803f0a2c01dbaf8adc957db0de2959901ba54511542a795f61d9ba9ec27abd6c

Sharing

Copy URL

Twitter E-mail

General

Target

803f0a2c01dbaf8adc957db0de2959901ba54511542a795f61d9ba9ec27abd6c
Size

831KB
MD5

d473a0a8b2bec987b9c80596fb4e14ee
SHA1

7f1d6d5eaa95b9116953ea42f842fac5b9a71edd
SHA256

803f0a2c01dbaf8adc957db0de2959901ba54511542a795f61d9ba9ec27abd6c
SHA512

d8f9ac370a411c5fd4577f5818ab29fb1b375ec9b8f7740593b3a067b2ced788a9a8fbaad70221f18866e5493e266ae8323cec2a2bbdba6e46445dcd8a4764fe
SSDEEP

24576:Ps8CkWW6JA3Q6BIG436/D8hgoeRIjLw3dE:08CdzneoSnRIj

Score

N/A

Malware Config

Signatures

Files

803f0a2c01dbaf8adc957db0de2959901ba54511542a795f61d9ba9ec27abd6c
.exe windows x86

c50516198bccaf1de4caf4309f3a259a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateWaitableTimerW
SetConsoleOutputCP
Process32Next
GetTempPathA
GetCurrentThread
SetCommConfig
SetHandleInformation
GetLocaleInfoA
GetProfileSectionA
EnumerateLocalComputerNamesA
GetConsoleCommandHistoryLengthA
RtlZeroMemory
BaseFlushAppcompatCache
CreateSemaphoreW
GetModuleHandleW
EnumResourceNamesW
WaitNamedPipeW
ReleaseActCtx
SetFileAttributesW
WriteProfileSectionW
GetFileTime
SetConsoleIcon
_lread
QueueUserWorkItem
SetThreadPriority
SetVolumeMountPointA
VerSetConditionMask
WriteTapemark
LoadLibraryW

sqlsrv32

SQLBindParameter
SQLSetConnectAttrW
SQLPrimaryKeysW
BCP_control
SQLGetInfoW
SQLBindCol
SQLStatisticsW
ConfigDriverW
SQLGetStmtAttrW

advapi32

RegFlushKey
SetEntriesInAuditListW
CopySid
CancelOverlappedAccess
LsaLookupNames2
RegisterEventSourceW
LsaICLookupNamesWithCreds
RemoveUsersFromEncryptedFile
ConvertStringSDToSDRootDomainW

winmm

waveOutGetDevCapsW
mmioWrite
timeGetTime
mixerGetDevCapsW
mciSetYieldProc
mmioRenameA
waveInReset
midiOutShortMsg
auxGetDevCapsW
midiInMessage
midiOutOpen
mciSendCommandA
midiOutGetDevCapsA
mciLoadCommandResource
joySetThreshold
mixerClose
mmioOpenA
mmioSeek
waveInGetErrorTextW
mixerGetNumDevs
mciGetDeviceIDA
midiOutGetNumDevs
waveOutReset
midiOutGetErrorTextW
waveOutGetErrorTextA
mxd32Message
mmsystemGetVersion
waveInClose
mciFreeCommandResource

wsock32

MigrateWinsockConfiguration
ioctlsocket
GetTypeByNameA
ntohs
TransmitFile
sendto
EnumProtocolsA
GetAcceptExSockaddrs
GetNameByTypeW
select
accept
gethostbyaddr
closesocket
listen
recv
WSASetLastError

untfs

?ComputeDupInfoSignature@NTFS_MFT_INFO@@CGXPAU_DUPLICATED_INFORMATION@@QAE@Z
?AllocateFileRecordSegment@NTFS_MASTER_FILE_TABLE@@QAEEPAVBIG_INT@@E@Z
??0NTFS_BITMAP_FILE@@QAE@XZ
?ReadList@NTFS_ATTRIBUTE_LIST@@QAEEXZ
?QueryNumberOfExtents@NTFS_EXTENT_LIST@@QBEKXZ
??0NTFS_INDEX_TREE@@QAE@XZ
?TakeCensus@NTFS_SA@@QAEEPAVNTFS_MASTER_FILE_TABLE@@KPAUNTFS_CENSUS_INFO@@@Z
??0NTFS_BAD_CLUSTER_FILE@@QAE@XZ

wldap32

ldap_result2error
ldap_modifyA
ldap_extended_operationA
ldap_init
ldap_search_ext_sA
ldap_count_values_len
ldap_add_ext_sA
ldap_rename_ext_sW
ldap_control_freeA
ldap_control_free
ldap_get_paged_count
ldap_sslinitA
ldap_start_tls_sW
ldap_modrdn2_sA
ber_peek_tag

mapi32

HrGetOneProp@12
EncodeID@12
UNKOBJ_FreeRows@8
FGetComponentPath
MAPIUninitialize
LpValFindProp@12
SzFindCh@8
FBadProp@4
DeinitMapiUtil@0

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c50516198bccaf1de4caf4309f3a259a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

sqlsrv32

advapi32

winmm

wsock32

untfs

wldap32

mapi32

Sections

.text Size: 401KB - Virtual size: 400KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 165KB - Virtual size: 1.6MB

.rsrc Size: 164KB - Virtual size: 163KB

.reloc Size: 1024B - Virtual size: 892B

.text
Size: 401KB - Virtual size: 400KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 165KB - Virtual size: 1.6MB

.rsrc
Size: 164KB - Virtual size: 163KB

.reloc
Size: 1024B - Virtual size: 892B