e1723d182afa8b36778c5d3325171c9709777d9ed0c1ce46a426a2e4c6be3a7b

Sharing

Copy URL

Twitter E-mail

General

Target

e1723d182afa8b36778c5d3325171c9709777d9ed0c1ce46a426a2e4c6be3a7b
Size

53KB
MD5

1d1b7e7310b57741ed721c87f0edae5b
SHA1

bbbacf5ced424cb53a20c8d54e382891c03f12e7
SHA256

e1723d182afa8b36778c5d3325171c9709777d9ed0c1ce46a426a2e4c6be3a7b
SHA512

048fa76f01cd82ce2896fbfda66b3c71f0d8d5bc5ff859ba8956456008aabf5df74b6d05fa6caca84a5b7b240fc41ebc2aae7e7883153a1fc63f48cc22ce6be6
SSDEEP

1536:F8HSsOTIGG6m/9ldpq0mp1E9kAZutvDwjg6C7nPFAd:FhBG6O9l7GpW9kAZutvEMB7nPFA

Score

N/A

Malware Config

Signatures

Files

e1723d182afa8b36778c5d3325171c9709777d9ed0c1ce46a426a2e4c6be3a7b
.exe windows x86

a92d985195354d67cde1d02806efca60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTimerQueue
SetFirmwareEnvironmentVariableA
BuildCommDCBAndTimeoutsW
VirtualAlloc
BaseInitAppcompatCacheSupport
UnregisterWaitEx
AddRefActCtx
_lread
ExpungeConsoleCommandHistoryA
PrepareTape
GetCurrentProcessId
GetVolumeInformationW
AddLocalAlternateComputerNameW
_hread
TlsAlloc
SetHandleContext
BaseCheckAppcompatCache
LoadModule
GetHandleContext
CreateEventW
CreateDirectoryExW
GetPrivateProfileSectionW
UnregisterWait
VirtualLock
FindVolumeClose
GetComputerNameExW
FormatMessageA
BackupWrite
VirtualFree
HeapFree
IsValidCodePage
LoadLibraryA
GetNextVDMCommand
HeapCreate
OpenProfileUserMapping
GetCurrentThread
GetProcessId
GetACP
OutputDebugStringW
LocalAlloc

powrprof

CallNtPowerInformation
CanUserWritePwrScheme
SetSuspendState
GetPwrDiskSpindownRange
GetPwrCapabilities
IsPwrShutdownAllowed
ReadPwrScheme
GetCurrentPowerPolicies
WriteProcessorPwrScheme
LoadCurrentPwrScheme
EnumPwrSchemes
IsPwrHibernateAllowed
WriteGlobalPwrPolicy
MergeLegacyPwrScheme
DeletePwrScheme
ReadProcessorPwrScheme
WritePwrScheme
SetActivePwrScheme
IsAdminOverrideActive
ReadGlobalPwrPolicy
GetActivePwrScheme
ValidatePowerPolicies
IsPwrSuspendAllowed

user32

LoadIconA
GetClassInfoExA
CascadeWindows
SetUserObjectInformationW
GetRawInputBuffer
DrawTextExA
GetScrollInfo
SubtractRect
LoadLocalFonts
MonitorFromPoint
SetRect
ChildWindowFromPoint
GetMenuStringA
DeviceEventWorker
SetDlgItemTextW
ScrollChildren
DdeAccessData
IntersectRect
CreateCaret
CreateDialogIndirectParamA
IsMenu
SendMessageW
PaintMenuBar
SetWindowsHookW
OpenWindowStationW
DialogBoxParamW
SetSystemMenu
GetClipboardFormatNameW
LockWorkStation
GetKeyboardLayoutList

msvcirt

??_8iostream@@7Bistream@@@
??_7iostream@@6B@
??1strstream@@UAE@XZ
?str@strstreambuf@@QAEPADXZ
?setmode@filebuf@@QAEHH@Z
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
?is_open@ifstream@@QBEHXZ
?setbuf@strstreambuf@@UAEPAVstreambuf@@PADH@Z
?precision@ios@@QAEHH@Z
?getline@istream@@QAEAAV1@PAEHD@Z
?put@ostream@@QAEAAV1@D@Z
?rdstate@ios@@QBEHXZ
??_Eistrstream@@UAEPAXI@Z
??_7strstreambuf@@6B@
??1fstream@@UAE@XZ
?gptr@streambuf@@IBEPADXZ
?is_open@filebuf@@QBEHXZ
?oct@@YAAAVios@@AAV1@@Z
_mtlock
?in_avail@streambuf@@QBEHXZ
??4exception@@QAEAAV0@ABV0@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
?pptr@streambuf@@IBEPADXZ
?put@ostream@@QAEAAV1@E@Z
?get@istream@@QAEAAV1@AAC@Z
?rdbuf@stdiostream@@QBEPAVstdiobuf@@XZ
?out_waiting@streambuf@@QBEHXZ
??0streambuf@@IAE@XZ
?pcount@strstream@@QBEHXZ
??_Elogic_error@@UAEPAXI@Z
?setbuf@ofstream@@QAEPAVstreambuf@@PADH@Z
?hex@@YAAAVios@@AAV1@@Z
??0iostream@@IAE@XZ

msorcl32

SQLStatistics
SQLAllocStmt
SQLNumResultCols
SQLExecDirect
SQLCancel
SQLBindParameter
SQLMoreResults
SQLColAttributes
SQLExecute
SQLParamData
SQLAllocConnect
SQLRowCount
SQLSetStmtOption
SQLColumns
SQLSetCursorName
SQLForeignKeys
SQLConnect
DllMain
SQLSetConnectOption
SQLTables
SQLDriverConnect
SQLBrowseConnect
SQLError
SQLSetPos
SQLAllocEnv
SQLExtendedFetch
SQLSetScrollOptions
SQLGetData
SQLDescribeCol
SQLGetCursorName
SQLPutData
SQLFreeConnect
SQLFreeStmt
SQLProcedures

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a92d985195354d67cde1d02806efca60

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

powrprof

user32

msvcirt

msorcl32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 412B

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 412B

.rsrc
Size: 4KB - Virtual size: 3KB