84a9622be59bce046c05b68efc6d6ec1ab7046bae13a24d34ede875f37abb8f1

Sharing

Copy URL Twitter E-mail

General

Target

84a9622be59bce046c05b68efc6d6ec1ab7046bae13a24d34ede875f37abb8f1
Size

866KB
MD5

58425faefdd1c640153aa53343cdc244
SHA1

326c3e3fdfaf3ca9cf8d5058dd36a2fb93eba5de
SHA256

84a9622be59bce046c05b68efc6d6ec1ab7046bae13a24d34ede875f37abb8f1
SHA512

d5bea57c2996f3faa917c6e32860d13a00b08f9b22221adb47ae297f340365b6ce203716ee7f7df6d9065f549187f46c9698fdacd3cb64e68157fc2dfd428813
SSDEEP

24576:vnnBeXN6sZ+L8yksgjbAeCgMbz6/moNugnKiy8m/:fBG6sggjbzCJKmoRnKX8g

Score

N/A

Malware Config

Signatures

Files

84a9622be59bce046c05b68efc6d6ec1ab7046bae13a24d34ede875f37abb8f1
.exe windows x86

60e042d8c321061122be151a93446dfa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceW
ReleaseActCtx
CreateTimerQueue
LoadModule
lstrcat
SetComputerNameExW
ReadConsoleInputA
SetProcessAffinityMask
GlobalAlloc
SetThreadPriorityBoost
DebugActiveProcessStop
BindIoCompletionCallback
SetTimeZoneInformation
QueryInformationJobObject
AddAtomW
GetConsoleCharType
ReadConsoleOutputW
LocalHandle
FreeLibraryAndExitThread
SetFileShortNameW
WriteProfileStringW
IsBadStringPtrW
LoadLibraryA
WideCharToMultiByte
lstrlenA
GlobalFix
GetLogicalDriveStringsA
CreateMemoryResourceNotification
GetShortPathNameW
VirtualAlloc
DosDateTimeToFileTime
GetAtomNameA
FindFirstFileExA
WritePrivateProfileStringA
DnsHostnameToComputerNameW
RegisterWaitForSingleObjectEx
InterlockedPushEntrySList
ConsoleMenuControl
SetEvent
GetEnvironmentStringsA
SwitchToThread
GetVolumePathNamesForVolumeNameW
IsProcessorFeaturePresent
RegisterConsoleIME
DeleteTimerQueueEx
GetPrivateProfileSectionNamesA
ReplaceFileA
ShowConsoleCursor
ProcessIdToSessionId
DebugBreak
LZCloseFile
ExitVDM
FreeLibrary
GetCurrentThread
GetGeoInfoA
GetTapeParameters
FindClose
OpenFileMappingW
MultiByteToWideChar
UTUnRegister
InterlockedDecrement
GetCurrentThreadId
BaseFlushAppcompatCache
VDMOperationStarted
GetLongPathNameW
ConvertFiberToThread
WaitForSingleObject
lstrcpynA
GetTempFileNameA
LockResource
GetUserDefaultUILanguage
UnlockFileEx
LZClose
GetEnvironmentVariableA
FileTimeToLocalFileTime
DeleteFileW
GetProcessAffinityMask
GetConsoleAliasesLengthA
CreateDirectoryW
EndUpdateResourceW
SetLastError
GetEnvironmentVariableW
_lcreat
GetSystemPowerStatus
GetConsoleAliasA
OpenEventW
SearchPathA
ReadFileScatter
ContinueDebugEvent
EnumSystemCodePagesA
GetPriorityClass
SetVolumeLabelW
GetExitCodeProcess
OutputDebugStringA
WritePrivateProfileStringW
SetCommMask
FindResourceW
WaitNamedPipeA
CreateJobObjectA
ExpungeConsoleCommandHistoryA
BaseCleanupAppcompatCacheSupport
GetPrivateProfileIntW
ReadConsoleA
GetProfileStringW
WTSGetActiveConsoleSessionId
EnumTimeFormatsA
TransactNamedPipe
GetCPInfo
UnlockFile
RequestDeviceWakeup
OpenMutexA

msvcirt

?width@ios@@QBEHXZ
??_8iostream@@7Bostream@@@
?open@fstream@@QAEXPBDHH@Z
?is_open@fstream@@QBEHXZ
?put@ostream@@QAEAAV1@D@Z
?iword@ios@@QBEAAJH@Z
??0istrstream@@QAE@PAD@Z
?sputbackc@streambuf@@QAEHD@Z
??0istream@@QAE@PAVstreambuf@@@Z
?fill@ios@@QBEDXZ
?close@filebuf@@QAEPAV1@XZ
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??_Eostream@@UAEPAXI@Z
?setmode@ifstream@@QAEHH@Z
?flush@@YAAAVostream@@AAV1@@Z
??0filebuf@@QAE@XZ
??1ostream@@UAE@XZ
?stdiofile@stdiobuf@@QAEPAU_iobuf@@XZ
?underflow@strstreambuf@@UAEHXZ
??0logic_error@@QAE@ABQBD@Z
?get@istream@@QAEAAV1@AAD@Z
??_Gistream@@UAEPAXI@Z
??4ostrstream@@QAEAAV0@ABV0@@Z
?delbuf@ios@@QAEXH@Z
??_Gostrstream@@UAEPAXI@Z
??0ifstream@@QAE@ABV0@@Z
?oct@@YAAAVios@@AAV1@@Z
?lockptr@streambuf@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??1exception@@UAE@XZ
??1ofstream@@UAE@XZ
?adjustfield@ios@@2JB
?in_avail@streambuf@@QBEHXZ

sqlunirl

_MapVirtualKey_@8
_DefineDosDevice_@12
newMultiByteFromWideChar
_CreateStatusWindow_@16
_CallMsgFilter_@8
_GetSaveFileName@4
_ShellExecute_@24
_NDdeShareGetInfo_@28
_CreateFont@56
_FindFirstFileEx_@24
_CommDlg_OpenSave_GetFilePath@12
_RegLoadKey_@12
_FindWindow_@8
_EnumFontFamiliesEx_@20
_IsCharAlphaNumeric_@4
_GetDefaultCommConfig_@12
_DispatchMessage_@4
_GetClassLong_@8
_OpenWaitableTimer_@12
_LoadBitmap@8
_CreateFile@28
_RegCreateKey_@12
_EnumFonts_@16
_GetKeyNameText_@12
_GetFileVersionInfoSize_@8
_CreateColorSpace_@4
_GetPrivateProfileSectionNames_@12
_GetTempPath_@8
_SendMessageCallback_@24
_RegisterServiceCtrlHandler_@8
_IsCharAlpha_@4
_TextOut@20
_OpenWindowStation_@12
_OpenBackupEventLog_@8
_FindNextFile_@8
_FindResource@12
_RemoveProp@8
_ExtractAssociatedIcon_@12
_NDdeIsValidShareName_@4

msi

MsiOpenPackageExA
MsiQueryFeatureStateFromDescriptorW
MsiGetUserInfoW
MsiSourceListClearAllA
MsiGetProductCodeA
MsiPreviewBillboardA
MsiApplyPatchW
MsiGetProductInfoFromScriptW
MsiRecordClearData
MsiDoActionW
MsiDatabaseGetPrimaryKeysA
MsiGetFeatureCostA
MsiProvideComponentW
MsiGetSummaryInformationA
MsiProvideAssemblyA
MsiViewFetch
MsiConfigureProductExA
MsiEnableUIPreview
MsiCloseAllHandles
MsiVerifyPackageA
MsiGetFileSignatureInformationA
MsiLocateComponentW
MsiCreateAndVerifyInstallerDirectory
MsiInstallMissingComponentA
MsiGetTargetPathW
MsiIsProductElevatedW
MsiGetShortcutTargetA
MsiSourceListClearAllW
MsiGetFeatureInfoA
MsiCollectUserInfoW
MsiAdvertiseScriptW
MsiOpenDatabaseA
MsiEnumComponentsA
MsiSetInstallLevel
MsiEnumRelatedProductsW
MsiQueryFeatureStateW
MsiGetFileHashA
MsiGetComponentPathA
MsiAdvertiseProductExW
MsiCreateTransformSummaryInfoW
MsiGetPatchInfoA
MsiEnumClientsA
MsiEnumPatchesW
MsiDeleteUserDataW
MsiInvalidateFeatureCache

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 567KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60e042d8c321061122be151a93446dfa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcirt

sqlunirl

msi

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 567KB - Virtual size: 568KB

.data Size: 99KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 567KB - Virtual size: 568KB

.data
Size: 99KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB