46483eb9edb4686154717dfe107cc383db2a174baa3ece745e924adf8eb59cb2

Sharing

Copy URL Twitter E-mail

General

Target

46483eb9edb4686154717dfe107cc383db2a174baa3ece745e924adf8eb59cb2
Size

87KB
MD5

3b043eabc20c92012a8ab62ce5014d90
SHA1

72c883f2db6bf0e14aaff5180898aa643739f34d
SHA256

46483eb9edb4686154717dfe107cc383db2a174baa3ece745e924adf8eb59cb2
SHA512

4852f9994401a9d1e0858c9fc99e23abded82986c18e04482af2c7a12b5250149ecbde34ca3427e63803035037996e9e951add26955be21bbe25934ea2830385
SSDEEP

1536:psk8pNP7l3rYqceEJvMcJTYIpOeUzOdKnTx6E9KtyHnUOdfvPHhwJZl/2+k1XL5:2XNPZ3rYFeEJvllYGDUzO2DKtinUOdfH

Score

N/A

Malware Config

Signatures

Files

46483eb9edb4686154717dfe107cc383db2a174baa3ece745e924adf8eb59cb2
.exe windows x86

8159e8aca9279f139004aa4f3ad9f326

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

secur32

LsaFreeReturnBuffer
ImportSecurityContextW
MakeSignature
GetComputerObjectNameW
SaslEnumerateProfilesA
RevertSecurityContext
GetComputerObjectNameA
AddCredentialsA
VerifySignature
QuerySecurityPackageInfoW
DeleteSecurityPackageW
SaslIdentifyPackageW
LsaRegisterLogonProcess
AddSecurityPackageA
SealMessage
QuerySecurityPackageInfoA
UnsealMessage

odbccr32

SQLGetData
SQLGetInfo
SQLBindParameter
SQLCancel
SQLPutData
SQLEndTran
SQLExecDirect
SQLSetConnectAttr
SQLSetScrollOptions
SQLGetDescRec
SQLSetStmtAttr
SQLGetStmtAttr
SQLNativeSql
SQLBulkOperations
SQLExtendedFetch
ReleaseCLStmtResources
SQLSetDescRec
SQLSetConnectOption
SQLParamOptions
SQLTransact
SQLMoreResults
SQLGetDescField
SQLNumParams
SQLRowCount
SQLPrepare
SQLSetPos
SQLFreeHandle
SQLExecute
SQLFetchScroll
SQLSetStmtOption
SQLFreeStmt
SQLBindCol
SQLCloseCursor
SQLSetDescField
SQLFetch

crtdll

_endthread
_mbsnccnt
_tell
_ismbcl2
_mbslwr
_splitpath
_open
_winver_dll
_findclose
_getche
_mbstrlen
localeconv
_wcsset
_ismbclegal
floor
_CItanh
memmove
qsort
_spawnvpe
_pipe
_mbsnbicmp

msvbvm60

_adj_fdiv_m32i
VBDllUnRegisterServer
__vbaLsetFixstrFree
__vbaVarSetUnk
__vbaUnkVar
rtcUpperCaseBstr
rtcNPV
__vbaNew2
__vbaStrToUnicode
__vbaStrCy
rtcSplit
__vbaLateIdNamedCall
__vbaVarAdd
rtBstrFromErrVar
__vbaCyMulI2
__vbaLateMemSt
GetMemNewObj
rtcInputBox
rtcGetFileAttr
__vbaCyErrVar
__vbaVargObj
__vbaNextEachCollAd
__vbaInStrVarB
rtcMidVar
__vbaR4Str
TipInvokeMethod
rtcInputCountVar
__vbaFreeVarg
__vbaOnGoCheck
__vbaFpI2
rtcBstrFromAnsi
__vbaAryDestruct
rtcReplace
_adj_fprem

cmpbk32

PhoneBookHasPhoneType
PhoneBookGetCountryId
PhoneBookGetPhoneDescA
PhoneBookGetPhoneNonCanonicalA
PhoneBookGetPhoneDispA
PhoneBookCopyFilter
PhoneBookGetCurrentCountryId
PhoneBookGetRegionNameA
PhoneBookEnumCountries
PhoneBookLoad
PhoneBookGetCountryNameA

user32

GetWindowTextA
GetMenuItemInfoW
RegisterShellHookWindow
GetMenuStringW
DrawCaptionTempA
SetWindowsHookW
GetMenuItemRect
FindWindowW
GetForegroundWindow
SetWindowTextA
WindowFromDC
GetDesktopWindow
UnregisterDeviceNotification
MenuWindowProcW
GetClipboardData
CreateDialogIndirectParamAorW
GetWindowRect
GetClientRect
GetWindowTextW
FindWindowA

kernel32

GetFileAttributesW
AddAtomA
GetCompressedFileSizeW
AddConsoleAliasA
GetCurrentProcess
CloseHandle
GetCommandLineA
AddConsoleAliasW
GetConsoleWindow
lstrlenW
WriteFile
CopyFileA
GetCurrentProcessId
GetConsoleTitleW
GetCommandLineW
GetACP
GetVersion
lstrcmpW
GetCompressedFileSizeA
CreateFileA
GetConsoleTitleA
lstrcmpA
lstrlenA
GetSystemTime
GetLocalTime
GetCurrentThreadId
VirtualAlloc
GetStartupInfoW
ReadFile
GetFileAttributesA
VirtualFree
GetCurrentThread

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8159e8aca9279f139004aa4f3ad9f326

Headers

File Characteristics

Imports

secur32

odbccr32

crtdll

msvbvm60

cmpbk32

user32

kernel32

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 29KB - Virtual size: 28KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 29KB - Virtual size: 28KB