95cedc05861f39bdd9f69fd12607a7e1fc3c660f4982d57b82f8bb934b992388

Sharing

Copy URL Twitter E-mail

General

Target

95cedc05861f39bdd9f69fd12607a7e1fc3c660f4982d57b82f8bb934b992388
Size

833KB
MD5

3be25422d428573bab3b33ea0a90d7c5
SHA1

374210c442c0fd2c274d28e8f1038d4809b471ab
SHA256

95cedc05861f39bdd9f69fd12607a7e1fc3c660f4982d57b82f8bb934b992388
SHA512

fc2d330337db2d27b83897c6c4cdbdbdf42c6bca7c0a7404ca2b14f04674e8417d660973505c6f72d5bcc9a06610667d6ddd8651cfec6905d86cb5de4ce6ed17
SSDEEP

24576:kEtH6RableATHQgUyPdrvbhNTUrTOGaF2sEhHhzPw:oR/A1bPthdU3OGA2sCB4

Score

N/A

Malware Config

Signatures

Files

95cedc05861f39bdd9f69fd12607a7e1fc3c660f4982d57b82f8bb934b992388
.exe windows x86

5eae1e72257a567f98a07bcc850415c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_CharToOem_@8
_NDdeSetShareSecurity_@16
_GetServiceKeyName_@16
_CreateColorSpace_@4
_PostThreadMessage_@16
_SendMessageTimeout_@28
_RegConnectRegistry_@12
_RegUnLoadKey_@8
_EnumDesktops_@12
_lstrcat_@8
_NDdeIsValidAppTopicList_@4
_LogonUser_@24
_ExtTextOut@32
_NDdeIsValidShareName_@4
_EnumResourceLanguages_@20
_GetCharABCWidths_@16
_GetBinaryType_@8
_NDdeShareAdd_@20
_FindNextFile_@8
_SetProp@12
_PolyTextOut_@12
_LookupAccountName_@28
_ExtractIconEx_@20
_OpenEventLog_@8
_OpenWindowStation_@12
_RemoveDirectory_@4
_PropertySheet_@4
_GetWindowLong@8
_BuildCommDCB_@8
_EnumWindowStations_@8
_GetPrivateProfileSection_@16
_OemToCharBuff_@12
_CharPrev_@8
_SetMenuItemInfo_@16
_ChooseColor_@4
_ExtractAssociatedIcon_@12

winmm

mmTaskBlock
mmTaskCreate
mciSendCommandA
joySetThreshold
mod32Message
mixerGetNumDevs
mixerGetLineInfoA
tid32Message
aux32Message
waveInMessage
wod32Message
waveOutRestart
waveOutUnprepareHeader
mid32Message
mixerOpen
midiStreamOut
mmioSeek
mmTaskYield
mmioRenameW
DrvGetModuleHandle
mmioOpenA
midiStreamStop
mciSetDriverData

kernel32

HeapQueryInformation
GetTickCount
SetLastError
GetNumberFormatA
_lclose
MoveFileWithProgressA
SetFilePointer
LoadLibraryW
GetConsoleCommandHistoryLengthW
GetCurrencyFormatW
GetUserDefaultLCID

rtutils

RouterLogEventValistExW
MprSetupProtocolFree
RouterLogEventA
RouterLogEventExW
TraceDumpExW
RouterLogEventDataW
TraceDumpExA
RouterLogDeregisterW
TraceDeregisterW

Sections

.text
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5eae1e72257a567f98a07bcc850415c4

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

winmm

kernel32

rtutils

Sections

.text Size: 370KB - Virtual size: 369KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 197KB - Virtual size: 1.6MB

.rsrc Size: 171KB - Virtual size: 170KB

.reloc Size: 1024B - Virtual size: 996B

.text
Size: 370KB - Virtual size: 369KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 197KB - Virtual size: 1.6MB

.rsrc
Size: 171KB - Virtual size: 170KB

.reloc
Size: 1024B - Virtual size: 996B