dffd505a34794beed80363c9509c53a7cd4f7bbdf5897b4840f564d2ccb0e894

Sharing

Copy URL Twitter E-mail

General

Target

dffd505a34794beed80363c9509c53a7cd4f7bbdf5897b4840f564d2ccb0e894
Size

23KB
MD5

a10690b6e2ac13ae2cd798739fc1f515
SHA1

7f6eea4c0af28e71040e14313009409ce16171eb
SHA256

dffd505a34794beed80363c9509c53a7cd4f7bbdf5897b4840f564d2ccb0e894
SHA512

2acaae0408c2f564bc1d12b1f088673e8bb76ae750d1b2cc1cefc981e153e845725cbc63dcb254c548380aec40aa6440a541a46c6cc1fde1cfa3123cd93d81fa
SSDEEP

384:ZJkUHNfDeokE1ZY88UwKxMxoQL2NlcU+sXa2CBvPeIQsfoQsfoQsfoQsf1krDiK:FDeokEjh8qPmJLSSSM7

Score

N/A

Malware Config

Signatures

Files

dffd505a34794beed80363c9509c53a7cd4f7bbdf5897b4840f564d2ccb0e894
.exe windows x86

292d76353020de856117f68fe9a514ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetNextDlgTabItem
DrawCaptionTempW
DefDlgProcW
GetWindowInfo
SetMenuItemInfoA
MessageBeep
PtInRect
IsWindow
InternalGetWindowText
SetCaretPos
GetClipboardData
GetUpdateRect
InvalidateRgn
IsDialogMessageA

icm32

CMTranslateRGB
CMTranslateRGBsExt
CMCreateTransformExtW
CMCheckColors
CMCreateTransformW
CMCreateProfile
CMConvertColorNameToIndex
CMIsProfileValid
CMCheckColorsInGamut
CMCreateTransformExt
CMDeleteTransform
CMCreateDeviceLinkProfile
CMCreateProfileW
CMGetInfo
CMConvertIndexToColorName
CMGetNamedProfileInfo

opengl32

glNormal3iv
glPolygonOffset
glTexCoordPointer
glCullFace
glGetLightiv
glClearIndex
glNormalPointer
glColor3ubv
glNormal3b
glPushName
glGetClipPlane
glViewport
glVertex4sv
glGenLists

samsrv

SamIFree_SAMPR_DOMAIN_INFO_BUFFER
SampNotifyReplicatedInChange
SamIIsSetupInProgress
SampAbortSingleLoopbackTask
SamIAmIGC
SampReleaseWriteLock
SamIIsRebootAfterPromotion
SamIDsSetObjectInformation
SamIStorePrimaryCredentials
SamIFreeSidAndAttributesList
SamIFree_SAMPR_GET_GROUPS_BUFFER
SamINotifyServerDelta
SamIDemoteUndo

kernel32

SetThreadAffinityMask
GetFileInformationByHandle
ReadConsoleOutputW
GetCurrentThreadId
SetCommMask
GetSystemDefaultLangID
LocalFree
MoveFileWithProgressW
GetCurrentProcessId
GetTickCount
SetLocaleInfoA
DnsHostnameToComputerNameW
EnumResourceTypesW
QueryPerformanceCounter
GetThreadSelectorEntry
TlsAlloc
EnumSystemCodePagesW
VirtualAlloc

sqlwoa

_MoveFile@8
_GetSaveFileName@4
_FreeEnvironmentStrings@4
newWideCharFromMultiByte
_CommDlg_OpenSave_GetFilePath@12
_GetDiskFreeSpaceEx@16
_ExtTextOut@32
_LoadLibrary@4
_FormatMessage@28
_tsystem
_MessageBox@16
_CommDlg_OpenSave_GetSpec@12
_GetTextExtentPoint32@16

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

292d76353020de856117f68fe9a514ec

Headers

DLL Characteristics

File Characteristics

Imports

user32

icm32

opengl32

samsrv

kernel32

sqlwoa

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1024B - Virtual size: 624B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1024B - Virtual size: 624B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB