21853010ad309690c6bfeab93ec0db056e271a87cd2fcdbbf00eaf09e43574de

Sharing

Copy URL Twitter E-mail

General

Target

21853010ad309690c6bfeab93ec0db056e271a87cd2fcdbbf00eaf09e43574de
Size

329KB
MD5

37cdddfb9bc04a71782d9679df674d30
SHA1

1082b2d885124c5cb9d45c5dc4fb82ee81ae8015
SHA256

21853010ad309690c6bfeab93ec0db056e271a87cd2fcdbbf00eaf09e43574de
SHA512

625b01fdc1d6815719acac37ff0636d900750ae8da8422df8818f608ec5a57b79a1cf3270cf5d17fe198cacd7ad3afa70280b3d42b7af6d53f858ff2ce06faf4
SSDEEP

6144:hpD14sEuCzaQy+YEjOuf/5xDbhl6EmQSksO1pK74wHStTEL1:7isEFuoaC/7/ak34vUu1

Score

N/A

Malware Config

Signatures

Files

21853010ad309690c6bfeab93ec0db056e271a87cd2fcdbbf00eaf09e43574de
.exe windows x86

3b16c86abbd13c4789cf954c56dcd5fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

utildll

AsyncDeviceEnumerate
GetSystemMessageA
HaveAnonymousUsersChanged
ElapsedTimeString
CalculateDiffTime
InstallModem
StrProcessState
NetworkDeviceEnumerate
StandardErrorMessage
CalculateElapsedTime
IsPartOfDomain
SetupAsyncCdConfig
QueryCurrentWinStation
RegGetNetworkServiceName
StrConnectState
ConfigureModem
StrSystemWaitReason
DateTimeString
CompareElapsedTime
CachedGetUserFromSid
WinEnumerateDevices
TestUserForAdmin
GetSystemMessageW
CtxGetAnyDCName

kernel32

DeleteFileA
SetThreadAffinityMask
ClearCommError
LoadLibraryA
GetEnvironmentStringsA
IsDBCSLeadByte
LocalSize
CloseHandle
LocalAlloc
EnumLanguageGroupLocalesW
OpenWaitableTimerA
BaseCheckAppcompatCache
ReadConsoleInputExW
FindNextFileW
Toolhelp32ReadProcessMemory
VirtualAlloc
AllocConsole
GetComputerNameW
GetFullPathNameA
FindNextVolumeMountPointW
RemoveDirectoryA
SearchPathA
QueryPerformanceCounter
UnregisterWait
GetCurrentProcessId
FreeEnvironmentStringsW

cryptdlg

DecodeRecipientID
DecodeAttrSequence
CertTrustInit
GetFriendlyNameOfCertA
CertViewPropertiesA
CertTrustFinalPolicy
EncodeRecipientID
EncodeAttrSequence
CertViewPropertiesW
CertModifyCertificatesToTrust
FormatVerisignExtension
CertTrustCertPolicy
CertSelectCertificateA
FormatPKIXEmailProtection
CertConfigureTrustA
CertTrustCleanup
CertConfigureTrustW
GetFriendlyNameOfCertW
CertSelectCertificateW

odbccr32

SQLTransact
SQLParamData
SQLGetData
SQLExecDirect
SQLSetPos
SQLSetConnectOption
SQLFetchScroll
SQLGetStmtAttr
SQLNumParams
SQLPutData
SQLBindCol
SQLGetDescRec
SQLSetStmtAttr
SQLSetStmtOption
SQLGetDescField
SQLParamOptions
SQLBulkOperations
SQLSetDescField
SQLMoreResults
SQLSetDescRec
SQLSetConnectAttr

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b16c86abbd13c4789cf954c56dcd5fa

Headers

File Characteristics

Imports

utildll

kernel32

cryptdlg

odbccr32

Sections

.text Size: 110KB - Virtual size: 109KB

.rdata Size: 206KB - Virtual size: 205KB

.data Size: 1024B - Virtual size: 361KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 110KB - Virtual size: 109KB

.rdata
Size: 206KB - Virtual size: 205KB

.data
Size: 1024B - Virtual size: 361KB

.rsrc
Size: 11KB - Virtual size: 10KB