b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f

Sharing

Copy URL

Twitter E-mail

General

Target

b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f
Size

276KB
MD5

1b09ce5084f72b67a78c10fe5c22fc58
SHA1

c72043ba63b3bfcff990d26046ab4ff228ebbf0a
SHA256

b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f
SHA512

47eac0efa0bcd63505ea3b954068550912c9753c50db7a2b83a4b289fd625560ab8aa3fe09e934fc26e520cce307beecc21ea9a66be09acad47b21da9021f22c
SSDEEP

6144:eWsTJRUJu+7/bj/+m8k5kR+bgI+rcSlNwG9:etJRUJueem2VXLn9

Score

N/A

Malware Config

Signatures

Files

b06567bc251c55c6213b7d6efed37c5966ed3be62bf54689f2a450532d80542f
.exe windows x86

9b34bd11ddde9655b9e0abd88e00e26f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
_onexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_ismbcgraph
_setmaxstdio
_mbsnbcoll
_wchdir
puts
_findnexti64
$I10_OUTPUT
_fileinfo
scanf
ispunct
_wspawnle
_outpd
_strnicmp
_chgsign
_ismbcalpha
_assert
_ctype
rand
_lsearch
_execvp
_getws
signal
__dllonexit

advapi32

CloseEventLog

perfos

CollectOSObjectData

ntdll

RtlZeroMemory
RtlTimeToSecondsSince1970
RtlFreeAnsiString

activeds

BinarySDToSecurityDescriptor
ADsBuildVarArrayStr
AdsFreeAdsValues

shell32

SHCloneSpecialIDList
SHCreateQueryCancelAutoPlayMoniker

shdocvw

SetQueryNetSessionCount

gdi32

EnumObjects
RestoreDC
CombineRgn
GetRandomRgn
PtInRegion
Rectangle
CreateCompatibleBitmap

xolehlp

DtcGetTransactionManagerExA

odbc32

SQLGetDiagFieldA
SQLExtendedFetch
VRetrieveDriverErrorsRowCol
SQLAllocEnv
SQLGetDescFieldW
SQLProcedureColumnsA
SQLDescribeColW
SQLGetConnectOptionA
VFreeErrors
SQLFreeStmt
SQLGetInfoW
SQLSetCursorNameW
SQLAllocConnect
SQLDescribeColA
SQLGetInfoA
SQLGetData
SQLTablesW

user32

ValidateRgn
SendMessageCallbackW
GetWindowRgn

kernel32

LoadLibraryA
CloseHandle
GetProcAddress
SetFileAttributesA
ProcessIdToSessionId
QueryPerformanceFrequency
lstrcpyW
SetEnvironmentVariableA
GetModuleHandleA
SetupComm
CompareStringA
ConvertThreadToFiber
ReadConsoleA
VirtualAlloc
SetThreadAffinityMask
GetModuleHandleA
ReadProcessMemory
GetStartupInfoA
SetErrorMode

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b34bd11ddde9655b9e0abd88e00e26f

Headers

File Characteristics

Imports

msvcrt

advapi32

perfos

ntdll

activeds

shell32

shdocvw

gdi32

xolehlp

odbc32

user32

kernel32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 100KB - Virtual size: 163KB

.rsrc Size: 76KB - Virtual size: 73KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 100KB - Virtual size: 163KB

.rsrc
Size: 76KB - Virtual size: 73KB