cbfe7f0e646d9b8829989d1206e7d795372012c0d7133bc57d325881175b62e2

Sharing

Copy URL Twitter E-mail

General

Target

cbfe7f0e646d9b8829989d1206e7d795372012c0d7133bc57d325881175b62e2
Size

51KB
MD5

7d15f6c362968905890d991100beb1c8
SHA1

00b8fea23b87f6edce4c31ce37b1df1fff427bc6
SHA256

cbfe7f0e646d9b8829989d1206e7d795372012c0d7133bc57d325881175b62e2
SHA512

e0bea387626e29b23f61c7400f45084aec615451688cb92ed325fac163f705bce278dc1fdf2c9219be9293d4992c816c9b76a310123dfcac2818bd1b6f1e816b
SSDEEP

768:niKG4EH/EAvKShOBcgm96W919VPz7kqTY0JU+Yw/u+RBwINESn1CzN:n6tUShOe/91TPvBYMUNw22Bfn1sN

Score

N/A

Malware Config

Signatures

Files

cbfe7f0e646d9b8829989d1206e7d795372012c0d7133bc57d325881175b62e2
.exe windows x86

b9d74244bf7e2efa37464c63a96294d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LocalFree
EnumDateFormatsExA
SetComPlusPackageInstallStatus
VirtualAlloc
WriteConsoleInputW
AddVectoredExceptionHandler
WriteFileEx
GetModuleHandleA
SetConsoleCtrlHandler
LoadLibraryA
GetModuleHandleW
SetUnhandledExceptionFilter
UpdateResourceW
WriteConsoleOutputA
GetDiskFreeSpaceExA
SetFirmwareEnvironmentVariableA
IsBadHugeWritePtr
OpenProcess
_llseek
TzSpecificLocalTimeToSystemTime
GetConsoleProcessList
FoldStringA
RemoveLocalAlternateComputerNameW
GetSystemTimeAdjustment
WriteConsoleOutputCharacterA
LZStart
SetVolumeLabelA
RegisterWowExec
CreateJobObjectW
ActivateActCtx
GetExpandedNameA
BaseDumpAppcompatCache
GetNamedPipeHandleStateW
GetConsoleInputExeNameW
SetThreadExecutionState

sqlunirl

_OpenFile_@12
_GetServiceKeyName_@16
_CreateMailslot_@16
_UpdateResource_@24
_NDdeSetTrustedShare_@12
AllocConvertMultiSZNameToA
_PropertySheet_@4
_GrayString_@36
_CreateFontIndirect@4
_RegCreateKey_@12
_RegQueryMultipleValues_@20
_RegOpenKey_@12
_DrawText@20
_GetUserObjectInformation_@20
_PolyTextOut_@12
_GetComputerName@8
_CallNamedPipe_@28
_GetProcAddress_@8
_GetObject@12
_CharUpperBuff_@8
_GetCharWidth_@16
_WaitNamedPipe_@8
_SetWindowLong@12
_InsertMenu_@20
_ChooseFont_@4
_CreateEvent_@16
__lopen_@8

crtdll

gmtime
_fileinfo_dll
__threadid
_spawnve
_osminor_dll
clock
_ltoa
_fpreset
_errno
_fileno
_isctype
_pclose
ftell
memcmp
_mbsnbicmp
__iscsymf
atexit
_stricmp
_chsize
_ismbbkana
signal
freopen
div
wcscoll
_mbbtombc
wcscpy
_mbcjistojms
_cabs
rename
fflush
_snprintf
_CIexp
_mbsrchr
_ctype

crypt32

CryptExportPublicKeyInfo
CertEnumCTLContextProperties
CryptRegisterDefaultOIDFunction
CryptSIPRetrieveSubjectGuidForCatalogFile
CryptMsgControl
I_CryptSetTls
I_CryptFreeTls
CertVerifyCRLTimeValidity
CertAddCTLContextToStore
CertUnregisterSystemStore
CertCreateContext
CryptImportPublicKeyInfoEx
CertAddCRLLinkToStore
CertDuplicateCertificateChain
CertSetCTLContextProperty
I_CryptGetDefaultCryptProvForEncrypt
CertGetCertificateContextProperty
CryptUnprotectData
CryptUnregisterOIDFunction
I_CryptAllocTls
CryptGetOIDFunctionValue
CryptCreateKeyIdentifierFromCSP
CertGetNameStringW
CertAlgIdToOID
CertGetSubjectCertificateFromStore
CryptFindCertificateKeyProvInfo
I_CryptTouchLruEntry
CryptHashPublicKeyInfo

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9d74244bf7e2efa37464c63a96294d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

sqlunirl

crtdll

crypt32

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 152B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 152B

.rsrc
Size: 2KB - Virtual size: 1KB