94d9a725476d31b1597cce7788811846069833b759fb738dd74768108aaef0cf

Sharing

Copy URL Twitter E-mail

General

Target

94d9a725476d31b1597cce7788811846069833b759fb738dd74768108aaef0cf
Size

54KB
MD5

0a9c3424f0495b659fe112dfe3d201ff
SHA1

15f573871dd8c426cecd14ef5289e72a96acbf9c
SHA256

94d9a725476d31b1597cce7788811846069833b759fb738dd74768108aaef0cf
SHA512

88b72526fa65d5a469fcb5fef12ee485d7b8e15f3bed25c3eead7654126130b57637aefeba874c7f26bc80ae1828386fe7166051b7a944f5814b9cd22e574c7d
SSDEEP

768:P/bkHiQoKC4bm/hQsekvtni+NjFR+Ed2vhXv8bf7jm7WbIOObtrP05GLQF73e/P1:Pfcmukvtni+N5R3W/wfgbt4GM9OEwv

Score

N/A

Malware Config

Signatures

Files

94d9a725476d31b1597cce7788811846069833b759fb738dd74768108aaef0cf
.exe windows x86

de5c104b6c3111f69dc83d7268f982d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLanguageGroupsA
SetHandleInformation
SetConsoleWindowInfo
GetUserDefaultUILanguage
ExitProcess
DeleteTimerQueueEx
QueryPerformanceCounter
SetThreadPriority
GetModuleFileNameA
RemoveLocalAlternateComputerNameA
LZInit
IsBadStringPtrW
SetProcessShutdownParameters
LoadLibraryA
WriteFileGather
InterlockedExchange
IsDebuggerPresent
DebugActiveProcessStop
WaitNamedPipeA
WriteProfileSectionW
SetStdHandle
WritePrivateProfileSectionA
lstrlen
GetDateFormatW
WriteFileEx
OpenEventW
GetSystemTimeAsFileTime
SetFirmwareEnvironmentVariableW
VirtualAlloc
CloseHandle
GetModuleHandleA
GetThreadTimes

winmm

midiStreamPosition
midiOutUnprepareHeader
aux32Message
auxSetVolume
auxGetDevCapsA
midiInGetID
midiOutGetErrorTextW
OpenDriver
waveInMessage
joyGetDevCapsW
midiInUnprepareHeader
CloseDriver
mmioOpenW
midiOutCacheDrumPatches
mciSetYieldProc
mmTaskSignal
mciSendCommandA
timeGetDevCaps
joySetCapture
mixerMessage
mixerGetNumDevs
mixerGetLineInfoW
midiStreamRestart
waveOutMessage
sndPlaySoundA
midiInAddBuffer

msorcl32

SQLParamData
SQLCancel
SQLPrepare
SQLAllocConnect
SQLDescribeCol
SQLMoreResults
SQLNumParams
SQLProcedures
SQLTransact
SQLConnect
LoadByOrdinal
SQLForeignKeys
SQLSetConnectOption
SQLPrimaryKeys
SQLFetch
SQLNativeSql
SQLBindParameter
SQLColAttributes
SQLTables
SQLBrowseConnect
SQLGetInfo
SQLSetPos
SQLAllocEnv
SQLGetTypeInfo
SQLDisconnect
SQLGetConnectOption
SQLSetCursorName
SQLPutData
SQLColumns
SQLBindCol
SQLDriverConnect

advapi32

WmiFreeBuffer
CryptEnumProvidersA
SystemFunction030
InstallApplication
UnregisterTraceGuids
AddAce
GetSecurityDescriptorDacl
IsWellKnownSid
ElfOldestRecord
SystemFunction031
GetAuditedPermissionsFromAclW
EnumServiceGroupW
QueryServiceLockStatusW
StartServiceCtrlDispatcherA
AccessCheckAndAuditAlarmA
GetServiceDisplayNameW
SetSecurityDescriptorDacl
TrusteeAccessToObjectW
RegConnectRegistryA
QueryServiceConfig2W
GetNumberOfEventLogRecords
SaferComputeTokenFromLevel
LogonUserExA
GetManagedApplications
CommandLineFromMsiDescriptor
I_ScSetServiceBitsA
GetAccessPermissionsForObjectA
LookupPrivilegeNameA
GetSecurityDescriptorControl
CreateProcessWithLogonW
CreateProcessAsUserW
ObjectDeleteAuditAlarmA
ElfReadEventLogW
PrivilegedServiceAuditAlarmA
SystemFunction033

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de5c104b6c3111f69dc83d7268f982d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

msorcl32

advapi32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 10KB