f760ef0eba7b4cdd22f243efeffe5b37c5537f08723b051574444756af08f963

Sharing

Copy URL Twitter E-mail

General

Target

f760ef0eba7b4cdd22f243efeffe5b37c5537f08723b051574444756af08f963
Size

867KB
MD5

b99f979c1b7dd7e1af3d039deb6f500c
SHA1

baed8b5e4734dbb890231e7f28c4f4494692e42a
SHA256

f760ef0eba7b4cdd22f243efeffe5b37c5537f08723b051574444756af08f963
SHA512

87e3edd8728676b479861d78ff17fca858bfe6dcbc0bdbcb355dba131db6c5db2c41286817a17d85b7a7bbf41c79cbefcd2f69f7f37807fb72a51250060ba250
SSDEEP

24576:u0tOwHWNwXTLtjPcVrcukapuMRDfg+spwBhmL:POwCaorc9eu4YzwBh

Score

N/A

Malware Config

Signatures

Files

f760ef0eba7b4cdd22f243efeffe5b37c5537f08723b051574444756af08f963
.exe windows x86

d770a54b9cf578f93494672240f164ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

odbccp32

SQLConfigDataSource
SQLInstallTranslatorEx
SQLInstallODBCW
SQLValidDSNW
SQLWriteFileDSNW
SQLSetConfigMode
SQLGetInstalledDriversW
SQLReadFileDSNW
SQLLoadDriverListBox
SQLConfigDriverW
SQLWritePrivateProfileStringW
SQLInstallDriverManager
SQLManageDataSources
SQLGetTranslator
SQLRemoveDSNFromIni
SQLPostInstallerErrorW
SQLReadFileDSN
SQLGetTranslatorW
SQLGetAvailableDrivers
SQLWriteDSNToIni
SQLCreateDataSourceExW
ODBCCPlApplet
SQLRemoveDriverW
SQLRemoveDriverManager
SQLInstallTranslator
SQLWriteFileDSN
SQLConfigDataSourceW
SQLRemoveTranslator
SQLRemoveDefaultDataSource
SQLPostInstallerError
SQLInstallDriverManagerW
SQLInstallDriver
SQLGetPrivateProfileString
SQLInstallTranslatorExW
SQLInstallTranslatorW
SQLWritePrivateProfileString
SQLInstallODBC
SQLValidDSN
SQLGetConfigMode
SQLLoadDataSourcesListBox
SQLRemoveDSNFromIniW
SQLCreateDataSourceW

kernel32

DebugSetProcessKillOnExit
EnumDateFormatsExA
FindActCtxSectionStringA
GetDateFormatW
GetCurrentThread
EnumUILanguagesA
GetSystemTimeAdjustment
EnumSystemGeoID
SetLocaleInfoA
lstrcpyW
SetFilePointerEx
GetConsoleDisplayMode
GetTapeStatus
FoldStringW
lstrcpynW
FindResourceExW
SetFileTime
SetSystemTime
GlobalAlloc
WritePrivateProfileStringA
GetConsoleInputExeNameW
CreateFileMappingA
SwitchToThread
LoadLibraryA
SetProcessWorkingSetSize
UnlockFileEx
CreateNamedPipeW
SetConsoleTitleA
GetTickCount
IsBadCodePtr
SetConsoleWindowInfo
FindNextVolumeMountPointW
GetTempPathA
GetUserDefaultLangID
FindFirstFileExW
VirtualAlloc
CopyLZFile
SetConsoleOutputCP
QueryDosDeviceW
SetHandleContext
FlushViewOfFile
GetFirmwareEnvironmentVariableA
GetEnvironmentStringsA
SetCriticalSectionSpinCount
DebugBreak
ConnectNamedPipe
GetLogicalDrives
GetCommState
GetConsoleCursorInfo
ReadFileScatter
EnumResourceLanguagesA
GlobalMemoryStatusEx
GetCalendarInfoW
GlobalFindAtomW
EnumerateLocalComputerNamesA
PurgeComm
LZInit
FindResourceA
CreateProcessInternalW
WaitForDebugEvent
ReplaceFileA
GlobalGetAtomNameW
Module32First
FillConsoleOutputCharacterA
OpenJobObjectA
RegisterWaitForSingleObjectEx
LockFile
ResetEvent
RemoveDirectoryA
BaseCheckAppcompatCache
GetTempFileNameW
CreateJobObjectW
CreateDirectoryW
WriteTapemark
GetDriveTypeA
SetFileAttributesA
GetCommandLineW
LZDone
GlobalAddAtomW
HeapCreate
ClearCommError
GetCurrencyFormatA
GlobalFlags

crypt32

CryptMemRealloc
CryptInstallOIDFunctionAddress
RegQueryValueExU
CertDuplicateStore
CertSetCertificateContextPropertiesFromCTLEntry
CryptExportPublicKeyInfoEx
CertAddEncodedCertificateToSystemStoreA
CryptProtectData
CertCompareCertificateName
I_CryptReleaseLruEntry
CertFreeCTLContext
CertVerifyCRLRevocation
PFXExportCertStore
CryptMsgGetParam
I_CryptEnableLruOfEntries
I_CryptGetOssGlobal
CertFreeCRLContext
CertGetEnhancedKeyUsage
CryptGetAsyncParam
CryptSignAndEncryptMessage
CertAddStoreToCollection
CryptMsgOpenToEncode
I_CryptGetAsn1Encoder
I_CryptDetachTls
CertGetStoreProperty
CryptGetOIDFunctionValue

msvfw32

GetOpenFileNamePreviewA
ICCompress
ICGetInfo
DrawDibClose
ICSeqCompressFrameStart
ICInstall
ICRemove
GetSaveFileNamePreviewW
ICImageDecompress
ICDecompress
DrawDibChangePalette
MCIWndRegisterClass
GetOpenFileNamePreviewW
ICImageCompress
ICLocate
DrawDibBegin
ICOpenFunction
MCIWndCreateA
ICGetDisplayFormat
GetOpenFileNamePreview
ICCompressorChoose
DrawDibTime
DrawDibGetPalette
DrawDibRealize
DrawDibEnd
ICMThunk32
ICOpen
DrawDibGetBuffer
DrawDibOpen
MCIWndCreate
StretchDIB
ICClose
ICSeqCompressFrameEnd
ICDrawBegin
DrawDibSetPalette
ICInfo
ICSeqCompressFrame

ntdll

RtlFreeUnicodeString
RtlRemoveVectoredExceptionHandler
RtlUpcaseUnicodeStringToOemString
ZwCompareTokens
NtQueryTimer
NtPrivilegedServiceAuditAlarm
CsrCaptureMessageMultiUnicodeStringsInPlace
LdrLoadAlternateResourceModule
NtQueryPortInformationProcess
NtRequestPort
_ltow
ZwRaiseHardError
NtInitiatePowerAction
NtUnloadKeyEx
wcscmp
RtlQueryEnvironmentVariable_U
RtlCreateUserSecurityObject
RtlSplay
RtlDelete
NtCreateProcess
NtReplyPort
_aullrem
ZwQuerySystemTime
ZwDeleteBootEntry
ZwSetSystemInformation
RtlSetLastWin32Error
NtSetEvent
RtlDllShutdownInProgress
LdrSetAppCompatDllRedirectionCallback
_aulldiv
RtlSetDaclSecurityDescriptor
_snwprintf
RtlReleasePebLock
RtlQueryAtomInAtomTable
RtlNewSecurityObjectWithMultipleInheritance
NtSetInformationJobObject
NtSignalAndWaitForSingleObject
RtlTraceDatabaseCreate
ZwQueryIoCompletion
RtlGetNtGlobalFlags
RtlCreateUnicodeString

Sections

.text
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 446KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d770a54b9cf578f93494672240f164ce

Headers

DLL Characteristics

File Characteristics

Imports

odbccp32

kernel32

crypt32

msvfw32

ntdll

Sections

.text Size: 206KB - Virtual size: 208KB

.rdata Size: 212KB - Virtual size: 212KB

.data Size: 512B - Virtual size: 1.9MB

.rsrc Size: 446KB - Virtual size: 448KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 206KB - Virtual size: 208KB

.rdata
Size: 212KB - Virtual size: 212KB

.data
Size: 512B - Virtual size: 1.9MB

.rsrc
Size: 446KB - Virtual size: 448KB

.reloc
Size: 1024B - Virtual size: 4KB