84e71f1d53f05436af9393147370790315c6a9d3740540eb1d242a76b80c3242

Sharing

Copy URL

Twitter E-mail

General

Target

84e71f1d53f05436af9393147370790315c6a9d3740540eb1d242a76b80c3242
Size

47KB
MD5

80a0c041bebe48ec5e968908ae6999ff
SHA1

c4288d48e4902bb690da080336d989d046a46083
SHA256

84e71f1d53f05436af9393147370790315c6a9d3740540eb1d242a76b80c3242
SHA512

6057030457aeffb40213efd48089065db17c43b660f3f6907266f3435e3cd99d0dad665972c8020d83b5e6feda7ba52b88dc8a5607f21ea0ebe3b8a0c61432e9
SSDEEP

768:LhOf/Nv0r2Zn3qFab4OeOHLFp/SYJ0uCZZ9cqiU3cbuE/TBbcrHzK3nrRF9PO:FGlME3qFaFeOlJpEZ6qiUsbzNITQRF9m

Score

N/A

Malware Config

Signatures

Files

84e71f1d53f05436af9393147370790315c6a9d3740540eb1d242a76b80c3242
.exe windows x86

0caa9d6e562e5b39701d41f022a437b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetCharABCWidthsFloat_@16
_NDdeGetTrustedShare_@20
_SetDefaultCommConfig_@12
_GetServiceKeyName_@16
_RegisterServiceCtrlHandler_@8
_GlobalAddAtom_@4
_GetLocaleInfo_@16
_CopyEnhMetaFile_@8
_CreateFont@56
_ExtTextOut@32
_OpenEvent_@12
_GetPrivateProfileSection_@16
_SystemParametersInfo_@16
_OpenWaitableTimer_@12
_GetShortPathName_@12
_CopyMetaFile_@8
_DragQueryFile_@16
_LoadBitmap@8
_RemoveDirectory_@4
_MapVirtualKey_@8
_GetFileAttributesEx_@12
_NDdeGetErrorString_@12
_CreateWaitableTimer_@12
_GetModuleHandle_@4
_EnumDependentServices_@24
_GetPrivateProfileSectionNames_@12
_GetDiskFreeSpaceEx@16
__lwrite_@12
_OpenEventLog_@8

crtdll

_CIpow
_ultoa
_mbclen
_mbsbtype
memmove
_isctype
bsearch
_wcsicoll
_setjmp
_ismbchira
towupper
_get_osfhandle
_mbsnbicmp
ungetc
cosh
_yn
_makepath
fscanf
__fpecode
_hypot
_dup
_wcslwr
_execlpe
_mbscpy
_execle

advapi32

SetSecurityInfoExA
WmiReceiveNotificationsW
LsaCreateTrustedDomain
SetSecurityDescriptorSacl
CredDeleteA
CryptSetProviderA
ElfChangeNotify
WmiDevInstToInstanceNameW
SystemFunction023
LookupAccountSidW
SaferGetPolicyInformation
CryptGenKey
BuildImpersonateTrusteeA
QueryServiceConfigA
SetFileSecurityW
DuplicateEncryptionInfoFile
RegQueryInfoKeyW
ObjectCloseAuditAlarmA
SystemFunction006
RegRestoreKeyW
AccessCheckByTypeResultListAndAuditAlarmA
ElfOpenEventLogW
ImpersonateSelf
OpenBackupEventLogW
BuildTrusteeWithSidA
RegisterServiceCtrlHandlerExA
WmiReceiveNotificationsA
SetNamedSecurityInfoExW
GetNamedSecurityInfoExW
CryptExportKey
MD4Final
MD4Update
LsaGetSystemAccessAccount

kernel32

SetCurrentDirectoryA
GetDiskFreeSpaceA
GetConsoleFontInfo
GlobalGetAtomNameA
LoadLibraryA
RtlZeroMemory
UnregisterWait
EndUpdateResourceW
ContinueDebugEvent
GetConsoleKeyboardLayoutNameW
GetExpandedNameA
ResumeThread
GetModuleHandleW
GetTickCount
AddConsoleAliasA
GetModuleHandleA
FormatMessageA
GlobalLock
GetTapeStatus
GetCommConfig
DefineDosDeviceA
RemoveDirectoryA
VirtualAlloc
GetFileAttributesW
Process32NextW
CreateRemoteThread
WaitCommEvent
GetEnvironmentVariableA
WritePrivateProfileStringW
CopyFileExW
UTRegister

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0caa9d6e562e5b39701d41f022a437b4

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

crtdll

advapi32

kernel32

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 370B

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 370B

.rsrc
Size: 3KB - Virtual size: 4KB