83c9bf087aff6e6f7588de6e43748f23c539ba00264acd20aaa34d65bb002c05

Sharing

Copy URL Twitter E-mail

General

Target

83c9bf087aff6e6f7588de6e43748f23c539ba00264acd20aaa34d65bb002c05
Size

835KB
MD5

69ea264e26006f0dc2774d20fdcbf6a3
SHA1

1e45d3853eff8e15aa0e3a8ae396ed7086e897bf
SHA256

83c9bf087aff6e6f7588de6e43748f23c539ba00264acd20aaa34d65bb002c05
SHA512

e027ea4949fc1fab4e51f0858a20b58a1190de1a261eacca06af807e1c1a5736c0bc87e84083273d69b0b44cfea162b2c829777971352c32f7ef85faf206804f
SSDEEP

24576:wuzPN2+OPubfwYAmtY7xnehOCZ3z3rHXRN7:wuzlR8fmSkhlZfHX

Score

N/A

Malware Config

Signatures

Files

83c9bf087aff6e6f7588de6e43748f23c539ba00264acd20aaa34d65bb002c05
.exe windows x86

8bfde4486b2a8c758cdc1c76f35df8c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
FindNextFileW
EnumUILanguagesW
LoadLibraryW
AddAtomA
GetProcAddress
GetConsoleCharType
CreateSemaphoreA
SetTimeZoneInformation
LZCopy
VerifyConsoleIoHandle
GetProfileSectionW
SetConsoleNumberOfCommandsW
SetConsoleInputExeNameW
CreateWaitableTimerA
VirtualQuery
SetVolumeLabelA
RtlMoveMemory
EnumLanguageGroupLocalesW
MulDiv
UpdateResourceA
GetDefaultCommConfigW
FileTimeToDosDateTime
CopyLZFile
GetConsoleTitleW
GetProcessTimes
RemoveLocalAlternateComputerNameA
GetWindowsDirectoryW
lstrcmpiA
DeleteVolumeMountPointA
FillConsoleOutputAttribute
ReadConsoleInputA
BuildCommDCBA
ReadConsoleOutputCharacterA
WaitForMultipleObjectsEx
CallNamedPipeA
HeapCreate
GetLocaleInfoW
Process32FirstW
WriteConsoleInputW
SetLastError
DeleteTimerQueue
RtlCaptureContext
TransmitCommChar

msvcrt

_setjmp
swprintf
??_Fbad_cast@@QAEXXZ
exit
_pctype
__p__commode
_wexecvp
??1exception@@UAE@XZ
_mbscat
__getmainargs
_wtoi64
__set_app_type
_getsystime
_mbsncat

odbccr32

SQLBindParameter
SQLSetConnectAttr
SQLPrepare
SQLFreeStmt
SQLSetStmtAttr
SQLParamData
SQLGetData
SQLNumParams
SQLFreeHandle
SQLEndTran
SQLBindCol
SQLCloseCursor
SQLGetDescRec
SQLSetConnectOption
SQLGetInfo
SQLParamOptions
SQLExecute
SQLMoreResults
SQLCancel
SQLExecDirect
SQLSetDescRec
SQLFetch
SQLGetStmtAttr
SQLRowCount
SQLTransact
SQLSetScrollOptions
SQLSetDescField
SQLPutData
ReleaseCLStmtResources

rtm

RtmDeleteRoute
MgmGetProtocolOnInterface
RtmInvokeMethod
RtmIsRoute
RtmLockDestination
EnumOverTable
RtmGetEntityInfo
RtmGetEnumRoutes
MgmGetNextMfeStats
MgmAddGroupMembershipEntry
RtmMarkDestForChangeNotification
RtmDeleteNextHop
RtmGetListEnumRoutes
RtmBlockDeleteRoutes
RtmDequeueRouteChangeMessage

wintrust

WintrustGetRegPolicyFlags
CryptCATPutMemberInfo
CryptCATStoreFromHandle
OpenPersonalTrustDBDialogEx
CryptCATCDFEnumMembersByCDFTag
OfficeInitializePolicy
WTHelperGetFileHash
WVTAsn1SpcPeImageDataEncode
OpenPersonalTrustDBDialog
WintrustAddActionID
OfficeCleanupPolicy
CryptCATAdminAddCatalog
CatalogCompactHashDatabase
WVTAsn1CatMemberInfoDecode
WTHelperGetProvSignerFromChain
SoftpubLoadMessage
WVTAsn1SpcSigInfoDecode
CryptSIPCreateIndirectData
CryptCATCDFOpen
WVTAsn1SpcFinancialCriteriaInfoDecode
HTTPSCertificateTrust
SoftpubFreeDefUsageCallData
WTHelperGetFileName
WVTAsn1SpcStatementTypeDecode
CryptCATAdminReleaseContext
WVTAsn1SpcIndirectDataContentEncode

advapi32

CryptDeriveKey
SystemFunction040
LsaCreateAccount
WmiMofEnumerateResourcesW
ElfReportEventW
GetEffectiveRightsFromAclW
SystemFunction012
CredpConvertTargetInfo
GetTrusteeFormW
SystemFunction041
LookupAccountNameA
AddAuditAccessObjectAce
MapGenericMask

scrobj

DllRegisterServerExW
DllUnregisterServerEx
GenerateTypeLib
GenerateTypeLibW
DllInstall
DllRegisterServerExA
DllRegisterServerEx

Sections

.text
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bfde4486b2a8c758cdc1c76f35df8c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

odbccr32

rtm

wintrust

advapi32

scrobj

Sections

.text Size: 403KB - Virtual size: 402KB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 118KB - Virtual size: 117KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 403KB - Virtual size: 402KB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 118KB - Virtual size: 117KB

.reloc
Size: 1024B - Virtual size: 840B