b85aa9684b8417dd135cab9df0e3f20398406711495e2317c53f49f3d3c2eb17

Sharing

Copy URL Twitter E-mail

General

Target

b85aa9684b8417dd135cab9df0e3f20398406711495e2317c53f49f3d3c2eb17
Size

853KB
MD5

a5844ed6a23701f83f09dda2a4ed64f0
SHA1

4676481f3a69e44f9d00ec31d06151e554e6b5c2
SHA256

b85aa9684b8417dd135cab9df0e3f20398406711495e2317c53f49f3d3c2eb17
SHA512

f753294dabee4f490c4f3692ff109dd0a30fc1998585082078558d262d7d536d2448dddbeceb0f799aa16f38a14c104429e5ee3cf8dfcc6c7f43fe7465c069c0
SSDEEP

24576:8IpvHjdiLvvfNdjWlp/sOAnYZfHXu1MpfiAveC0bsJqk:8SvHjdo31dSlps1nYZfHXvp6AP0u

Score

N/A

Malware Config

Signatures

Files

b85aa9684b8417dd135cab9df0e3f20398406711495e2317c53f49f3d3c2eb17
.exe windows x86

51015d24bbf47fcf0890c59e7f8ca80b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32Next
SetLastError
UpdateResourceW
SetComputerNameExA
lstrlen
CloseProfileUserMapping
LocalFlags
FindActCtxSectionStringA
LoadLibraryA
BackupWrite
FindNextChangeNotification
GetShortPathNameW
HeapFree
FindAtomW
GetEnvironmentStringsA
VirtualAlloc
GlobalHandle
SetConsoleKeyShortcuts
RegisterWowExec
SwitchToFiber
CreateMemoryResourceNotification
GetConsoleScreenBufferInfo
SystemTimeToFileTime
lstrcatW
Beep
SetConsoleIcon
GetTimeZoneInformation
SetThreadExecutionState

adsldpc

ADsSetSearchPreference
LdapGetDn
LdapGetSubSchemaSubEntryPath
ADSIGetNextRow
LdapTypeToAdsTypeDNWithString
SchemaGetPropertyInfoByIndex
ADsGetNextColumnName
LdapOpenObject2
ReadServerSupportsIsADControl
BuildADsParentPathFromObjectInfo2
ADsEncodeBinaryData
ADsDecodeBinaryData
LdapTypeFreeLdapObjects
LdapModifyS
InitObjectInfo
SchemaGetStringsFromStringTable
ADsHelperGetCurrentRowMessage
FreeADsMem
ADsGetFirstRow
LdapCloseObject
Component
ADsCreateDSObject
ADSIGetNextColumnName
LdapResult

user32

SetWindowStationUser
CreateWindowExW
WCSToMBEx
DlgDirListA
ChangeDisplaySettingsExW
GetWindowLongA
CreateDesktopW
RegisterClassExW
CopyImage
IsCharUpperA
GetSysColor
LookupIconIdFromDirectoryEx
UserLpkPSMTextOut
GetUpdateRgn
RegisterTasklist

esent

JetTruncateLogInstance
JetAttachDatabase
JetGetLS
JetGetAttachInfo
JetInit3
JetGetRecordPosition
JetDupSession
JetUpdate
JetAttachDatabase2
JetCommitTransaction@8
JetInit@4
ese
JetOpenDatabase
JetGetTruncateLogInfoInstance
JetSnapshotStart

clbcatq

GetComputerObject
CoRegCleanup
OpenComponentLibraryOnStreamEx
SetSetupSave
ActivatorUpdateForIsRouterChanges
ComPlusMigrate
DeleteAllActivatorsForClsid
UpdateFromAppChange
OpenComponentLibraryEx
ServerGetApplicationType
CheckMemoryGates
CreateComponentLibraryEx
CLSIDFromStringByBitness
SetSetupOpen
OpenComponentLibraryOnMemEx
UpdateFromComponentChange
SetupSave

odbccu32

SQLNumParams
SQLSetConnectAttr
SQLSetStmtAttr
SQLSetStmtOption
SQLSetConnectOption
SQLGetData
SQLGetInfo
SQLFetch
SQLCancel
SQLSetScrollOptions
SQLMoreResults
ReleaseCLStmtResources
SQLGetStmtOption
SQLBindCol
SQLSetDescField
SQLExecute
SQLParamOptions
SQLFreeHandle
SQLFreeStmt

Sections

.text
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51015d24bbf47fcf0890c59e7f8ca80b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

adsldpc

user32

esent

clbcatq

odbccu32

Sections

.text Size: 728KB - Virtual size: 727KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 5KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 728KB - Virtual size: 727KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 5KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB