ed8e2f412aeab259b47e3d84f37a0eefb24ba4321d6f34c478a1339f014406e9

Sharing

Copy URL Twitter E-mail

General

Target

ed8e2f412aeab259b47e3d84f37a0eefb24ba4321d6f34c478a1339f014406e9
Size

825KB
MD5

6f8d03dc233d4fe17a6dc10b462b533b
SHA1

409c9d6db586fb979b44823e5c369a3b151d29e2
SHA256

ed8e2f412aeab259b47e3d84f37a0eefb24ba4321d6f34c478a1339f014406e9
SHA512

489c67016bafed5eabe9e2e5e294a5f122648dd217e7741091753e70ff4a5dde5cc70f708dba64cb877885313d8d852b04da9f5fc26ccf40bd57d900e52b8f2e
SSDEEP

24576:vSQ43CDHAhB+eFbJu58x386MeLqznl13:v+3KAhBxFu5IMemJ1

Score

N/A

Malware Config

Signatures

Files

ed8e2f412aeab259b47e3d84f37a0eefb24ba4321d6f34c478a1339f014406e9
.exe windows x86

1de6c1cc8ffed082c193112c752d5cbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mmcbase

?TraceAndClear@SC@mmcerror@@QAEXXZ
?FatalError@SC@mmcerror@@QBEXXZ
?Throw@SC@mmcerror@@QAEXJ@Z
?GetHinst@SC@mmcerror@@SGPAUHINSTANCE__@@XZ
??7SC@mmcerror@@QBEHXZ
??8SC@mmcerror@@QBE_NABV01@@Z
??0CEventBuffer@@QAE@ABV0@@Z
?GetHelpID@SC@mmcerror@@QAEKXZ
?Throw@SC@mmcerror@@QAEXXZ
?GetMainThreadID@SC@mmcerror@@SGKXZ

kernel32

LZRead
CreateActCtxW
SetComputerNameExA
ZombifyActCtx
WriteFile
DuplicateConsoleHandle
LocalCompact
GlobalUnfix
GetVolumeInformationA
OpenJobObjectA
OpenFile
FileTimeToSystemTime
GetTapeStatus
CreateMutexW
PrivCopyFileExW
GetConsoleTitleA
GetOverlappedResult
CallNamedPipeA
SetConsoleScreenBufferSize
EnumerateLocalComputerNamesA
lstrcmpiA
VirtualQuery
SetConsoleNlsMode
HeapDestroy
ResetEvent
HeapWalk
ReadDirectoryChangesW
SetLocalTime
_lwrite
OpenEventW
WaitForSingleObject
FindNextChangeNotification
IsBadCodePtr
LZCopy
GetTickCount
UpdateResourceA
GetConsoleCharType
LockFile
GetVolumeNameForVolumeMountPointW
FindResourceA
GetTapePosition
GetThreadTimes
GetCurrencyFormatA
DebugSetProcessKillOnExit
BackupRead
lstrcmpi
GlobalReAlloc
GlobalWire
GetCommProperties
DeleteFileA
GetUserDefaultLCID
SetPriorityClass
LoadLibraryW
CreateToolhelp32Snapshot
LocalFileTimeToFileTime
GlobalCompact
DeleteTimerQueue
LZCreateFileW
WriteProfileSectionW
SearchPathW
BaseCleanupAppcompatCacheSupport
CreateTapePartition
GetEnvironmentStrings
IsBadWritePtr
CreateEventW
SetConsoleHardwareState
GetStringTypeA
ResetWriteWatch
LoadResource
SetLastError
EnumDateFormatsW
SetClientTimeZoneInformation
WriteTapemark
SetLocalPrimaryComputerNameA
SetFilePointer
SetFileAttributesW
VirtualFree
GetNativeSystemInfo
GetCurrentConsoleFont

sqlunirl

_GetShortPathName_@12
_GetEnhMetaFileDescription_@12
_GetPrivateProfileString_@24
_EnumICMProfiles_@12
_CreateService_@52
_FindWindowEx_@16
_SetWindowsHookEx_@16
_DialogBoxIndirectParam_@20
_GetPrivateProfileSectionNames_@12
_lstrcmpi_@8
__hwrite_@12
_ShellExecuteEx_@4
_FindText_@4
_GetTempPath_@8
_GetVersionEx@4
_PropertySheet_@4
_SetDefaultCommConfig_@12
_VkKeyScanEx_@8
_GetCharABCWidths_@16
_CreateEvent_@16
AllocConvertMultiSZNameToA

msports

ComDBClaimPort
ComDBGetCurrentPortUsage
ComDBOpen
ComDBClose
ComDBClaimNextFreePort
ParallelPortPropPageProvider
SerialPortPropPageProvider
PortsClassInstaller
ComDBResizeDatabase
SerialDisplayAdvancedSettings
ComDBReleasePort

msvcrt

__set_app_type
_mbsnbcnt
__CxxDetectRethrow
_getw
_ismbslead
_CIlog
_chdir
_spawnve
_fstat
exit
_adj_fdiv_r
__p__commode
strcoll
log
mbstowcs
_getdrives
_unloaddll
__getmainargs
_snwprintf
_wstati64
_c_exit

gdi32

ScaleViewportExtEx
EngGetCurrentCodePage
DdEntry56
GetSystemPaletteUse
Polyline
GetBkMode
CreateFontIndirectExA
DdEntry13
EqualRgn
PolyPatBlt
SetTextAlign
EngComputeGlyphSet
SelectClipRgn
AbortPath
EngMultiByteToWideChar
CreateCompatibleDC
Ellipse
EnumMetaFile
GetColorSpace
GdiFullscreenControl
OffsetClipRgn
SetICMProfileW
GetGlyphIndicesA
FixBrushOrgEx
DdEntry31

Sections

.text
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1de6c1cc8ffed082c193112c752d5cbf

Headers

DLL Characteristics

File Characteristics

Imports

mmcbase

kernel32

sqlunirl

msports

msvcrt

gdi32

Sections

.text Size: 382KB - Virtual size: 381KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 382KB - Virtual size: 381KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 828B