c72cbfe18bb853dadc5c14b9892dbf0bb9614298f70618027819a7de37171038

Sharing

Copy URL

Twitter E-mail

General

Target

c72cbfe18bb853dadc5c14b9892dbf0bb9614298f70618027819a7de37171038
Size

134KB
MD5

dcc49e48b92632b645113078a451333f
SHA1

34a3470ee45ca28e0b3091c0abc182d5f02de352
SHA256

c72cbfe18bb853dadc5c14b9892dbf0bb9614298f70618027819a7de37171038
SHA512

ea1fb8056409623348b1378560d8cb58c7c864578e2626a232525db4873acb4c398e1988f32c9fcd84e2e12b41b5f1da6f363d80e9332f70ac6cf9524f2e38de
SSDEEP

3072:DMfN1mHyUz2boyUH5LoiejZtNhwmUzo0HGIhH:DMfN1GI3aLeTLwmUE

Score

N/A

Malware Config

Signatures

Files

c72cbfe18bb853dadc5c14b9892dbf0bb9614298f70618027819a7de37171038
.exe windows x86

9bf62b3cf4e0d82e69cd6617985bbd3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlConsoleMultiByteToUnicodeN
NlsAnsiCodePage
ZwDeviceIoControlFile
_ultow
RtlAssert
RtlRemoteCall
RtlZombifyActivationContext
wcsspn
RtlUpcaseUnicodeStringToAnsiString
ZwDelayExecution
NtPowerInformation
RtlDecompressFragment
RtlReAllocateHeap
_wtol
_aullrem
ZwEnumerateSystemEnvironmentValuesEx
ZwOpenJobObject
RtlCreateTagHeap
RtlUnicodeStringToOemString
NtSetSystemEnvironmentValueEx
NtDeviceIoControlFile
_strcmpi
NtUnlockVirtualMemory
ZwPrivilegedServiceAuditAlarm
_wcsicmp
RtlQueryTagHeap
_CIpow
isalpha
strncat
wcslen
NtCreateProcess
ZwRaiseHardError
NtUnloadKey
NtCompareTokens
RtlInitializeBitMap
RtlSetSecurityObjectEx
NtFreeVirtualMemory
NtOpenThreadTokenEx
RtlDnsHostNameToComputerName

oleaut32

DispInvoke
SafeArrayAccessData
VarI4FromR8
VarI1FromUI4
VarDecFromI2
OleLoadPicturePath
VarR4FromBool
SafeArrayGetDim
OleTranslateColor
LPSAFEARRAY_UserFree
VarUI4FromR8
SafeArrayCopyData
VarI1FromDec
VarR8FromDate
VarDecFromStr
VarUI1FromR4
VarUI1FromI4
VarUI8FromDec
VarDecFromR4
VarUI2FromUI8
OleCreatePropertyFrameIndirect
SystemTimeToVariantTime
LPSAFEARRAY_Unmarshal
SafeArrayDestroyData
VarBstrFromDate
VarR8FromUI2
VarR4FromStr
SafeArrayPutElement
VarBoolFromI8
VarDecFix
VarImp
VarBoolFromUI1
VarUI1FromDisp

odbcjt32

SelectUIdxDlgProc
SQLAllocStmt
AdvancedDialogProc
OpenDirHook
SQLFetch
InvisibleSelectDb
SQLNativeSqlW
SQLColAttributeW
SQLExecDirectW
SQLConnectW
SQLMoreResults
SQLGetTypeInfoW
SQLGetStmtAttrW
SQLFreeStmt
ConfigDriverW
SQLGetFunctions
LoginDialogProc
SQLSetCursorNameW
SQLTablesW
SQLGetConnectAttrW
SQLDisconnect
SQLGetDescRecW
SQLSpecialColumnsW
SQLDriverConnectW
SQLExtendedFetch
SQLSetDescFieldW
SQLBindCol
LoadByOrdinal
SQLPrepareW
SQLAllocEnv

ntdsapi

DsMakeSpnA
DsFreeSchemaGuidMapW
DsIsMangledDnW
DsInheritSecurityIdentityA
DsReplicaGetInfoW
DsFreeSpnArrayA
DsListRolesA
DsMakePasswordCredentialsA
DsReplicaSyncW
DsBindWithSpnW
DsFreeSpnArrayW
DsReplicaFreeInfo
DsMakeSpnW
DsFreePasswordCredentials
DsRemoveDsDomainW
DsServerRegisterSpnW
DsGetDomainControllerInfoW
DsRemoveDsDomainA
DsGetSpnW
DsIsMangledRdnValueA
DsUnquoteRdnValueA
DsQuoteRdnValueA
DsReplicaGetInfo2W
DsQuoteRdnValueW
DsAddSidHistoryW
DsIsMangledDnA
DsaopExecuteScript
DsCrackSpn2W
DsReplicaModifyA
DsServerRegisterSpnA
DsIsMangledRdnValueW
DsReplicaDelA
DsReplicaDelW
DsListServersForDomainInSiteW
DsMapSchemaGuidsW
DsListSitesW
DsBindWithCredW
DsBindWithSpnA
DsMapSchemaGuidsA
DsClientMakeSpnForTargetServerW

opengl32

glRasterPos3iv
glVertex2i
glGenLists
glScalef
glVertex4dv
glIndexfv
glNormal3sv
glShadeModel
wglDescribePixelFormat
glGetPixelMapuiv
glDepthMask
glTexCoord3d
glGetDoublev
glTexCoord3iv
glClear
glEvalPoint2
glNormal3i
glVertex4sv
glColor4f
glTexCoord3s
glVertexPointer
glLightModeli
glTexSubImage2D
glLineWidth
glTexImage2D
glTexCoord2s
glVertex3s
glColor4bv
glEnableClientState
glTexCoord4d
glIndexub
glColor3sv
glCallList
glLineStipple
wglGetProcAddress
glNewList
glColor3s
glVertex3sv
glMap2d
glMaterialiv

comctl32

ShowHideMenuCtl
ImageList_Write
ImageList_Draw
ImageList_DrawEx
DrawInsert
InitCommonControlsEx
ImageList_Destroy
CreatePropertySheetPageW
FlatSB_ShowScrollBar
DrawStatusTextW
ImageList_Replace
ImageList_LoadImageA
ImageList_GetImageCount
ImageList_GetBkColor
FlatSB_GetScrollPos
ImageList_Read
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_SetImageCount
ImageList_GetIcon
ImageList_LoadImageW
DllGetVersion
CreatePropertySheetPage
InitMUILanguage
FlatSB_GetScrollRange
DestroyPropertySheetPage
ImageList_DragMove
ImageList_DragEnter
InitCommonControls

kernel32

FindFirstFileW
SetThreadPriorityBoost
CreateDirectoryExA
SetWaitableTimer
GlobalAlloc
GetConsoleAliasesLengthW
CompareStringA
GetStartupInfoW
WritePrivateProfileStructW
GetNextVDMCommand
FormatMessageW
VirtualAlloc
GetPrivateProfileStringW
GetProcessTimes
Process32Next
HeapCreate
SetNamedPipeHandleState
WriteProfileStringW
FreeUserPhysicalPages
ExpungeConsoleCommandHistoryA
GetThreadPriorityBoost
WriteProfileSectionW
GetTickCount
DeleteFileA
GetCommConfig
LoadLibraryA
GetUserDefaultUILanguage
OpenJobObjectW
VirtualLock
GetHandleContext
OpenThread
LocalAlloc

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bf62b3cf4e0d82e69cd6617985bbd3a

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

oleaut32

odbcjt32

ntdsapi

opengl32

comctl32

kernel32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 104KB - Virtual size: 217KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 176B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 104KB - Virtual size: 217KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 176B