f95b2915e0c7793b1aeeaf08123bc9b2522b080c239e27cbe70c35a3afcf1448

Sharing

Copy URL Twitter E-mail

General

Target

f95b2915e0c7793b1aeeaf08123bc9b2522b080c239e27cbe70c35a3afcf1448
Size

40KB
MD5

28cd1a5633cef4a2519ae5cc26102826
SHA1

2d5dd5ca435778883358643051a29f5d911c783b
SHA256

f95b2915e0c7793b1aeeaf08123bc9b2522b080c239e27cbe70c35a3afcf1448
SHA512

c5a5bb90f200dada3401337f735a62c72426dc442bc64c459439c80855a751a05c2e120578065fda5e40d4f1505be71c93c09ea0555fa853ef782de6a82a6de1
SSDEEP

768:+EkUy1YjNPiJKrTPQ3lTAIgO3yS1YoHAt4sgQJDFpNxYPH:F4Y5MKrjSyIrVYmAt4rQJ5prYPH

Score

N/A

Malware Config

Signatures

Files

f95b2915e0c7793b1aeeaf08123bc9b2522b080c239e27cbe70c35a3afcf1448
.exe windows x86

835ef91a55745f8cd65bca0acfe83da9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

sqlunirl

_GetTextExtentPoint32@16
_GetWindowsDirectory_@8
_FindNextFile_@8
_GetPrivateProfileString_@24
_FormatMessage@28
_CallWindowProc@20
_GlobalGetAtomName_@12
_DlgDirList_@20
_lstrcpy_@8
newMultiByteFromWideChar
_CopyAcceleratorTable_@12
_tsystem
_GetCharABCWidthsFloat_@16
_GetDlgItemText@16
_OpenMutex_@12
_AppendMenu_@16
_trename
_GetProfileInt_@12
_SendDlgItemMessage@20
_MoveFileEx_@12

authz

AuthziFreeAuditEventType
AuthzInitializeResourceManager
AuthziFreeAuditParams
AuthzOpenObjectAudit
AuthziInitializeAuditParamsWithRM
AuthziInitializeAuditEvent
AuthzCachedAccessCheck
AuthziInitializeAuditEventType
AuthzAddSidsToContext
AuthzFreeAuditEvent
AuthziInitializeAuditQueue
AuthzInitializeContextFromSid
AuthzInitializeContextFromAuthzContext
AuthziModifyAuditQueue
AuthziInitializeAuditParams
AuthzFreeHandle
AuthzInitializeObjectAccessAuditEvent
AuthziFreeAuditQueue
AuthziModifyAuditEventType

mfcsubs

??0CCriticalSection@@QAE@XZ
??0CString@@QAE@PBG@Z
?ReverseFind@CString@@QBEHG@Z
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
?TrimLeft@CString@@QAEXXZ
?MakeUpper@CString@@QAEXXZ
?FindOneOf@CString@@QBEHPBG@Z
?FormatMessageW@CString@@QAAXPBGZZ
?Format@CString@@QAAXPBGZZ
??4CPlex@@QAEAAU0@ABU0@@Z
?GetAt@CString@@QBEGH@Z
??P@YG_NPBGABVCString@@@Z
??YCString@@QAEABV0@G@Z
??_7CMapStringToPtr@@6B@
?Lock@CCriticalSection@@QAEHXZ
?LookupKey@CMapStringToPtr@@QBEHPBGAAPBG@Z
?Release@CString@@KGXPAUCStringData@@@Z
??1CString@@QAE@XZ
?Find@CString@@QBEHG@Z
??8@YG_NABVCString@@PBG@Z
??0CString@@QAE@PBGH@Z
?LoadStringW@CString@@QAEHI@Z
?ConcatInPlace@CString@@IAEXHPBG@Z
?SetAt@CStringArray@@QAEXHPBG@Z

kernel32

BaseDumpAppcompatCache
GetConsoleScreenBufferInfo
GetConsoleTitleW
GetVolumePathNameW
SetConsoleScreenBufferSize
VirtualAlloc
IsDebuggerPresent
GetVersion
GetFileAttributesExA
FindFirstFileW
BackupWrite
GetDiskFreeSpaceA
OutputDebugStringA
LoadLibraryA
EnumLanguageGroupLocalesA
ReadConsoleW
SetNamedPipeHandleState
TlsFree
WriteConsoleOutputCharacterW
InitializeCriticalSection
GetEnvironmentStringsW
QueueUserWorkItem
IsValidLocale
SetLastError
VDMOperationStarted
VerSetConditionMask
VirtualUnlock

cryptext

CryptExtOpenP7RW
CryptExtOpenCTLW
CryptExtOpenP7R
CryptExtOpenCER
CryptExtAddPFX
CryptExtAddCER
CryptExtOpenCRL
CryptExtAddSPCW
CryptExtOpenCAT
CryptExtOpenPKCS7
CryptExtAddP7RW
CryptExtAddCTL
CryptExtAddCRLW
CryptExtOpenSTR
CryptExtAddCRL
CryptExtOpenPKCS7W
CryptExtAddSPC
CryptExtOpenCRLW
CryptExtOpenCERW

unimdmat

UmSetSpeakerPhoneState
UmLogStringA
UmInitModem
UmLogDiagnostics
UmGenerateDigit
UmCloseModem
UmGetDiagnostics
UmWaveAction
UmInitializeModemDriver
UmOpenModem
UmAbortCurrentModemCommand
UmSetPassthroughMode
UmDuplicateDeviceHandle
UmDialModem
UmAnswerModem
UmDeinitializeModemDriver
UmIssueCommand
UmMonitorModem
UmHangupModem

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

835ef91a55745f8cd65bca0acfe83da9

Headers

DLL Characteristics

File Characteristics

Imports

sqlunirl

authz

mfcsubs

kernel32

cryptext

unimdmat

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB