8c20809ff3b16fc8b5baa07e346c897c24b6d7ba2e44d4d49486adc57f0eea64

Sharing

Copy URL Twitter E-mail

General

Target

8c20809ff3b16fc8b5baa07e346c897c24b6d7ba2e44d4d49486adc57f0eea64
Size

84KB
MD5

4b0bcddabe6d4511918fe8962889c8b6
SHA1

cda067cb6d736a60aeefb0e8fac3f46b29ce44d8
SHA256

8c20809ff3b16fc8b5baa07e346c897c24b6d7ba2e44d4d49486adc57f0eea64
SHA512

48d5f573c45d6fa2bea5ab9ab27affe9460c77e4ca0cec6222f55e4e33551075a4da8f1eeec1c38050fc7c6174a593f228f03404228b5466ed054102b29e5f55
SSDEEP

1536:w8QHy0iePk08rJLXwYoKhiGFSshQO7URA1mnfeC/7LQfjh1DCcrxScgIcZ:UHQfpwYt1hJ7oA1mfJqYcrxSDIcZ

Score

N/A

Malware Config

Signatures

Files

8c20809ff3b16fc8b5baa07e346c897c24b6d7ba2e44d4d49486adc57f0eea64
.exe windows x86

5631ce8c094b506690c50778783eaa59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glVertex3iv
glFrustum
glColor3dv
glEdgeFlag
glGetDoublev
glColorMaterial
glColor4b
glRasterPos2fv
glVertex2iv
glCopyTexImage1D
glTexEnvfv
glEdgeFlagv
glEvalCoord1f
glTexGeni
glRecti
glNormal3b
glIndexPointer
glRectf
wglSwapMultipleBuffers
glGetTexParameteriv
glTexCoord2dv
glPixelMapfv
glClearIndex
glTexCoord1sv
glGetError
glRasterPos4d
glTexCoord3sv
wglMakeCurrent
glGetTexGenfv

odbctrac

TraceSQLColAttributes
TraceSQLTablesW
TraceSQLRowCount
TraceSQLExtendedFetch
TraceSQLFetch
TraceSQLTransact
TraceSQLPutData
TraceSQLPrimaryKeys
TraceSQLBindParameter
TraceSQLPrepareW
TraceSQLExecute
TraceSQLGetConnectOptionW
TraceSQLStatistics
TraceSQLForeignKeysW
TraceSQLSpecialColumnsW
TraceSQLParamData
TraceSQLProcedureColumnsW
TraceSQLColAttribute
TraceVersion
TraceSQLDataSourcesW
TraceSQLGetInfoW
TraceSQLDriverConnect
TraceSQLAllocEnv
TraceSQLFreeConnect
TraceSQLMoreResults
TraceSQLColAttributeW
TraceSQLDescribeParam
TraceSQLAllocHandle
FireVSDebugEvent
TraceSQLNumParams
TraceSQLDrivers
TraceSQLDescribeCol
TraceSQLBulkOperations
TraceSQLParamOptions

shlwapi

StrRetToBSTR
PathRenameExtensionW
StrToIntExA
PathFindOnPathW
UrlEscapeA
PathStripToRootW
PathGetArgsA
PathGetCharTypeA
PathCommonPrefixW
StrCatChainW
StrRChrIW
PathIsLFNFileSpecW
PathCompactPathA
SHIsLowMemoryMachine
SHSetThreadRef
PathParseIconLocationW
PathCreateFromUrlW
PathUnExpandEnvStringsA
PathIsSameRootA
PathSearchAndQualifyW
PathUndecorateA
PathFindNextComponentW
AssocQueryStringByKeyA
UrlIsOpaqueW
StrCmpLogicalW

advapi32

EncryptFileW
SetSecurityDescriptorOwner
GetNamedSecurityInfoExW
SetSecurityInfoExA
WmiQuerySingleInstanceA
SetTokenInformation
LsaOpenPolicySce
ObjectPrivilegeAuditAlarmA
LsaRemovePrivilegesFromAccount
ConvertToAutoInheritPrivateObjectSecurity
CreatePrivateObjectSecurity
LsaQueryForestTrustInformation
GetSecurityInfo
IsValidSid
RegQueryInfoKeyA
GetSecurityDescriptorControl
LsaEnumerateAccounts
LsaStorePrivateData
GetSecurityDescriptorOwner
CredFree
InitiateSystemShutdownW
DuplicateEncryptionInfoFile
SetThreadToken
AllocateLocallyUniqueId
BuildImpersonateTrusteeW
OpenEncryptedFileRawW
LsaAddPrivilegesToAccount
GetTokenInformation
StartServiceCtrlDispatcherW
WmiFileHandleToInstanceNameA
AddAuditAccessAce
SaferGetPolicyInformation
I_ScSendTSMessage

kernel32

GetPrivateProfileStructW
VirtualAlloc
GetVolumePathNameW
CommConfigDialogW
GetModuleHandleA
FindResourceA
ClearCommError
VDMOperationStarted
LocalLock
GetCompressedFileSizeA
GetNumaHighestNodeNumber
FindFirstFileExA
SetConsoleCursorInfo
GetConsoleHardwareState
InterlockedExchange
GetProcessId
GetACP
WaitNamedPipeW
FreeLibrary
LZDone
EnumTimeFormatsW
OpenWaitableTimerW
UTUnRegister
GetCommState
LoadLibraryA
RemoveDirectoryA
SetConsoleOutputCP
LocalAlloc
CreateIoCompletionPort
GetUserDefaultUILanguage
DeleteFileA

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5631ce8c094b506690c50778783eaa59

Headers

File Characteristics

Imports

opengl32

odbctrac

shlwapi

advapi32

kernel32

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 7KB - Virtual size: 17KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 7KB - Virtual size: 17KB

.rsrc
Size: 2KB - Virtual size: 2KB