ad134485d42949554aed18faf57bb1d433307e951a73d86280ef091632b8010d

Sharing

Copy URL Twitter E-mail

General

Target

ad134485d42949554aed18faf57bb1d433307e951a73d86280ef091632b8010d
Size

336KB
MD5

1045f199e3c522554de4049d5abe3744
SHA1

054c0fef1ed4110790269f5266045fa9d5a70f20
SHA256

ad134485d42949554aed18faf57bb1d433307e951a73d86280ef091632b8010d
SHA512

353f417f4c7cc65925ac3a8bf80b67e14c8535385221f82215a04edd2243aac43ac1e4aa6d9e81cd1a2ce5e9029b9d240a0332d7b5a70c3d92a1dbfa1b4bbe5f
SSDEEP

6144:AHEJi50ceYchHV5CrTIOuFJC+KCFo1H/gMU+5RUHuL:0sV5su7C/4dR+3Yu

Score

N/A

Malware Config

Signatures

Files

ad134485d42949554aed18faf57bb1d433307e951a73d86280ef091632b8010d
.exe windows x86

dfb4a3b5e462e6b584111cedfb70a8be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

sqlunirl

_RegSaveKey_@12
_ChooseColor_@4
_GetCommandLine_@0
_CopyFile_@12
_PrintDlg_@4
_CreateWindowStation_@16
_RegEnumKey_@16
_NDdeSetShareSecurity_@16
_MoveFileEx_@12
_CopyAcceleratorTable_@12
_FindText_@4
_GetDriveType_@4
_RegQueryMultipleValues_@20
AbortSystemShutdown_
_VkKeyScan_@4
_RegUnLoadKey_@8
_OpenBackupEventLog_@8
_MAKEINTRESOURCE@4

crtdll

setlocale
_mbstrlen
putchar
ldiv
rename
cosh
_ismbbkalnum
_iob
sprintf
wcstombs
_mbsnbcat
perror
_strerror
_ismbcdigit
_putenv
_cabs
_itow
fgets
_execv
strcspn
_spawnvpe
__GetMainArgs

kernel32

IsDebuggerPresent
GetEnvironmentStringsW
SetLastError
ReadFile
IsValidLocale
LoadLibraryA
IsValidLanguageGroup
GetSystemTimeAsFileTime
WaitForDebugEvent
WriteProfileStringW
InitializeCriticalSection
SizeofResource
GetLogicalDriveStringsA
IsWow64Process
TryEnterCriticalSection
ExitProcess
CancelTimerQueueTimer
GetCalendarInfoA
OutputDebugStringA
VirtualAlloc
GetShortPathNameW
GetStdHandle
GetNumberOfConsoleMouseButtons
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
GetDiskFreeSpaceA
OutputDebugStringW
FlushFileBuffers
FindFirstFileW

user32

MenuItemFromPoint
GetMenuItemCount
GetRawInputDeviceInfoW
WINNLSGetIMEHotkey
DdeGetQualityOfService
CopyIcon
SetShellWindow
DestroyAcceleratorTable
SetUserObjectInformationW
SetWindowStationUser
AttachThreadInput
LoadImageW
SetClassLongW
FindWindowA
DdeQueryNextServer
SetCaretPos
GetUpdateRect
AdjustWindowRectEx
CharLowerW
EnableWindow
MapVirtualKeyExA
ScrollChildren
PrivateExtractIconsW

cfgmgr32

CM_Get_Device_ID_ExW
CM_Get_Global_State
CM_Connect_MachineW
CM_Setup_DevNode_Ex
CM_Get_Resource_Conflict_DetailsA
CM_Get_Device_Interface_List_SizeA
CM_Get_DevNode_Registry_PropertyA
CMP_Init_Detection
CM_Set_HW_Prof
CM_Free_Res_Des
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_IDW
CM_Set_DevNode_Registry_Property_ExA
CM_Detect_Resource_Conflict_Ex
CM_Get_Device_ID_List_SizeW
CM_Unregister_Device_Interface_ExW
CM_Add_Res_Des_Ex
CM_Get_Class_Registry_PropertyA
CM_Set_HW_Prof_FlagsA
CM_Remove_SubTree_Ex
CM_Merge_Range_List
CMP_Report_LogOn
CM_Create_DevNodeW
CM_Get_Hardware_Profile_Info_ExW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb4a3b5e462e6b584111cedfb70a8be

Headers

File Characteristics

Imports

sqlunirl

crtdll

kernel32

user32

cfgmgr32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 215KB - Virtual size: 215KB

.data Size: 1024B - Virtual size: 374KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 215KB - Virtual size: 215KB

.data
Size: 1024B - Virtual size: 374KB

.rsrc
Size: 18KB - Virtual size: 18KB