9572fe12f501c650a6cb585298d7b56ea14f3c42ddfc286f79afcfe51f700679

Sharing

Copy URL Twitter E-mail

General

Target

9572fe12f501c650a6cb585298d7b56ea14f3c42ddfc286f79afcfe51f700679
Size

845KB
MD5

6d461b00bf9308440a9e1b70283e0a67
SHA1

fd95a901eb6ca9127bb3f221c6e4c59e684b6748
SHA256

9572fe12f501c650a6cb585298d7b56ea14f3c42ddfc286f79afcfe51f700679
SHA512

9d19df00ea5218e387e370ec697fc8a2642124d7b7b733815bdc6e49982d5ab47c806b0db49265b6cb12a79b2fea35743dac0674ac3bacc189c9d0c6cbf17c9a
SSDEEP

24576:iyHkWiX1M7PESJCly5+T5FurFjCrd8lB7d:MjG7PDsnT5FudCuB

Score

N/A

Malware Config

Signatures

Files

9572fe12f501c650a6cb585298d7b56ea14f3c42ddfc286f79afcfe51f700679
.exe windows x86

651499c1910321703a51ed466289d258

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadModule
VirtualAlloc
GetVolumePathNameA
GetTapePosition
lstrcatA
EnumCalendarInfoA
_lclose
GetModuleHandleA
GetComPlusPackageInstallStatus
GetDefaultCommConfigW
CreateProcessInternalA
LZCreateFileW
SetThreadUILanguage
CreateConsoleScreenBuffer
CreateToolhelp32Snapshot
GetConsoleCP
OpenFile
EnumTimeFormatsA
QueryPerformanceCounter
SetConsoleInputExeNameW
FoldStringW
DeleteTimerQueueEx
SystemTimeToTzSpecificLocalTime
Toolhelp32ReadProcessMemory
GetCurrentThreadId
LoadLibraryA
GetSystemDirectoryA
RtlFillMemory
HeapCompact
SetClientTimeZoneInformation
VDMConsoleOperation
WideCharToMultiByte
SetFileTime
InterlockedIncrement
SizeofResource
GetHandleInformation
SetFilePointer
GetConsoleKeyboardLayoutNameW
FindNextVolumeW
HeapSize
ConvertDefaultLocale
EnumSystemCodePagesA
GetPrivateProfileSectionW
MapUserPhysicalPagesScatter
GetBinaryType
OutputDebugStringA
GetConsoleWindow
GlobalMemoryStatus

odbccr32

SQLExecute
SQLGetInfo
SQLGetDescRec
SQLFetch
SQLExecDirect
SQLNativeSql
SQLFreeStmt
SQLSetDescRec
SQLBulkOperations
SQLFetchScroll
SQLPutData
SQLCancel
SQLBindParameter
SQLGetDescField
SQLRowCount
SQLSetStmtAttr
SQLPrepare
SQLSetStmtOption
ReleaseCLStmtResources
SQLFreeHandle
SQLSetPos
SQLExtendedFetch

advpack

AdvInstallFile
RegSaveRestore
OpenINFEngine
NeedRebootInit
NeedReboot
ExecuteCab
FileSaveRestoreOnINF
RegInstall
RegRestoreAll
LaunchINFSectionEx
TranslateInfStringEx
GetVersionFromFileEx
ExtractFiles
RebootCheckOnInstall
IsNTAdmin
FileSaveRestore
SetPerUserSecValues
CloseINFEngine
DelNodeRunDLL32
LaunchINFSection
RegSaveRestoreOnINF
FileSaveMarkNotExist
UserUnInstStubWrapper

Sections

.text
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 339KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

651499c1910321703a51ed466289d258

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

odbccr32

advpack

Sections

.text Size: 500KB - Virtual size: 499KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 339KB - Virtual size: 1.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 396B

.text
Size: 500KB - Virtual size: 499KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 339KB - Virtual size: 1.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 396B