985fc379d0b293c282c1e1cf9a501d5b5c9bbf45d0b7bad7fb637d8032be09cb

Sharing

Copy URL Twitter E-mail

General

Target

985fc379d0b293c282c1e1cf9a501d5b5c9bbf45d0b7bad7fb637d8032be09cb
Size

680KB
MD5

790fe94fd79a3898af0dfb25f514666a
SHA1

0e3c54dd4d636649b60cf3c1cfe9f9eee351eae7
SHA256

985fc379d0b293c282c1e1cf9a501d5b5c9bbf45d0b7bad7fb637d8032be09cb
SHA512

f2c83073eff5d5733e56295326fa7bcc72865f6aa35f830fd8c8a3740ac0330509e41aa285fdff1be0ad7b6e8df947cdf9e52c94522fec8bf7f01f73719c8d46
SSDEEP

12288:Sw3ysf8bDuGlJP154y9jjc1kPw/LNAdrKAIw/UNt66N:SwCsf8bDuGz1ey9jKkgWdL/D6N

Score

N/A

Malware Config

Signatures

Files

985fc379d0b293c282c1e1cf9a501d5b5c9bbf45d0b7bad7fb637d8032be09cb
.exe windows x86

dcce0414c7ae8936b7489a0fe3872308

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mdb_search

SearchDlg_SetMDBLimit
SearchDlg_UpdateDB
SearchDlg_SetMDB_POS
SearchDlg_SetMDB
SearchDlg_ForceGo

geodb

??1CGeoDB@@QAE@XZ
?Open@CGeoDB@@QAEHPBXHH@Z
?GetTables@CGeoDB@@QAEHPADAAK@Z
?IsOpen@CGeoDB@@QAEHXZ
?Close@CGeoDB@@QAEXXZ
?SetAccessProvider@CGeoDB@@QAEHPBD00@Z
?GetRecordCount@CGeoDB@@QAEHXZ
?GetFieldValue@CGeoDB@@QAEHPBDAAV_variant_t@@@Z
?MoveFirst@CGeoDB@@QAEHXZ
?MoveNext@CGeoDB@@QAEHXZ
?Move@CGeoDB@@QAEHJ@Z
?MovePrevious@CGeoDB@@QAEHXZ
?IsEof@CGeoDB@@QAEHXZ
?GetFieldType@CGeoDB@@QAEHPBDAAH@Z
?SetAbsolutePosition@CGeoDB@@QAEXH@Z
?GetAbsolutePosition@CGeoDB@@QAEHXZ
?SetSort@CGeoDB@@QAEXPBD@Z
?SetFilter@CGeoDB@@QAEXPBD@Z
??0CGeoDB@@QAE@XZ

kernel32

CreateDirectoryA
RtlUnwind
SetHandleCount
GetFileType
HeapDestroy
SetErrorMode
GetEnvironmentStrings
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetTimeZoneInformation
VirtualProtect
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
IsBadCodePtr
GetLocaleInfoA
InterlockedExchange
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
FormatMessageA
lstrlenA
LocalAlloc
InterlockedDecrement
LCMapStringA
Sleep
LCMapStringW
HeapReAlloc
HeapSize
ExitProcess
GetACP
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetSystemTimeAsFileTime
RaiseException
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentDirectoryA
GetCommandLineA
SizeofResource
GetSystemInfo
GetProfileStringA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GetCurrentThread
GlobalFree
CreateMutexA
CreateEventA
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
lstrcmpA
MulDiv
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpyA
FindFirstFileA
SetLastError
FindClose
CloseHandle
lstrcpynA
lstrlenW
lstrcmpiA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
GetPrivateProfileStringA
GetVersionExA
FreeLibrary
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetPrivateProfileIntA
OutputDebugStringA
WritePrivateProfileStringA
WaitForSingleObject
ReleaseMutex
GetModuleHandleA
GetProcAddress
GetTickCount
GetLastError
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
GetLocalTime
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
VirtualQuery
IsBadReadPtr
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate

user32

GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
EnableMenuItem
IsDialogMessageA
SetDlgItemTextA
LoadIconA
SendDlgItemMessageA
MapWindowPoints
DispatchMessageA
SetActiveWindow
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
ModifyMenuA
SetMenuItemBitmaps
GetScrollPos
MessageBoxA
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetDlgCtrlID
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
GetWindowPlacement
GetWindowTextLengthA
UnhookWindowsHookEx
SetScrollRange
SetScrollPos
CreatePopupMenu
AppendMenuA
GetMenuState
GetLastActivePopup
SetParent
GetDCEx
BringWindowToTop
PeekMessageA
PostQuitMessage
SetForegroundWindow
SystemParametersInfoA
KillTimer
WindowFromPoint
IsRectEmpty
SetTimer
GetDoubleClickTime
IsWindowVisible
GetKeyState
DrawEdge
ShowScrollBar
IsChild
GetWindowTextA
GetFocus
SetFocus
IntersectRect
DrawFrameControl
DrawFocusRect
PostMessageA
UpdateWindow
IsWindow
CopyRect
GetDC
ReleaseDC
OffsetRect
EnableWindow
GrayStringA
DestroyIcon
GetTabbedTextExtentA
DrawTextA
TabbedTextOutA
PtInRect
CharUpperA
GetSysColorBrush
GetClassNameA
GetMenuStringA
InsertMenuA
GetWindowLongA
SetCapture
GetCapture
ReleaseCapture
GetClipCursor
GetCursorPos
ClipCursor
SetCursor
GetSystemMetrics
ScreenToClient
ClientToScreen
SetRect
EqualRect
InvertRect
GetParent
LoadBitmapA
CheckMenuItem
LockWindowUpdate
FindWindowA
GetSystemMenu
GetWindowRect
InvalidateRect
SetRectEmpty
GetSysColor
FillRect
SetWindowRgn
GetClientRect
SendMessageA
InflateRect
GetClassInfoA
DefWindowProcA
LoadCursorA
wsprintfA
DeleteMenu
ShowOwnedPopups
UnionRect
IsZoomed
CreateDialogIndirectParamA
EndDialog
TranslateMessage
GetMessageA
LoadStringA
ValidateRect
DestroyCursor
SetMenu
UnpackDDElParam
ReuseDDElParam
GetActiveWindow
LoadMenuA
DestroyMenu
LoadAcceleratorsA
GetDesktopWindow
TranslateAcceleratorA
GetWindowDC
EndPaint
BeginPaint
IsIconic
GetMenuCheckMarkDimensions
SetWindowPos
RemovePropA
GetTopWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

CombineRgn
GetCurrentObject
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateFontIndirectA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
CreateHalftonePalette
CreatePalette
GetDIBColorTable
GetBkColor
RealizePalette
GetDeviceCaps
PatBlt
CreateRectRgnIndirect
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
CreatePolygonRgn
SelectObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
CreateRectRgn
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
DeleteObject
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
SetRectRgn
DPtoLP
Rectangle
GetViewportOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
CreateDCA
StretchDIBits
GetCharWidthA
CreateFontA
LPtoDP
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
CreateDIBitmap
GetTextExtentPointA
BitBlt
GetStockObject
GetObjectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
CommDlgExtendedError
GetFileTitleA
PrintDlgA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegCreateKeyA
RegSetValueA
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
SetFileSecurityA
GetFileSecurityA

shell32

ExtractIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHGetFileInfoA

comctl32

ImageList_DrawIndirect
ImageList_Destroy
ImageList_GetImageInfo
ord14
ord13
ord17
ImageList_LoadImageA

ole32

CoInitialize
CoUninitialize

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantInit
VariantClear
SysFreeString
VarBstrFromCy
VarDateFromStr
VarBstrFromDate

Sections

.text
Size: 456KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcce0414c7ae8936b7489a0fe3872308

Headers

File Characteristics

Imports

mdb_search

geodb

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 456KB - Virtual size: 452KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 12KB - Virtual size: 36KB

.sxdata Size: 4KB - Virtual size: 180B

.rsrc Size: 44KB - Virtual size: 42KB

.grdata Size: 76KB - Virtual size: 76KB

.text
Size: 456KB - Virtual size: 452KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 12KB - Virtual size: 36KB

.sxdata
Size: 4KB - Virtual size: 180B

.rsrc
Size: 44KB - Virtual size: 42KB

.grdata
Size: 76KB - Virtual size: 76KB