42838771ca003796610101a8f5b1802ac2e965aee32d4526ba6b42de698d6520

Sharing

Copy URL Twitter E-mail

General

Target

42838771ca003796610101a8f5b1802ac2e965aee32d4526ba6b42de698d6520
Size

58KB
MD5

7bb4158c39be3557ca88cfff5324c85c
SHA1

3ff98ca4185ec4dc1a34184c84d4ef660010ba45
SHA256

42838771ca003796610101a8f5b1802ac2e965aee32d4526ba6b42de698d6520
SHA512

79b0f56dfb6416cdc1af816f706229e4c94e0c2a28cc824f1d1d234379a54f7f40034c3aa365743f2cd925d505a3ad58debdc24e2a7ecd89155856ee31c00e42
SSDEEP

1536:0WEQUb6liWMErNho0qapNgAvOTKbVmbD8lrI9:K8lBZrfV1wOOpn8lrI

Score

N/A

Malware Config

Signatures

Files

42838771ca003796610101a8f5b1802ac2e965aee32d4526ba6b42de698d6520
.exe windows x86

355b4e0307898f19da887625a8b44af3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msls31

LsQueryTextCellDetails
LsdnFinishByOneChar
LsCreateLine
LsPointUV2FromPointUV1
LsGetMinDurBreaks
LsFindPrevBreakSubline
LssbFDonePresSubline
LsGetLineDur
LsFindNextBreakSubline
LsDisplayLine
LsEnumSubline
LsdnFinishRegular
LsGetReverseLsimethods
LsQueryPointPcpSubline
LsQueryCpPpointSubline
LsdnQueryObjDimRange
LsFetchAppendToCurrentSubline
LsCreateContext
LsdnResetPenNode
LsTruncateSubline
LsdnSetRigidDup
LsFinishCurrentSubline
LssbGetDurTrailInSubline
LsdnFinishBySubline
LsDestroySubline
LsCreateSubline
LsQueryFLineEmpty
LsdnDistribute
LsGetRubyLsimethods
LsAppendRunToCurrentSubline
LsSetExpansion
LsMatchPresSubline
LsdnGetDup
LsdnResetObjDim

user32

IsWindowEnabled
SetWindowsHookExW
EnumDisplaySettingsW
MessageBoxW
WinHelpW
GetMenu
GetWindowModuleFileNameA
EnableScrollBar
DefFrameProcA
NotifyWinEvent
SetDeskWallpaper
GetCursorFrameInfo
ChangeMenuA
SetScrollRange
SetProgmanWindow
IsDialogMessageA
SetScrollInfo
TabbedTextOutW
MapWindowPoints
PostThreadMessageW
CheckRadioButton
SetLastErrorEx
SendDlgItemMessageA
DrawCaptionTempW
SetClassLongW
DdeQueryStringW
PrivateExtractIconExW
IMPQueryIMEW
GetMenuDefaultItem
PrivateExtractIconExA
IMPSetIMEA

sqlunirl

_SHGetFileInfo_@20
_FindResource@12
_SetWindowText@8
_CopyFileEx_@24
_DlgDirSelectEx_@16
_CopyMetaFile_@8
_ClearEventLog_@8
_EnumProps_@8
_SHFileOperation_@4
AbortSystemShutdown_
_GetSystemDirectory_@8
_GetClipboardFormatName_@12
_GetFileAttributesEx_@12
_ChangeServiceConfig_@44
_RegLoadKey_@12
_ChooseFont_@4
_VkKeyScan_@4
_tsystem
_AddAtom_@4
_TextOut@20
_TranslateAccelerator@12
_GetUserName@8
_WriteProfileSection_@8
_GetCurrentDirectory_@8
_StartService_@12
_PostMessage@16
_RegQueryInfoKey_@48
_CallMsgFilter_@8
_MessageBoxEx_@20

dhcpsapi

DhcpSetSubnetInfo
DhcpDeleteSubnet
DhcpGetMibInfo
DhcpCreateSubnet
DhcpSetThreadOptions
DhcpSetOptionValues
DhcpRemoveOptionValueV5
DhcpAddSubnetElement
DhcpCreateOptionV5
DhcpGetSubnetInfo
DhcpSetClientInfoV4
DhcpGetClassInfo
DhcpGetServerBindingInfo
DhcpEnumSubnetElementsV5
DhcpServerQueryDnsRegCredentials
DhcpCreateClientInfoV4
DhcpServerBackupDatabase
DhcpSetOptionInfoV5
DhcpEnumClasses
DhcpEnumSubnetClientsV5
DhcpAddSubnetElementV5
DhcpCreateOption
DhcpServerRedoAuthorization
DhcpEnumSubnetElements
DhcpDsCleanup
DhcpRemoveSubnetElementV5
DhcpEnumSubnetClients

kernel32

EraseTape
LockFile
DeviceIoControl
OpenConsoleW
GetLocaleInfoW
GetStartupInfoW
GetComPlusPackageInstallStatus
GetACP
UnlockFileEx
GetProcessTimes
EnumSystemGeoID
QueryDosDeviceW
GetCommTimeouts
GlobalUnfix
GlobalAlloc
ReleaseActCtx
SignalObjectAndWait
HeapQueryInformation
EnumUILanguagesA
GetSystemInfo
GetConsoleDisplayMode
GlobalLock
TerminateThread
VirtualAlloc
GetConsoleCommandHistoryLengthW
GetEnvironmentVariableW
FlushFileBuffers
WriteConsoleA
SetLocaleInfoW
IsValidLocale
SetFilePointerEx
CommConfigDialogA
LoadLibraryA
SetCalendarInfoW
LZCopy
EnumDateFormatsW
GetDiskFreeSpaceA
AllocateUserPhysicalPages

crtdll

_wcsupr
_ismbcprint
isalpha
_setsystime
_mbsncpy
_mbctokata
_mbsrev
fseek
iswgraph
ferror
_endthread
_heapset
setvbuf
localeconv
_fgetwchar
_spawnvpe
memchr
is_wctype
_CIlog10
_creat
iswalpha
_putenv
_setmode
_mbstok
_CIexp
vsprintf
difftime

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

355b4e0307898f19da887625a8b44af3

Headers

DLL Characteristics

File Characteristics

Imports

msls31

user32

sqlunirl

dhcpsapi

kernel32

crtdll

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1016B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1016B

.rsrc
Size: 8KB - Virtual size: 8KB