884a70d7f9976b554ed81375854592878a57740cae59a9e1a345ca5622d3de35

Sharing

Copy URL

Twitter E-mail

General

Target

884a70d7f9976b554ed81375854592878a57740cae59a9e1a345ca5622d3de35
Size

335KB
MD5

0889c804d0ef8bc9b451b5979c4e4abf
SHA1

b23cd2c6b4d8b962ede1da6bf795646a7162f1a2
SHA256

884a70d7f9976b554ed81375854592878a57740cae59a9e1a345ca5622d3de35
SHA512

e78c02b33dd7e722b29bd16a36ebb43e38b98203c01d854b4247e835d5852440adc118a44fb25be123a28944f283bceb2865b03065477730f3909d0abd73778e
SSDEEP

6144:dDTkT+bYTdPpcjNE4IitaE5XGUSa2Ux4S+RFWKvk6f:eT5TDc64IitaF5arik

Score

N/A

Malware Config

Signatures

Files

884a70d7f9976b554ed81375854592878a57740cae59a9e1a345ca5622d3de35
.exe windows x86

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
OpenSCManagerW
OpenServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
QueryServiceStatusEx

kernel32

CreateMutexW
SetConsoleCtrlHandler
GetModuleHandleW
GetFileType
GetDateFormatA
ConnectNamedPipe
HeapFree
TlsFree
GetFileSizeEx
WriteConsoleA
HeapAlloc
HeapDestroy
IsValidLocale
GetLocalTime
GetOEMCP
RaiseException
CreateFileW
GetConsoleOutputCP
ReleaseSemaphore
SetStdHandle
GetConsoleMode
CreateEventW
WriteFile
LeaveCriticalSection
SetFilePointer
ReadFile
GetDiskFreeSpaceW
SetHandleCount
LCMapStringW
EnumSystemLocalesA
WideCharToMultiByte
UnhandledExceptionFilter
EnterCriticalSection
GetACP
SetEnvironmentVariableA
GetTimeFormatA
HeapReAlloc
CloseHandle
CompareStringA
GetCommandLineA
GetCurrentThreadId
DeviceIoControl
IsValidCodePage
WriteConsoleW
CreateThread
CompareStringW
HeapSize
InitializeCriticalSectionAndSpinCount
CancelIo
QueryDosDeviceW
CreateSemaphoreW
FreeEnvironmentStringsW
WaitNamedPipeW
VirtualFree
DeleteCriticalSection
SetLastError
WaitForSingleObject
FindNextFileW
FlushFileBuffers
GetStdHandle
FreeEnvironmentStringsA
GetConsoleCP
TlsGetValue
CreateWaitableTimerW
RtlUnwind
GetOverlappedResult
CreateFileA
TlsAlloc
FatalAppExitA
WaitForMultipleObjects
FindClose
VirtualAlloc
LockFileEx
GetUserDefaultLCID
SetUnhandledExceptionFilter
LCMapStringA
TlsSetValue
GetTimeZoneInformation
FindFirstFileW
DisconnectNamedPipe
ReleaseMutex
GetSystemTimeAsFileTime
ResetEvent
GetLogicalDrives
FreeLibrary
UnlockFileEx
GetComputerNameW
SetWaitableTimer
CreateNamedPipeW
IsDebuggerPresent
CompareFileTime
VirtualAllocEx

ntdll

ZwClose
NtQueryFullAttributesFile
_wcsicmp
memcpy
memset
ZwCreateSection
memcmp
ZwQueryDirectoryFile
_wcsnicmp
NtQueryInformationFile
strlen
memmove
ZwOpenFile
towupper
RtlInitUnicodeString
ZwMapViewOfSection
RtlNtStatusToDosError
wcslen
RtlCompareMemory
ZwUnmapViewOfSection

oleaut32

LoadRegTypeLib
VarI1FromDate
VarDecNeg
VarCat
VarUI4FromStr
SysReAllocString
VarBstrFromUI2
VarI4FromDisp
VarUI4FromI4
VarR8FromUI1
VarR4FromUI2
VarCyCmp
LHashValOfNameSys
DispInvoke
SafeArrayGetRecordInfo
VarCyFromDec
SafeArrayCopyData
VarUI1FromDisp
VarI2FromUI4
VarI4FromDate
SafeArrayDestroyData
SysAllocStringByteLen
VariantInit
VarI4FromI8
VarCyFromUI4
VarR4FromR8
VarOr
VarUI4FromDec
VarUI2FromDisp
VarI4FromI1
VarDateFromUI4
VectorFromBstr

odbccu32

SQLGetDescRec
SQLNumParams
SQLMoreResults
SQLBindCol
SQLExecDirect

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 55KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 161KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

Imports

advapi32

kernel32

ntdll

oleaut32

odbccu32

Sections

.text Size: 21KB - Virtual size: 20KB

.bss Size: 55KB - Virtual size: 648KB

.reloc Size: 161KB - Virtual size: 706KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 74KB - Virtual size: 818KB

.rsrc Size: 18KB - Virtual size: 39KB

.text
Size: 21KB - Virtual size: 20KB

.bss
Size: 55KB - Virtual size: 648KB

.reloc
Size: 161KB - Virtual size: 706KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 74KB - Virtual size: 818KB

.rsrc
Size: 18KB - Virtual size: 39KB