfcsubs

?GetAllocLength@CString@@QBEHXZ
?SetAt@CMapStringToPtr@@QAEXPBGPAX@Z
??8@YG_NABVCString@@0@Z
??0CStringArray@@QAE@XZ
??4CString@@QAEABV0@ABV0@@Z
?GetData@CStringArray@@QBEPBVCString@@XZ
?Release@CString@@IAEXXZ
??0CSyncObject@@QAE@PBG@Z
?FreeExtra@CStringArray@@QAEXXZ
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
??1CString@@QAE@XZ
??O@YG_NPBGABVCString@@@Z
?Copy@CStringArray@@QAEXABV1@@Z
?GetBuffer@CString@@QAEPAGH@Z
?InsertAt@CStringArray@@QAEXHPBGH@Z
?Compare@CString@@QBEHPBG@Z
?HashKey@CMapStringToPtr@@QBEIPBG@Z
?ReverseFind@CString@@QBEHG@Z
?Lock@CCriticalSection@@UAEHK@Z
??1CSyncObject@@UAE@XZ

user32

LoadAcceleratorsW
InsertMenuItemW
DrawFrame
UpdateWindow
GetClipboardViewer
GetClassInfoW
MapVirtualKeyExA
CharNextW
GetMessageTime
GetKeyboardState
GetWinStationInfo
DlgDirSelectComboBoxExA
GetKeyState
GetTabbedTextExtentA
DrawTextExA
GetDCEx
GetShellWindow
GetWindowContextHelpId
DdeAbandonTransaction

advapi32

RegEnumKeyExA
GetTokenInformation
LsaCreateTrustedDomainEx
EnumDependentServicesA
LsaOpenTrustedDomainByName
CredEnumerateW
StartServiceA
ControlService
A_SHAFinal
DecryptFileW
ElfBackupEventLogFileW
WmiQueryAllDataW
RegSetValueW
SystemFunction007
CredWriteDomainCredentialsA
SetEntriesInAccessListA
LsaNtStatusToWinError
RegQueryValueExA
ElfReadEventLogA
UpdateTraceW

Sections

.text
Size: 717KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

145fa97351de73f461a6e09964cc9f6f

Headers

DLL Characteristics

File Characteristics

Imports

odbcjt32

kernel32

mfcsubs

user32

advapi32

Sections

.text Size: 717KB - Virtual size: 716KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 4KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 717KB - Virtual size: 716KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 4KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB