cb9d280b95c7fead02c73c132b5819256ec7d4ab12d39706f5b008504bcca7c9

Sharing

Copy URL Twitter E-mail

General

Target

cb9d280b95c7fead02c73c132b5819256ec7d4ab12d39706f5b008504bcca7c9
Size

366KB
MD5

dbf3ffc45b6f5bd6b36585612f2597c5
SHA1

1f5504695292b474ef33c8338f2ea5891d5dce2d
SHA256

cb9d280b95c7fead02c73c132b5819256ec7d4ab12d39706f5b008504bcca7c9
SHA512

ba08a4820a8eb58306fb5676fcf0482b29450f55fc263c7f0fa62c08b363d81b4b32a8cbccccfcaafe159a81f403d7eaa777de738090f98427a246183edd186f
SSDEEP

6144:gpCheAih7MeB3Jrcsr2xkeoqF+oC3ylSbgCoLY6ae6e/nhu+qPi+VbNkFDJyA/AM:gAhDaB3JrcO2vkouRV7yx+PDmFUA/DD

Score

N/A

Malware Config

Signatures

Files

cb9d280b95c7fead02c73c132b5819256ec7d4ab12d39706f5b008504bcca7c9
.exe windows x86

3d39a4709c48a6f0bda0f1a01d6255c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAOIDFreeProperty
CAEnumCertTypesEx
CAAccessCheck
GetProxyDllInfo
CAFreeCertTypeExtensions
CAUpdateCertType
CAGetCertTypeExtensionsEx
CACertTypeUnregisterQuery
CACertTypeAccessCheck
CACountCAs
CASetCAProperty
CAGetCAExpiration
CAGetCACertificate
CAInstallDefaultCertType
CACreateLocalAutoEnrollmentObject
CASetCertTypeFlagsEx
CAUpdateCA
CAFreeCAProperty
CAEnumNextCA
CAGetCASecurity
CAFindByCertType

dbnetlib

ConnectionServerEnumW
ConnectionTransact
ConnectionStatus
ConnectionMode
ConnectionOption
ConnectionGetSvrUser
TermSession
ConnectionRead
ConnectionFlushCache
GenClientContext
ConnectionWrite
ConnectionClose
TermSSPIPackage
InitSession
ConnectionErrorW
ConnectionObjectSize
ConnectionWriteOOB
ConnectionOpen
ConnectionSqlVer
ConnectionOpenW

oleaut32

VarUI1FromI2
OleCreatePictureIndirect
VarBstrFromUI2
VarUI4FromUI8
VarBoolFromR4
VarUI4FromDisp
VarI2FromUI2
VarUI2FromR8
VarR8FromUI2
VarDecFromUI1
VarUI4FromR4
SafeArrayCreateVectorEx
VarNeg
SafeArrayPtrOfIndex
SafeArrayGetIID
VarR8Pow
VarUI1FromCy
VarR8FromUI1
VarBstrFromCy
CreateTypeLib2
VarCyAdd
VarBoolFromUI4

kernel32

GetTimeZoneInformation
GetConsoleCommandHistoryW
GetEnvironmentStringsA
VirtualUnlock
GetCurrentDirectoryA
GetConsoleAliasExesA
FreeEnvironmentStringsA
FindFirstChangeNotificationW
SetSystemPowerState
AddLocalAlternateComputerNameW
FindAtomW
GetVolumeInformationW
VirtualAlloc
GetProcessHeap
SetConsoleMenuClose
QueueUserWorkItem
GlobalFix
WaitNamedPipeA
SetComPlusPackageInstallStatus
DuplicateConsoleHandle
IsBadCodePtr
GetDateFormatW
SignalObjectAndWait
ChangeTimerQueueTimer
GetTickCount
LoadLibraryA
GetDiskFreeSpaceA
UpdateResourceW
QueryDepthSList
GetFullPathNameA
CreateWaitableTimerW
RegisterWaitForSingleObject
EnumSystemLanguageGroupsA
GlobalHandle
GetProfileSectionW
SetCommMask
SetConsoleCtrlHandler
GetConsoleNlsMode
SetFileAttributesA
FlushFileBuffers
GetDefaultCommConfigA
VerifyConsoleIoHandle
OpenJobObjectA
DeleteFiber
IsBadReadPtr
HeapWalk
Heap32Next

Sections

.text
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d39a4709c48a6f0bda0f1a01d6255c3

Headers

DLL Characteristics

File Characteristics

Imports

certcli

dbnetlib

oleaut32

kernel32

Sections

.text Size: 309KB - Virtual size: 308KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 4KB - Virtual size: 421KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 309KB - Virtual size: 308KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 4KB - Virtual size: 421KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB