b18a8c930ab096bf0f84695d80680291600c1cc68d29e5f901d84b94681ca04d

Sharing

Copy URL

Twitter E-mail

General

Target

b18a8c930ab096bf0f84695d80680291600c1cc68d29e5f901d84b94681ca04d
Size

335KB
MD5

d65007f94e4c275334a5112dbc9ed2a8
SHA1

5c43d30548a059cf588bed04d1701a956600d0ef
SHA256

b18a8c930ab096bf0f84695d80680291600c1cc68d29e5f901d84b94681ca04d
SHA512

f9809280bdfdc3c5fd724011644951097a4b2837a5b0b3b97c2e31c046b0fafb20d5b68ac67be6a16b32b04879ef094b8f5b21bd0762d019cb1d0ca4de28b514
SSDEEP

6144:5DTkT+bYTdPpcjNE4IitaE5XGUSa2Ux4S+RFWKvk6f:CT5TDc64IitaF5arik

Score

N/A

Malware Config

Signatures

Files

b18a8c930ab096bf0f84695d80680291600c1cc68d29e5f901d84b94681ca04d
.exe windows x86

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

OpenProcessToken
OpenSCManagerW
OpenServiceW
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle
QueryServiceStatusEx

kernel32

CreateMutexW
SetConsoleCtrlHandler
GetModuleHandleW
GetFileType
GetDateFormatA
ConnectNamedPipe
HeapFree
TlsFree
GetFileSizeEx
WriteConsoleA
HeapAlloc
HeapDestroy
IsValidLocale
GetLocalTime
GetOEMCP
RaiseException
CreateFileW
GetConsoleOutputCP
ReleaseSemaphore
SetStdHandle
GetConsoleMode
CreateEventW
WriteFile
LeaveCriticalSection
SetFilePointer
ReadFile
GetDiskFreeSpaceW
SetHandleCount
LCMapStringW
EnumSystemLocalesA
WideCharToMultiByte
UnhandledExceptionFilter
EnterCriticalSection
GetACP
SetEnvironmentVariableA
GetTimeFormatA
HeapReAlloc
CloseHandle
CompareStringA
GetCommandLineA
GetCurrentThreadId
DeviceIoControl
IsValidCodePage
WriteConsoleW
CreateThread
CompareStringW
HeapSize
InitializeCriticalSectionAndSpinCount
CancelIo
QueryDosDeviceW
CreateSemaphoreW
FreeEnvironmentStringsW
WaitNamedPipeW
VirtualFree
DeleteCriticalSection
SetLastError
WaitForSingleObject
FindNextFileW
FlushFileBuffers
GetStdHandle
FreeEnvironmentStringsA
GetConsoleCP
TlsGetValue
CreateWaitableTimerW
RtlUnwind
GetOverlappedResult
CreateFileA
TlsAlloc
FatalAppExitA
WaitForMultipleObjects
FindClose
VirtualAlloc
LockFileEx
GetUserDefaultLCID
SetUnhandledExceptionFilter
LCMapStringA
TlsSetValue
GetTimeZoneInformation
FindFirstFileW
DisconnectNamedPipe
ReleaseMutex
GetSystemTimeAsFileTime
ResetEvent
GetLogicalDrives
FreeLibrary
UnlockFileEx
GetComputerNameW
SetWaitableTimer
CreateNamedPipeW
IsDebuggerPresent
CompareFileTime
VirtualAllocEx

ntdll

ZwClose
NtQueryFullAttributesFile
_wcsicmp
memcpy
memset
ZwCreateSection
memcmp
ZwQueryDirectoryFile
_wcsnicmp
NtQueryInformationFile
strlen
memmove
ZwOpenFile
towupper
RtlInitUnicodeString
ZwMapViewOfSection
RtlNtStatusToDosError
wcslen
RtlCompareMemory
ZwUnmapViewOfSection

oleaut32

LoadRegTypeLib
VarI1FromDate
VarDecNeg
VarCat
VarUI4FromStr
SysReAllocString
VarBstrFromUI2
VarI4FromDisp
VarUI4FromI4
VarR8FromUI1
VarR4FromUI2
VarCyCmp
LHashValOfNameSys
DispInvoke
SafeArrayGetRecordInfo
VarCyFromDec
SafeArrayCopyData
VarUI1FromDisp
VarI2FromUI4
VarI4FromDate
SafeArrayDestroyData
SysAllocStringByteLen
VariantInit
VarI4FromI8
VarCyFromUI4
VarR4FromR8
VarOr
VarUI4FromDec
VarUI2FromDisp
VarI4FromI1
VarDateFromUI4
VectorFromBstr

odbccu32

SQLGetDescRec
SQLNumParams
SQLMoreResults
SQLBindCol
SQLExecDirect

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 55KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 161KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 818KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5577dfb91d8c753e6fa2c9bb2b8a555

Headers

File Characteristics

Imports

advapi32

kernel32

ntdll

oleaut32

odbccu32

Sections

.text Size: 21KB - Virtual size: 20KB

.bss Size: 55KB - Virtual size: 648KB

.reloc Size: 161KB - Virtual size: 706KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 74KB - Virtual size: 818KB

.rsrc Size: 18KB - Virtual size: 39KB

.text
Size: 21KB - Virtual size: 20KB

.bss
Size: 55KB - Virtual size: 648KB

.reloc
Size: 161KB - Virtual size: 706KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 74KB - Virtual size: 818KB

.rsrc
Size: 18KB - Virtual size: 39KB