f5d91ea641ace8867c48da9f4fef3f64188cf31d1ee32b470753209e5ce1f24f

Sharing

Copy URL Twitter E-mail

General

Target

f5d91ea641ace8867c48da9f4fef3f64188cf31d1ee32b470753209e5ce1f24f
Size

693KB
MD5

ac7eff82934e3259e167c505b7e36b10
SHA1

16abc41c628861e01585e0848217938cea5008e2
SHA256

f5d91ea641ace8867c48da9f4fef3f64188cf31d1ee32b470753209e5ce1f24f
SHA512

5c9a57cb2ac8841a6274f19a2d599b34fb29064a270444a31a7cf112fd8f54f015cfd61c7aaf371ad7e82f63db95ba225107e553e299a0a7f7c49b40a95601e8
SSDEEP

12288:U9izHAorZmAJbZDbOJ0O4rMyb/V3DAo0ujyWNB4HUPqpB1h9:iiz3mArw03pb/dAo00xBOUipH

Score

N/A

Malware Config

Signatures

Files

f5d91ea641ace8867c48da9f4fef3f64188cf31d1ee32b470753209e5ce1f24f
.exe windows x86

818f6e25cd5434e4d5af9b420abdf5a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_purecall
_mbsdec
_control87
__p__fmode
??1bad_cast@@UAE@XZ
strchr
_mbslwr
memmove
_getch
fseek
_mbsnbcnt
wcspbrk
swscanf
_wfindnext
_CIsqrt
_wsplitpath
_beginthreadex
atof
_wsystem
free
_ismbblead

user32

GetPropA
IsDialogMessageW
SetCursorPos
PrivateExtractIconsW
GetClassInfoW
GetShellWindow
WinHelpA
DrawEdge
SetMenu
CopyImage
FreeDDElParam
ShowCaret
IsCharLowerW
GetDlgItemTextA
GetClipboardViewer
CreateDialogIndirectParamA
SetWindowContextHelpId
DdeFreeStringHandle
DdeClientTransaction
PostThreadMessageW
BlockInput
CreateDesktopW
RegisterHotKey
GetMenuDefaultItem
OemToCharA
DrawIcon
LoadAcceleratorsW
GetWindowTextW
GetWindowPlacement

advapi32

WmiNotificationRegistrationW
AllocateAndInitializeSid
RegCreateKeyExW
RegisterTraceGuidsA
BuildSecurityDescriptorW
OpenThreadToken
SystemFunction036
ImpersonateSelf
OpenServiceA
LsaSetInformationPolicy
CryptGetUserKey
LsaCreateSecret
ImpersonateLoggedOnUser
InitiateSystemShutdownExW
RegNotifyChangeKeyValue
CryptGetKeyParam
AccessCheckAndAuditAlarmA
DuplicateTokenEx
ReadEventLogA
AddUsersToEncryptedFile
RegCreateKeyA
SystemFunction040
RegOpenKeyExW
ConvertStringSidToSidA
TraceMessage
ConvertSidToStringSidA
CopySid
CryptGetDefaultProviderW
SetNamedSecurityInfoA
RegReplaceKeyA
ChangeServiceConfig2W
QueryServiceConfigW
RegOpenUserClassesRoot
CreateWellKnownSid
AddAccessAllowedAce
AddAce
SetFileSecurityA
RegDeleteValueA
GetSidSubAuthorityCount

odbc32

SearchStatusCode
ValidateErrorQueue
CursorLibLockStmt
LockHandle
VRetrieveDriverErrorsRowCol
CursorLibLockDesc
CursorLibLockDbc
CursorLibTransact
PostODBCComponentError
PostODBCError
SQLBrowseConnectA
VFreeErrors

oleaut32

VariantCopy
SysFreeString
SysAllocStringLen
VariantCopyInd
GetActiveObject
SafeArrayGetUBound
VariantClear
SysAllocStringByteLen
SafeArrayPtrOfIndex
VariantChangeType
VariantInit
GetErrorInfo
SafeArrayGetLBound
SysStringLen
SafeArrayCreate
SysReAllocStringLen
VariantChangeTypeEx

kernel32

FileTimeToLocalFileTime
GetPrivateProfileStringW
GlobalSize
GetStdHandle
FreeEnvironmentStringsW
GlobalFree
FormatMessageW
ReadFile
GetExitCodeProcess
GlobalReAlloc
GetProfileStringW
GetProfileIntA
DisconnectNamedPipe
SetFileTime
DeviceIoControl
RemoveDirectoryW
GetThreadSelectorEntry
GetConsoleCP
GetModuleFileNameW
SwitchToFiber
LocalLock
InterlockedIncrement
VirtualAlloc
FlushInstructionCache
HeapSetInformation
PurgeComm
ReadConsoleOutputA
GetConsoleTitleW
InitializeCriticalSection

Sections

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 382KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 555KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

818f6e25cd5434e4d5af9b420abdf5a1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

advapi32

odbc32

oleaut32

kernel32

Sections

.data Size: 9KB - Virtual size: 8KB

.text Size: 18KB - Virtual size: 382KB

.rdata Size: 555KB - Virtual size: 920KB

.rsrc Size: 109KB - Virtual size: 108KB

.reloc Size: 1024B - Virtual size: 202B

.data
Size: 9KB - Virtual size: 8KB

.text
Size: 18KB - Virtual size: 382KB

.rdata
Size: 555KB - Virtual size: 920KB

.rsrc
Size: 109KB - Virtual size: 108KB

.reloc
Size: 1024B - Virtual size: 202B