85b80d3d4d715a8bf6b4bf16915e8b43340d80966817446d1095531917d2d24b

Sharing

Copy URL Twitter E-mail

General

Target

85b80d3d4d715a8bf6b4bf16915e8b43340d80966817446d1095531917d2d24b
Size

823KB
MD5

73ec7afb92e0ab334c395c1df548ce7a
SHA1

620e25f1364f30880a49f321ca8fa948e7470747
SHA256

85b80d3d4d715a8bf6b4bf16915e8b43340d80966817446d1095531917d2d24b
SHA512

13879358eb9f8bfb68d51c2ac719d5420872a39475ede501e52652bd587332d20ac79442fa8f41d1ad719a2c3b12ed87f5d5c85e1f69215276a9181a6157662b
SSDEEP

24576:VyRrm68B/RQcFxfsx/+37pV18iD8LhAJ6Zm0:V8p81ixSVUu0

Score

N/A

Malware Config

Signatures

Files

85b80d3d4d715a8bf6b4bf16915e8b43340d80966817446d1095531917d2d24b
.exe windows x86

c0c62c3b8aba29ca776c4c5ccd90fc31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pdh

PdhVerifySQLDBA
PdhExpandWildCardPathW
PdhValidatePathA
PdhEnumMachinesHA
PdhGetCounterInfoW
PdhParseCounterPathA
PdhSetDefaultRealTimeDataSource
PdhVerifySQLDBW
PdhTranslate009CounterA
PdhGetDefaultPerfCounterW
PdhAddCounterW
PdhCloseQuery
PdhGetCounterInfoA
PdhSetLogSetRunID
PdhIsRealTimeQuery
PdhCollectQueryDataEx
PdhUpdateLogW
PdhGetRawCounterArrayA
PdhLookupPerfNameByIndexA
PdhLookupPerfNameByIndexW
PdhEnumObjectsA
PdhTranslateLocaleCounterA
PdhCreateSQLTablesA
PdhEnumObjectItemsHA
PdhTranslateLocaleCounterW
PdhExpandCounterPathA
PdhOpenQueryH
PdhEnumObjectItemsA
PdhGetDefaultPerfObjectHA
PdhGetDefaultPerfObjectW

msvcrt

getenv
iswgraph
acos
__p__commode
_wfdopen
_locking
strtod
_strdate
_except_handler2
__set_app_type
exit
_adj_fprem1
__p___initenv
__getmainargs
_aligned_offset_malloc
isupper
_CIatan
__p__timezone
_ismbcgraph

odbcjt32

LoadByOrdinal
SQLSetCursorNameW
SQLAllocHandle
SQLAllocConnect
SQLStatisticsW
SQLGetCursorNameW
SQLNumResultCols
SQLPrepareW
DefTxtFmtDlgProc
SQLProcedureColumnsW
SQLFetchScroll
SQLGetDiagFieldW
SQLBindCol
SQLDescribeColW
SQLFreeEnv
SQLPutData
SQLDisconnect
SQLAllocEnv
SQLCopyDesc
SQLGetInfoW
SQLSetScrollOptions
SQLSetStmtAttrW
OpenDirHook
SQLProceduresW

odbctrac

TraceSQLTransact
TraceSQLSpecialColumns
TraceSQLBindCol
TraceSQLExecDirectW
TraceSQLAllocHandleStdW
TraceSQLAllocHandleStd
TraceSQLProcedures
TraceSQLDataSourcesW
TraceSQLCloseCursor
TraceSQLFetch
TraceSQLGetFunctions
TraceSQLSetConnectOption
TraceSQLDriverConnect
TraceSQLDescribeCol
TraceSQLConnect
TraceSQLAllocEnv
TraceSQLPrepare

kernel32

DeleteFileA
GetCurrentThread
MapViewOfFileEx
SetComputerNameW
SetFileValidData
FindActCtxSectionStringW
GetDiskFreeSpaceA
SetThreadIdealProcessor
lstrcmpiA
SetErrorMode
GetLocaleInfoA
BackupRead
GetEnvironmentStringsA
ActivateActCtx
LoadLibraryW

wininet

FtpPutFileEx
InternetGetCookieExA
InternetGoOnline
InternetTimeFromSystemTimeW
FtpRenameFileA
InternetOpenUrlW
GetUrlCacheEntryInfoExA
InternetGetCookieW
DeleteUrlCacheEntry
InternetLockRequestFile
FtpCreateDirectoryW
CommitUrlCacheEntryA
SetUrlCacheEntryGroupA
DeleteUrlCacheGroup
FtpGetFileW
GetUrlCacheEntryInfoW
ShowClientAuthCerts
InternetErrorDlg
DeleteIE3Cache
InternetSetPerSiteCookieDecisionA
InternetAlgIdToStringW
FtpPutFileW
GopherGetAttributeW
InternetSetStatusCallback
InternetCreateUrlA

user32

DefWindowProcA
RegisterClassA
PostQuitMessage

Sections

.text
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0c62c3b8aba29ca776c4c5ccd90fc31

Headers

DLL Characteristics

File Characteristics

Imports

pdh

msvcrt

odbcjt32

odbctrac

kernel32

wininet

user32

Sections

.text Size: 363KB - Virtual size: 363KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 173KB - Virtual size: 1.6MB

.rsrc Size: 178KB - Virtual size: 177KB

.reloc Size: 1024B - Virtual size: 836B

.text
Size: 363KB - Virtual size: 363KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 173KB - Virtual size: 1.6MB

.rsrc
Size: 178KB - Virtual size: 177KB

.reloc
Size: 1024B - Virtual size: 836B