cb8f13d1f8355951a9d5b45a1ee0dbb5c0883ce0408cc197ff292c02ab3c002d

Sharing

Copy URL Twitter E-mail

General

Target

cb8f13d1f8355951a9d5b45a1ee0dbb5c0883ce0408cc197ff292c02ab3c002d
Size

809KB
MD5

4200a8857c275fd5818db68424dbee6a
SHA1

2826322de61587add670262a8f3fd4f8d9a671a4
SHA256

cb8f13d1f8355951a9d5b45a1ee0dbb5c0883ce0408cc197ff292c02ab3c002d
SHA512

b8fdf8abf2f37988ec09d7879d8e87c0d467d27ff0cbc676aa37d091c12e0ecd17bf780a05f8cdfe6d9d206634ea7e048e9d8b4e111c021f9f151030ffec4c19
SSDEEP

12288:9wR2zB5pC692Lg8PfCZqBJkCNSQ99EY/NR8ywqJ+yJ1ED5cmEC7sGsKDQCg:9wEdC69og8nCZIT99EYHwq/WDgCYGpg

Score

N/A

Malware Config

Signatures

Files

cb8f13d1f8355951a9d5b45a1ee0dbb5c0883ce0408cc197ff292c02ab3c002d
.exe windows x86

7f3a83c4acfaeed7aec4c82ce95aca73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
SetWindowExtEx
GetArcDirection
DdEntry40
SelectClipRgn
UpdateColors
SelectPalette
TextOutA
UnrealizeObject
AddFontMemResourceEx
GdiGetLocalFont
TextOutW
GdiEntry1
GdiConvertDC
GetTextExtentPointW
AddFontResourceW
PolylineTo
ResizePalette
DdEntry15
GetTextExtentPointI
SetICMMode
DdEntry3
DdEntry43
WidenPath
PlayEnhMetaFileRecord
EngDeleteClip
EngMarkBandingSurface

user32

DlgDirListW
TrackPopupMenu
LoadMenuIndirectW
DisableProcessWindowsGhosting
DragObject
DrawMenuBarTemp
DialogBoxIndirectParamW
IsChild
GetCapture
CreateCursor
LoadCursorW
UserRealizePalette
LoadMenuW
IsMenu
MBToWCSEx
DialogBoxIndirectParamA
SetUserObjectInformationW
MapVirtualKeyA
DrawTextExA
LoadCursorA
AnyPopup
PrivateExtractIconExW
DefWindowProcA
SetWindowPos
SetScrollRange

sqlunirl

_ExtractIcon_@12
_StartService_@12
_ExtractIconEx_@20
_CreateProcess_@40
_GetTempFileName_@16
_GetTextExtentPoint@16
_GetTextMetrics@8
_DrawState_@40
_GetProfileSection_@12
_LookupAccountSid_@28
_CreateWindowStation_@16
_RegSetValueEx_@24
_LoadImage_@24
_tfopen
_lstrcmp_@8
_GetDiskFreeSpaceEx@16
_InitiateSystemShutdown_@20
_LookupPrivilegeDisplayName_@20
_CharLowerBuff_@8
_GetMessage_@16
_QueryServiceLockStatus_@16
_CopyMetaFile_@8
_InsertMenuItem_@16
_CharUpperBuff_@8
_EnumResourceLanguages_@20
_NDdeShareEnum_@24
_QueryServiceConfig_@16
_BuildCommDCB_@8

kernel32

VirtualAlloc
LoadLibraryA
GetConsoleTitleW
GetCompressedFileSizeA
EnumDateFormatsA
UnregisterConsoleIME
EscapeCommFunction
GetShortPathNameA
CreateEventW
GetCommModemStatus
ReleaseActCtx
GlobalAlloc
SetFileValidData
GetConsoleScreenBufferInfo
EnumSystemLocalesW
DebugActiveProcess
MoveFileWithProgressW
FindNextVolumeA
VDMConsoleOperation
FindFirstVolumeA
GetConsoleCP
PrivCopyFileExW
CopyLZFile
GetConsoleFontSize
GetModuleHandleA
IsValidLanguageGroup
SetLastError
GetVolumePathNameW
GetACP
CancelWaitableTimer
GetStartupInfoA

softpub

SoftpubLoadSignature
DriverCleanupPolicy
HTTPSCertificateTrust
DriverFinalPolicy
FindCertsByIssuer
DriverInitializePolicy
OfficeInitializePolicy
OpenPersonalTrustDBDialog
GenericChainFinalProv
SoftpubInitialize
SoftpubDumpStructure
SoftpubFreeDefUsageCallData
SoftpubCheckCert
SoftpubAuthenticode
SoftpubLoadMessage
AddPersonalTrustDBPages
SoftpubCleanup
SoftpubDefCertInit
HTTPSFinalProv
SoftpubLoadDefUsageCallData
OfficeCleanupPolicy
GenericChainCertificateTrust

Sections

.text
Size: 385KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f3a83c4acfaeed7aec4c82ce95aca73

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

sqlunirl

kernel32

softpub

Sections

.text Size: 385KB - Virtual size: 384KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 154KB - Virtual size: 1.5MB

.rsrc Size: 156KB - Virtual size: 155KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 385KB - Virtual size: 384KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 154KB - Virtual size: 1.5MB

.rsrc
Size: 156KB - Virtual size: 155KB

.reloc
Size: 1KB - Virtual size: 1KB