c5d09611abbb159122fd14ee93317053bec0e7612ea49a251ca17d3afc52b9cd

Sharing

Copy URL Twitter E-mail

General

Target

c5d09611abbb159122fd14ee93317053bec0e7612ea49a251ca17d3afc52b9cd
Size

814KB
MD5

32bcd07edeab57e4175f58cc9fbbf5ea
SHA1

fcc465fa21cae70071afd1f73a705b475f87ffc0
SHA256

c5d09611abbb159122fd14ee93317053bec0e7612ea49a251ca17d3afc52b9cd
SHA512

13e7a8d7e54d650a6fe49f65c8e496428ed74ba799e579088e8c423c812487b053f171027d87486bcf3055f3de5ffd115cfdb15f0a29c050abc193ff008b3215
SSDEEP

12288:/5028mvqSf6JmeDoQoEJLuFWyx7ut56SBSDEyQ5FJlzRfjrcn:/W23qSfreDYFZHSBT5FfRffG

Score

N/A

Malware Config

Signatures

Files

c5d09611abbb159122fd14ee93317053bec0e7612ea49a251ca17d3afc52b9cd
.exe windows x86

a6412ae3ed50298245d30fed42c326fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidP_GetUsageValueArray
HidD_GetHidGuid
HidP_GetUsagesEx
HidP_GetExtendedAttributes
HidP_SetData
HidP_GetSpecificButtonCaps
HidP_GetButtonCaps
HidD_GetConfiguration
HidP_MaxDataListLength
HidD_GetPhysicalDescriptor
HidD_SetFeature
HidD_SetNumInputBuffers
HidP_GetData
HidP_TranslateUsagesToI8042ScanCodes
HidP_GetUsages
HidD_GetPreparsedData
HidD_Hello
HidP_SetScaledUsageValue
HidD_GetProductString
HidD_FlushQueue
HidD_GetSerialNumberString
HidP_SetUsages
HidD_GetNumInputBuffers
HidP_UsageListDifference
HidD_FreePreparsedData
HidP_InitializeReportForID
HidD_GetManufacturerString
HidP_GetScaledUsageValue
HidD_GetMsGenreDescriptor
HidD_GetFeature
HidD_GetAttributes
HidP_SetUsageValue
HidD_SetConfiguration
HidD_GetInputReport
HidP_SetUsageValueArray
HidP_GetUsageValue
HidP_UnsetUsages
HidP_GetLinkCollectionNodes
HidP_GetSpecificValueCaps
HidP_GetValueCaps
HidP_MaxUsageListLength
HidD_SetOutputReport
HidP_GetCaps
HidD_GetIndexedString

iphlpapi

_PfUnBindInterface@4
SetTcpEntry
NhpAllocateAndGetInterfaceInfoFromStack
_PfSetLogBuffer@28
do_echo_req
GetBestInterface
AllocateAndGetIpAddrTableFromStack
SetIpForwardEntry
do_echo_rep
GetUdpStatisticsEx
InternalGetIpForwardTable
SetIfEntry
GetBestRoute
InternalDeleteIpNetEntry
Icmp6SendEcho2
SetAdapterIpAddress
InternalDeleteIpForwardEntry
Icmp6ParseReplies
GetUdpStatistics
SetIpNetEntry
GetIcmpStatistics
_PfBindInterfaceToIndex@16
GetIfTable
NhGetGuidFromInterfaceName
_PfTestPacket@20
GetTcpStatistics
GetTcpStatisticsEx
GetIfEntry
DeleteProxyArpEntry
_PfRemoveGlobalFilterFromInterface@8
NTTimeToNTPTime
InternalGetIpNetTable
DeleteIpForwardEntry
IcmpParseReplies
_PfCreateInterface@24

kernel32

GetACP
DeleteFileA
GetModuleHandleA
SetLastError
GetNamedPipeHandleStateW
GetConsoleAliasesLengthW
SetConsoleNumberOfCommandsA
GlobalMemoryStatusEx
GetConsoleTitleW
OpenWaitableTimerA
InitAtomTable
FoldStringW
GetHandleContext
BaseCheckAppcompatCache
LocalFree
SetComPlusPackageInstallStatus
EnumDateFormatsExW
LoadLibraryA
VerLanguageNameA
VirtualAlloc
GetSystemDefaultLangID
CreateRemoteThread
ZombifyActCtx
LZCloseFile
CompareFileTime
GetLocaleInfoW
Process32FirstW
ExpungeConsoleCommandHistoryA
GetOEMCP
GetCommState
GetCommTimeouts
CreateJobSet
RemoveDirectoryA
UpdateResourceA
GlobalGetAtomNameA
GlobalAlloc
CreateActCtxA
lstrcmpW

odbc32

SQLAllocEnv
SQLTables
SQLTablePrivilegesW
SQLMoreResults
SQLParamData
PostComponentError
CursorLibLockDesc
SQLSetScrollOptions
SQLGetCursorNameA
SQLDisconnect
SQLProcedures
SQLError
SQLExecDirectW
SQLGetDiagField
SQLColAttributes
SQLSetConnectAttrA
SQLGetInfoW
SQLSetParam
SQLGetStmtOption
SQLSetDescFieldA
CursorLibLockDbc
SQLConnectW
SQLGetStmtAttr
SQLSetConnectOptionA
SQLForeignKeysW
SQLDriverConnect
SQLErrorW
SQLSetConnectOption
SQLFreeConnect
SQLSetStmtAttr
SQLGetConnectAttrA
SQLBindParameter
SQLGetDescFieldW
SQLSetEnvAttr
SQLCloseCursor
SQLProcedureColumnsW
ValidateErrorQueue
PostODBCComponentError
SQLNativeSql
ODBCGetTryWaitValue
SQLDriversA
SQLGetDescField
SQLSetStmtAttrA
SQLTablePrivilegesA
SQLDescribeParam

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6412ae3ed50298245d30fed42c326fe

Headers

DLL Characteristics

File Characteristics

Imports

hid

iphlpapi

kernel32

odbc32

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 350KB - Virtual size: 350KB

.data Size: 141KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 350KB - Virtual size: 350KB

.data
Size: 141KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B