b9717d4f92f7b414929c21d5e7f54088d5ce6a7453230bd83827f66f46ce10d7

Sharing

Copy URL Twitter E-mail

General

Target

b9717d4f92f7b414929c21d5e7f54088d5ce6a7453230bd83827f66f46ce10d7
Size

851KB
MD5

3e1b2c0a8349f4d91b0985a94dcfb86e
SHA1

04ce68fabd1a085d380554d58a64a0d20aa769df
SHA256

b9717d4f92f7b414929c21d5e7f54088d5ce6a7453230bd83827f66f46ce10d7
SHA512

6790971cfc7eb866e4fe51db7f06041b9248c766157b577ba6f3c424838251ba8b7047117943beba52231a280a5f5a9e7c211c09e9822d956d6e4b88f53dd9ef
SSDEEP

12288:FmunfUCTSSY+3VBVmeaQA2v20LvgrfheDvKv/IUbho1IdGWhe2F+3:FmGBY+zbS2fG8Dvs3bho1ejxg3

Score

N/A

Malware Config

Signatures

Files

b9717d4f92f7b414929c21d5e7f54088d5ce6a7453230bd83827f66f46ce10d7
.exe windows x86

b7385f20d210d10cd605bb4b75187ade

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

w32topl

ToplIterFree
ToplEdgeCreate
ToplEdgeFree
ToplEdgeInit
ToplDeleteComponents
ToplDeleteGraphState
ToplIsToplException
ToplListRemoveElem
ToplScheduleCreate
ToplVertexInit
ToplSTHeapCostReduced
ToplGetAlwaysSchedule
ToplListNumberOfElements
ToplVertexGetInEdge
ToplHeapIsEmpty

sqlunirl

_CreateFontIndirect@4
_EnumPropsEx_@12
_DispatchMessage_@4
_DlgDirListComboBox_@20
_CreateColorSpace_@4
_RegCreateKeyEx_@36
__lcreat_@8
_tsystem
_ObjectOpenAuditAlarm_@48
_PeekMessage@20
_NDdeGetErrorString_@12
_GetWindowsDirectory_@8
_SendNotifyMessage_@16
_CreateDialogIndirectParam@20
_GetMenuItemInfo_@16
_SetICMProfile_@8
_EnumICMProfiles_@12
_CreateFont@56
_CreateDirectory_@8
_PrivilegedServiceAuditAlarm_@20

cscdll

CSCFindNextFileW
CSCTransitionServerOnlineW
CSCQueryFileStatusW
CSCFindClose
CSCEnumForStatsW
CSCIsServerOfflineW
CSCFindFirstFileW
CSCPinFileW
CSCFindFirstFileForSidW
CSCUnpinFileW
CSCEnumForStatsExW
CSCSetMaxSpace
CSCDoEnableDisable
CSCDeleteW
CSCIsCSCEnabled

kernel32

InterlockedPushEntrySList
LoadLibraryA
SetCommState
GetDateFormatW
IsValidCodePage
GetVolumePathNameA
AddAtomW
FindFirstVolumeMountPointA
SetVolumeLabelA
TlsSetValue
FatalAppExitA
UnregisterWaitEx
BeginUpdateResourceW
VirtualAlloc
SetComputerNameA
LocalSize
GetConsoleAliasExesLengthW
SetHandleCount
GetTimeFormatW
InitializeCriticalSection
lstrcmpW
GetCommConfig
SetCommConfig
GetPrivateProfileSectionW
DeleteTimerQueueTimer
CreateWaitableTimerA
ReadDirectoryChangesW

Sections

.text
Size: 761KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7385f20d210d10cd605bb4b75187ade

Headers

DLL Characteristics

File Characteristics

Imports

w32topl

sqlunirl

cscdll

kernel32

Sections

.text Size: 761KB - Virtual size: 760KB

.rdata Size: 83KB - Virtual size: 82KB

.data Size: 3KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 761KB - Virtual size: 760KB

.rdata
Size: 83KB - Virtual size: 82KB

.data
Size: 3KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB