b16e5e7f72c89754b4792095f10693a47d77b4d0ca971f2ae4758839bc5b65f6

Sharing

Copy URL Twitter E-mail

General

Target

b16e5e7f72c89754b4792095f10693a47d77b4d0ca971f2ae4758839bc5b65f6
Size

850KB
MD5

90e74aec54450f7fd76ed261b1349939
SHA1

58106ea2060715761e5514f3e41ecfb415e8c8b8
SHA256

b16e5e7f72c89754b4792095f10693a47d77b4d0ca971f2ae4758839bc5b65f6
SHA512

afb0cc2dbb96bd6438b154db162f3649a0a2516af485933da13b47492168e636a28b70d4d807f174514fa69fd08e68aa2bc498d05a7a1a90d08766af7c8bb209
SSDEEP

24576:0wKjgshvMzPk6enqjFiOAz3CkrkBtvOtfjnnI:0Bjk7FiJNRjn

Score

N/A

Malware Config

Signatures

Files

b16e5e7f72c89754b4792095f10693a47d77b4d0ca971f2ae4758839bc5b65f6
.exe windows x86

9559aad749df682eddee0fd6fe583d75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlsrv32

SQLFetchScroll
SQLPrimaryKeysW
LibMain
SQLSetEnvAttr
SQLGetData
SQLGetEnvAttr
SQLProceduresW
SQLTablePrivilegesW
SQLParamOptions
BCP_batch
SQLParamData
SQLSetConnectAttrW
SQLSetCursorNameW
SQLColumnPrivilegesW
SQLNumResultCols
BCP_writefmt
SQLExtendedFetch
SQLDisconnect
SQLGetDescFieldW
SQLTablesW
WizDatabaseDlgProc
SQLMoreResults

odbc32

SQLFreeStmt
SQLSetStmtAttrA
SQLGetInfoA
OpenODBCPerfData
SQLAllocHandleStd
SQLGetInfoW
SQLGetConnectOptionA
SQLExecDirectA
SQLFetchScroll
SQLBulkOperations
SQLPrimaryKeys
SQLGetConnectAttrA
CursorLibLockDbc
GetODBCSharedData
SQLProceduresW
SQLGetInfo
SQLError
SQLColumnsA
SQLCopyDesc
ODBCQualifyFileDSNW

activeds

ADsBuildVarArrayStr
ConvertSecurityDescriptorToSecDes
AllocADsMem
ADsEncodeBinaryData
ADsBuildVarArrayInt
ADsDecodeBinaryData
AllocADsStr
AdsFreeAdsValues
FreeADsMem
ADsGetLastError
ADsSetLastError
FreeADsStr
ReallocADsMem
ADsOpenObject
AdsTypeToPropVariant2
BinarySDToSecurityDescriptor
ADsFreeEnumerator
SecurityDescriptorToBinarySD
ADsEnumerateNext
AdsTypeToPropVariant
PropVariantToAdsType2
ReallocADsStr

kernel32

LockFile
SystemTimeToTzSpecificLocalTime
GetLongPathNameA
EnumCalendarInfoW
FindCloseChangeNotification
LoadLibraryA
GetShortPathNameA
GlobalCompact
FlushInstructionCache
VirtualAlloc
GetFileAttributesExW
GetNumaAvailableMemoryNode
MoveFileWithProgressA
RtlCaptureContext
lstrcmpiW
GetThreadTimes
GetConsoleCursorMode
Thread32First
IsBadStringPtrA
BuildCommDCBAndTimeoutsA
GetFileAttributesExA
InitializeCriticalSection
ScrollConsoleScreenBufferW
IsValidCodePage
GetCommState

msi

MsiSummaryInfoGetPropertyW
MsiGetComponentPathA
MsiUseFeatureA
MsiIsProductElevatedW
MsiGetProductCodeA
MsiDatabaseExportW
MsiGetProductCodeFromPackageCodeW
MsiProvideAssemblyA
MsiGetFileSignatureInformationA
MsiNotifySidChangeW
MsiGetFeatureUsageA
MsiEnumComponentCostsA
MsiGetProductPropertyW
MsiDatabaseMergeA
MsiGetSourcePathA
MsiGetFeatureCostW
MsiDeleteUserDataA
MsiViewGetErrorW
MsiGetFeatureCostA
MsiVerifyPackageA
MsiEnumRelatedProductsA
MsiRecordReadStream
MsiSourceListAddSourceW

Sections

.text
Size: 759KB - Virtual size: 758KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9559aad749df682eddee0fd6fe583d75

Headers

DLL Characteristics

File Characteristics

Imports

sqlsrv32

odbc32

activeds

kernel32

msi

Sections

.text Size: 759KB - Virtual size: 758KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 759KB - Virtual size: 758KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB