cd99e938ae5b0b0bc4d107673203f6e92c288133e4cdb4b2738d40ff23dc0259

Sharing

Copy URL Twitter E-mail

General

Target

cd99e938ae5b0b0bc4d107673203f6e92c288133e4cdb4b2738d40ff23dc0259
Size

834KB
MD5

b090eb290300f6d790b2f4d8001ee512
SHA1

56b6dbbc2cf6b7e55e999de1895e87310324b730
SHA256

cd99e938ae5b0b0bc4d107673203f6e92c288133e4cdb4b2738d40ff23dc0259
SHA512

a555e069adbfce2c4af56a2912f57e7f4d26e6db68446170f687962dd39cef0790d987dce52b7e2ac1a1dde918077a3b7237b6dfdb932e73047a4554616451b4
SSDEEP

24576:dyU1SSy9uEaU/gQeRBeKknaJik/shrgI:Rk9TfeRGn4ik/shcI

Score

N/A

Malware Config

Signatures

Files

cd99e938ae5b0b0bc4d107673203f6e92c288133e4cdb4b2738d40ff23dc0259
.exe windows x86

bbc09b2ba970eb1b99e350cfc2bcf848

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
SetSystemPowerState
SetLastError
SetComputerNameW
GetSystemTimeAdjustment
LoadLibraryA
DeleteTimerQueueTimer
SetTimeZoneInformation
GetProcAddress
GlobalFindAtomW
GetProcessTimes
RemoveDirectoryW
SetFilePointerEx
DebugBreakProcess
SetFileShortNameA
GetLongPathNameA
CreateIoCompletionPort

msvcrt

__p__commode
__getmainargs
exit
__set_app_type

mmcbase

?SetMainThreadID@SC@mmcerror@@SGXK@Z
?HrFromSc@@YGJABVSC@mmcerror@@@Z
??0CEventBuffer@@QAE@ABV0@@Z
??BSC@mmcerror@@QBE_NXZ
?GetFacility@SC@mmcerror@@ABE?AW4facility_type@12@XZ
??0CMMCStrongReferences@@AAE@XZ
?Trace_@SC@mmcerror@@QBEXXZ
?LastRefReleased@CMMCStrongReferences@@SG_NXZ
?SetHinst@SC@mmcerror@@SGXPAUHINSTANCE__@@@Z
??1?$CEventLock@UAppEvents@@@@QAE@XZ

esent

JetGetCurrentIndex
JetGetBookmark
JetOpenTable
JetOSSnapshotPrepare
JetRetrieveColumn@32
JetBackup
JetGrowDatabase
JetUpgradeDatabase
JetAddColumn
JetExternalRestore

sqlunirl

_GetWindowLong@8
_PeekMessage@20
_EnumDesktops_@12
_SHBrowseForFolder_@4
_GetPrivateProfileSectionNames_@12
_FindNextFile_@8
_LoadString@16
_StartService_@12
_CharToOemBuff_@12
_ObjectPrivilegeAuditAlarm_@24

dbnetlib

InitSession
TermSession
ConnectionServerEnum
ConnectionMode
GetNextEnumeration

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbc09b2ba970eb1b99e350cfc2bcf848

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

mmcbase

esent

sqlunirl

dbnetlib

Sections

.text Size: 410KB - Virtual size: 409KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 197KB - Virtual size: 1.5MB

.rsrc Size: 97KB - Virtual size: 96KB

.reloc Size: 1024B - Virtual size: 1012B

.text
Size: 410KB - Virtual size: 409KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 197KB - Virtual size: 1.5MB

.rsrc
Size: 97KB - Virtual size: 96KB

.reloc
Size: 1024B - Virtual size: 1012B