9eb37c490b570ea329f05ad742fbc25d54abd43a547c50c53c4d15a023f458ed

Sharing

Copy URL Twitter E-mail

General

Target

9eb37c490b570ea329f05ad742fbc25d54abd43a547c50c53c4d15a023f458ed
Size

45KB
MD5

5a7aacac22147f45a4b29ec432e658c3
SHA1

3f1be7278380ddf8af050f257efb86c93387c957
SHA256

9eb37c490b570ea329f05ad742fbc25d54abd43a547c50c53c4d15a023f458ed
SHA512

6036a43211e288b5802b30527c50f8130ccefd5389836cecfce95c537764fdb64860542b4b5b719b5ad05f5cdad064303cd488dc0fa144e00ffc66e70474bd74
SSDEEP

768:e2j+HIy5QjkeyrOp5qvc7Mh0EN44zpTS7mGvuglJh/U+4ckAqEBT:eS+LQQeyqKbh54YS7tuCh/U+4c7dT

Score

N/A

Malware Config

Signatures

Files

9eb37c490b570ea329f05ad742fbc25d54abd43a547c50c53c4d15a023f458ed
.exe windows x86

c31025f3e7b38bafd01ecf1a461ab12c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clusapi

ClusterRegGetKeySecurity
CreateClusterResource
ClusterResourceTypeGetEnumCount
GetClusterResourceNetworkName
ClusterNodeCloseEnum
ClusterRegEnumValue
ClusterOpenEnum
ClusterRegCreateKey
ClusterControl
GetClusterFromGroup
CloseCluster
ClusterEnum
CloseClusterNode
SetClusterQuorumResource
GetClusterKey
ClusterRegDeleteValue
EvictClusterNode
GetClusterNodeState
ClusterResourceControl
ClusterRegQueryValue
SetClusterGroupName
ClusterRegCloseKey
ClusterGetEnumCount
OnlineClusterResource

wintrust

CryptSIPGetSignedDataMsg
CryptCATAdminReleaseCatalogContext
FindCertsByIssuer
CryptSIPPutSignedDataMsg
CryptCATAdminCalcHashFromFileHandle
WTHelperOpenKnownStores
CryptCATCDFEnumMembersByCDFTag
WinVerifyTrustEx
WVTAsn1SpcSpAgencyInfoEncode
SoftpubLoadDefUsageCallData
DriverFinalPolicy
WintrustSetRegPolicyFlags
CryptCATPutCatAttrInfo
WintrustLoadFunctionPointers
WTHelperIsInRootStore
SoftpubDefCertInit

winmm

midiOutGetVolume
waveInGetErrorTextW
mciSendCommandA
joyGetDevCapsW
midiOutGetNumDevs
midiInPrepareHeader
mciLoadCommandResource
mciGetDeviceIDFromElementIDW
waveOutGetPitch
waveOutSetVolume
waveOutGetErrorTextW
auxSetVolume
mciExecute
timeKillEvent
waveOutSetPlaybackRate
mmDrvInstall
mmGetCurrentTask
mixerGetNumDevs
midiInStart
midiOutLongMsg
mciGetCreatorTask
waveInClose
mciDriverNotify
mmioSetBuffer

kernel32

GetProcessPriorityBoost
GlobalUnlock
Thread32Next
CancelWaitableTimer
VirtualAlloc
PeekConsoleInputW
LoadLibraryA
GetSystemDefaultLangID
GetStartupInfoA
WriteConsoleOutputCharacterW
GetTimeZoneInformation
GetNamedPipeHandleStateA
GetPrivateProfileSectionA
SetConsoleOutputCP
GetProfileSectionW
InterlockedPopEntrySList
LoadResource
CreateConsoleScreenBuffer
LocalShrink
GetCurrentThread
ReadFile
CreateToolhelp32Snapshot
IsDebuggerPresent
GetFullPathNameW
ExpungeConsoleCommandHistoryA
GetConsoleCursorInfo
QueryPerformanceCounter
HeapCreate

odbctrac

TraceSQLGetTypeInfo
TraceSQLExecDirectW
FireVSDebugEvent
TraceSQLGetDescRec
TraceSQLParamOptions
TraceSQLGetEnvAttr
TraceSQLProcedures
TraceSQLPrepareW
TraceSQLAllocHandle
TraceCloseLogFile
TraceSQLGetFunctions
TraceSQLGetDescFieldW
TraceSQLForeignKeys
TraceSQLColAttribute
TraceSQLGetCursorName
TraceSQLCancel

shlwapi

SHQueryValueExA
StrCpyNW
PathRelativePathToW
IntlStrEqWorkerA
AssocQueryStringByKeyA
StrCSpnW
StrSpnA
StrIsIntlEqualW
AssocQueryKeyW
StrChrIA
PathCreateFromUrlW
SHDeleteValueW
PathSkipRootW
wnsprintfA
PathIsRelativeA
PathIsDirectoryA
SHRegDeleteUSValueW
PathRemoveFileSpecW
PathUndecorateA
PathFindNextComponentA
UrlGetLocationA
StrRetToStrA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c31025f3e7b38bafd01ecf1a461ab12c

Headers

DLL Characteristics

File Characteristics

Imports

clusapi

wintrust

winmm

kernel32

odbctrac

shlwapi

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB