25afbe4ac9eab7cd1a413be635afc1dadfaee523406f892d2ebbab1fb2b8225e

Sharing

Copy URL

Twitter E-mail

General

Target

25afbe4ac9eab7cd1a413be635afc1dadfaee523406f892d2ebbab1fb2b8225e
Size

46KB
MD5

b0dec1051e62547de051e3b3e9b76651
SHA1

d8ed668ed9b8c9b1bf8d994f4e81b4dc04bc83aa
SHA256

25afbe4ac9eab7cd1a413be635afc1dadfaee523406f892d2ebbab1fb2b8225e
SHA512

6dcac231dee03fe6db32aa15c9afd1d65ab7be088b2e282872a8c85228312fdff5d261498f9b737ac727bd0c4a702251e7ff46597822f3532f578c3aaf822029
SSDEEP

768:3oeAD4vAxr0A9aMiGcpq/6i3D1GozIn/1s0S8JsaLmvYbOWFbGDYbL3:3oeADPo0JiGT/v3DQoS9pS8aaLmvKTmc

Score

N/A

Malware Config

Signatures

Files

25afbe4ac9eab7cd1a413be635afc1dadfaee523406f892d2ebbab1fb2b8225e
.exe windows x86

774bd2fe02458090ba6d74045b11336b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeW
GetComputerNameExA
GlobalGetAtomNameA
SetConsolePalette
LoadLibraryA
ScrollConsoleScreenBufferW
LZClose
GetConsoleAliasExesA
LZCopy
Beep
EnumTimeFormatsA
GetTickCount
lstrcpyW
VirtualAlloc
QueryPerformanceCounter
QueryDepthSList
WriteFileEx
VirtualAllocEx
UnlockFileEx
GetOEMCP
GetConsoleAliasesW
SetPriorityClass
IsBadReadPtr
Process32Next
GetConsoleTitleW
FindActCtxSectionStringA
ConvertThreadToFiber
GetVolumePathNamesForVolumeNameW
ExitProcess
GetFirmwareEnvironmentVariableA
Heap32Next

winipsec

SPDApiBufferAllocate
AddMMFilter
OpenMMFilterHandle
DeleteMMFilter
DeleteQMPolicy
CloseTunnelFilterHandle
QueryIPSecStatistics
GetMMPolicyByID
EnumIPSecInterfaces
AddMMAuthMethods
SPDApiBufferFree
GetQMPolicy
EnumQMPolicies
DeleteTransportFilter
CloseTransportFilterHandle
AddMMPolicy
DeleteMMPolicy
SetMMFilter
EnumMMFilters
SetMMAuthMethods
DeleteMMAuthMethods
MatchTunnelFilter
DeleteTunnelFilter
CloseMMFilterHandle
MatchTransportFilter
EnumQMSAs
EnumMMPolicies

advapi32

SaferRecordEventLogEntry
SaferComputeTokenFromLevel
DecryptFileW
CryptImportKey
SaferiRecordEventLogEntry
StopTraceA
CredWriteDomainCredentialsW
SystemFunction032
AddAccessAllowedObjectAce
CryptSetProvParam
CryptVerifySignatureW
LsaQueryTrustedDomainInfo
AccessCheckByTypeResultListAndAuditAlarmW
SystemFunction022
CryptSetProviderExW
SetSecurityDescriptorDacl
GetInheritanceSourceA
ElfReadEventLogA
SystemFunction034
BuildTrusteeWithSidA
WmiQueryGuidInformation
MakeSelfRelativeSD
LockServiceDatabase
LsaOpenTrustedDomainByName
BuildExplicitAccessWithNameW
WmiExecuteMethodA

sqlsrv32

SQLProcedureColumnsW
SQLGetDescRecW
SQLGetDescFieldW
SQLBindCol
SQLEndTran
SQLSetPos
SQLProceduresW
SQLDisconnect
SQLNumResultCols
SQLPrimaryKeysW
BCP_readfmt
SQLDescribeParam
BCP_exec
SQLBindParameter
SQLConnectW
SQLSetDescRec
SQLGetFunctions
SQLFetch
SQLSpecialColumnsW
SQLGetData
SQLColumnPrivilegesW
SQLColumnsW
SQLCopyDesc
SQLSetCursorNameW
WizIntSecurityDlgProc
SQLGetInfoW
BCP_collen
SQLGetStmtAttrW
WizDSNDlgProc

mprapi

MprAdminTransportGetInfo
MprAdminMIBEntryDelete
MprAdminPortClearStats
MprConfigTransportGetHandle
MprConfigServerRefresh
MprAdminServerConnect
MprAdminInterfaceTransportSetInfo
MprAdminInterfaceGetCredentials
MprAdminUserServerDisconnect
MprConfigServerRestore
MprAdminInterfaceTransportAdd
MprAdminServerSetCredentials
MprAdminUserReadProfFlags
CompressPhoneNumber
MprInfoBlockSet
MprAdminGetPDCServer
MprDomainRegisterRasServer
MprConfigGetFriendlyName
MprAdminConnectionEnum
MprConfigInterfaceGetInfo
MprConfigInterfaceTransportAdd
MprAdminMIBEntryGet
MprAdminUserWriteProfFlags
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceSetCredentialsEx

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

774bd2fe02458090ba6d74045b11336b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winipsec

advapi32

sqlsrv32

mprapi

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB