80192c806b2cf2d5d7756143903ec7f102db5acb510f6e5d1181eda94547ae87

Sharing

Copy URL Twitter E-mail

General

Target

80192c806b2cf2d5d7756143903ec7f102db5acb510f6e5d1181eda94547ae87
Size

827KB
MD5

6f1941a97c22d01117f6db62639a0488
SHA1

c009203e41b2ec42d24a69f357daa6594c3e8455
SHA256

80192c806b2cf2d5d7756143903ec7f102db5acb510f6e5d1181eda94547ae87
SHA512

8cc9dc23923da64b9271dd61d3c2f7c194fda7c0070b18f2d87703a61a5ba776965c6dc5a6bc22bbc208771a9b2d5cc15690ab88e9a770fd25b0bd3564eeb840
SSDEEP

12288:EHjOv/ueupYNilaClPRRY9CXioLtiVJBswND0sFkJnRldnXHW7:NeeU8ClRRY8cVJ9ShlR7X

Score

N/A

Malware Config

Signatures

Files

80192c806b2cf2d5d7756143903ec7f102db5acb510f6e5d1181eda94547ae87
.exe windows x86

0b3c9cf6f31be8e40ccef596d5509cc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlwoa

_MessageBox@16
newMultiByteFromWideCharSize
_LoadLibrary@4
_FindResource@12
_StartDoc@8
_GetModuleFileName@12
_LoadCursor@8
_SetWindowLong@12
_CommDlg_OpenSave_GetFilePath@12
_PostMessage@16
_GetOpenFileName@4
_GetWindowText@12
_CreateWindowEx@48
_WinHelp@16
_GetVersionEx@4
_SetDlgItemText@12
_GetWindowTextLength@4
_GetDiskFreeSpaceEx@16

kernel32

GetDefaultCommConfigW
EnterCriticalSection
CreateWaitableTimerA
FindClose
WritePrivateProfileStringW
GetModuleHandleW
AddAtomW
GetThreadPriority
RegisterWaitForInputIdle
SetErrorMode
SetCommConfig
GetNamedPipeHandleStateW
MultiByteToWideChar
GetDriveTypeA
GetConsoleAliasesLengthW
ResumeThread
SetFileValidData
HeapCreate
SetConsoleActiveScreenBuffer
GetStringTypeExA
GetCommConfig
GetCurrentThread
GetConsoleAliasExesA
IsBadStringPtrA
ReadConsoleInputExW
SetTermsrvAppInstallMode
TryEnterCriticalSection
LoadLibraryW
DefineDosDeviceW
EnumResourceTypesA
AddLocalAlternateComputerNameW
SearchPathA
OpenProcess
lstrcmpiA
GetLocaleInfoA
RemoveDirectoryA
GetLogicalDriveStringsW
LocalFlags
GetFullPathNameW
QueryPerformanceFrequency
EnumDateFormatsA
SetMailslotInfo
GetCommModemStatus
ReplaceFile
ReplaceFileW
GetProcessHeaps
WriteProfileStringA
SetUnhandledExceptionFilter
MapViewOfFileEx
WriteFileGather
WriteFileEx

gdi32

EngComputeGlyphSet
CreateDIBitmap
CreateDIBPatternBrushPt
StartPage
GetBrushAttributes
GetMetaRgn
EngCreateSemaphore
StretchDIBits
PlgBlt
GetCharacterPlacementW
GdiReleaseLocalDC
STROBJ_bEnumPositionsOnly
SetWindowOrgEx
DdEntry50
GetEnhMetaFilePaletteEntries
DdEntry13
GetTextExtentExPointA
GetGlyphOutlineW
GetSystemPaletteUse
DdEntry11
SelectBrushLocal
EngDeletePath
CreatePatternBrush
SetMagicColors
GetRegionData
DdEntry38
EngCheckAbort
CreateRectRgnIndirect

crypt32

CryptDecryptAndVerifyMessageSignature
CertDuplicateCertificateContext
CryptMemFree
CertSerializeCRLStoreElement
CertGetSubjectCertificateFromStore
CertSetCertificateContextPropertiesFromCTLEntry
CertFindCertificateInCRL
CertFreeCRLContext
CryptMsgEncodeAndSignCTL
CertEnumCRLContextProperties
CertVerifyCertificateChainPolicy
CryptSIPRetrieveSubjectGuidForCatalogFile
CertSetCRLContextProperty
I_CryptReleaseLruEntry
I_CryptGetFileVersion
CertAddCRLContextToStore
CryptEnumKeyIdentifierProperties
CryptSetOIDFunctionValue
I_CryptEnableLruOfEntries

msasn1

ASN1BERDecSXVal
ASN1BEREncFlush
ASN1BEREncLength
ASN1BEREncSX
ASN1BERDecGeneralizedTime
ASN1BEREncEoid
ASN1CEREncChar16String
ASN1ztchar16string_cmp
ASN1BEREncU32
ASN1BEREncUTCTime
ASN1BERDecU32Val
ASN1_FreeEncoded
ASN1BERDotVal2Eoid
ASN1CEREncEndBlk
ASN1_FreeDecoded
ASN1BERDecEndOfContents
ASN1BEREncBitString
ASN1BEREncDouble

oledlg

OleUIChangeIconW
OleUIPromptUserA
OleUIConvertW
OleUIPasteSpecialA
OleUIEditLinksA
OleUIPasteSpecialW
OleUIObjectPropertiesA
OleUIBusyA
OleUIChangeIconA
OleUIAddVerbMenuA
OleUIObjectPropertiesW
OleUIPromptUserW
OleUIChangeSourceW
OleUIUpdateLinksA
OleUIAddVerbMenuW
OleUICanConvertOrActivateAs
OleUIInsertObjectW
OleUIInsertObjectA

Sections

.text
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b3c9cf6f31be8e40ccef596d5509cc0

Headers

DLL Characteristics

File Characteristics

Imports

sqlwoa

kernel32

gdi32

crypt32

msasn1

oledlg

Sections

.text Size: 391KB - Virtual size: 391KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 145KB - Virtual size: 145KB

.reloc Size: 1024B - Virtual size: 820B

.text
Size: 391KB - Virtual size: 391KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 145KB - Virtual size: 145KB

.reloc
Size: 1024B - Virtual size: 820B