73a1fd0790deadca19ef489f3d9ac13e0307a85cf61926713ad0652a9816ad7f

General

Target

73a1fd0790deadca19ef489f3d9ac13e0307a85cf61926713ad0652a9816ad7f
Size

282KB
MD5

80ebae4d7056605a1d871cb7c514cd24
SHA1

f171d864f99a15c2154a1d1f4d8cf71567bcd8d2
SHA256

73a1fd0790deadca19ef489f3d9ac13e0307a85cf61926713ad0652a9816ad7f
SHA512

c9740d6b2693e518f0dcf402c37c7522665b49b4b4f3e7e4a6be7d4e065a47824a73daba2653870f00c8ecde234e9d774b43e7dd3c69238fb6c410e777fdb984
SSDEEP

6144:7ibqBmCYiJH/P1FXvAZhQH1HAMei6ZxOLeNWW:0LCPNfYZhsAEegLeNWW

Score

N/A

Malware Config

Signatures

Files

73a1fd0790deadca19ef489f3d9ac13e0307a85cf61926713ad0652a9816ad7f
.exe windows x86

6d58ebfc8a849f65eaa979f345c939a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxIndirectA

gdi32

BitBlt
GetBitmapBits
DeleteObject
GetDeviceCaps
DeleteDC
CreateCompatibleBitmap
CreateDCA
SelectObject
CreateCompatibleDC
GetObjectA

kernel32

SetLastError
FreeLibrary
FlushConsoleInputBuffer
GetCurrentThreadId
GetStdHandle
GetFileType
GetThreadTimes
GlobalMemoryStatus
CloseHandle
GetCurrentDirectoryW
VirtualAllocEx

wsock32

WSACancelBlockingCall
bind
gethostbyname
setsockopt
listen
send
WSAGetLastError
socket
getsockopt
accept
htonl
ntohl
shutdown
htons
WSACleanup
connect
ntohs
WSASetLastError
getservbyname
inet_ntoa
recv
WSAStartup
closesocket

esent

JetCreateIndex
JetDupCursor
JetComputeStats
JetGetDatabaseInfo
JetBeginTransaction2
JetDeleteTable
JetSetTableSequential
JetAttachDatabase
JetDelete
JetDBUtilities
JetGotoBookmark
JetSnapshotStart
JetReadFileInstance
JetIntersectIndexes
JetTerm2
JetCloseDatabase
JetCreateInstance
JetGetVersion
JetGetLogInfo
JetGetInstanceInfo

mprdim

ServiceMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 257KB - Virtual size: 879KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d58ebfc8a849f65eaa979f345c939a0

Headers

File Characteristics

Imports

user32

gdi32

kernel32

wsock32

esent

mprdim

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 257KB - Virtual size: 879KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 257KB - Virtual size: 879KB

.rsrc
Size: 2KB - Virtual size: 2KB