9be26838bccecc7800726568584429ea3d86ce1b2e67818d2d3ab5162ab8dc42

General

Target

9be26838bccecc7800726568584429ea3d86ce1b2e67818d2d3ab5162ab8dc42
Size

1.1MB
MD5

13c1cfd8c28d8fad5fd073186fedf03d
SHA1

6480848bf4060bd111c874e59f6fa23a76d4fb38
SHA256

9be26838bccecc7800726568584429ea3d86ce1b2e67818d2d3ab5162ab8dc42
SHA512

5d2890747b3ae96e9ed911bffe98b1634344712c9cc5cf91f94ea340dd6313c9de630ff93ee6586a712e156b114388ad8ce564f490212e4630df4ad9ae5fcdbe
SSDEEP

24576:JQkpP0rmlFqo4iSrTFHmK2cng26+yzvCmO6V0nC:JQyPllx49IK2cg43OMC

Score

N/A

Malware Config

Signatures

Files

9be26838bccecc7800726568584429ea3d86ce1b2e67818d2d3ab5162ab8dc42
.exe windows x86

ccddfbc1bf02b45437ded06942acc346

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ShowWindow
BeginPaint
GetMessageA
EndPaint
DestroyWindow
SendMessageA
CreateWindowExA
TranslateMessage
DispatchMessageA
RegisterClassA
UpdateWindow
DefWindowProcA

kernel32

VirtualFree
lstrcpyA
GetVersion
WriteFile
GetSystemTimeAdjustment
WaitForMultipleObjects
InterlockedPushEntrySList
lstrlenA
HeapFree
GetLocalTime
SetFilePointer
TransactNamedPipe
GetSystemTime
ReadFile
GetSystemInfo
SetNamedPipeHandleState
GetNamedPipeHandleStateA
HeapDestroy
CompareStringA
CloseHandle
GetFileTime
ReadFileScatter
WaitNamedPipeA
HeapCreate
CreateFileA
QueryDepthSList
SwitchToThread
ExitProcess
WriteFileGather
VirtualAlloc
InterlockedPopEntrySList
DisconnectNamedPipe
ConnectNamedPipe
HeapAlloc
CreateNamedPipeA
FileTimeToDosDateTime

odbc32

SQLGetInfo
PostODBCError
SQLSetConnectOption
SQLDataSourcesA
ODBCSetTryWaitValue
SQLSetConnectAttrA
SQLEndTran
SQLForeignKeysA
CloseODBCPerfData
SQLSpecialColumns
VFreeErrors
SQLBulkOperations
SQLStatistics
SQLBrowseConnect
SearchStatusCode
SQLAllocHandle
GetODBCSharedData
SQLGetInfoA
SQLExecute
SQLProcedures
SQLFreeStmt
SQLSetConnectAttr
SQLSetCursorNameA
SQLTablePrivilegesA

advpack

UserUnInstStubWrapper
DelNodeRunDLL32
DoInfInstall
RegisterOCX
FileSaveRestoreOnINF
LaunchINFSectionEx
TranslateInfString

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 504KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccddfbc1bf02b45437ded06942acc346

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

odbc32

advpack

Sections

.text Size: 390KB - Virtual size: 390KB

.data Size: 241KB - Virtual size: 241KB

.rsrc Size: 504KB - Virtual size: 3.6MB

.text
Size: 390KB - Virtual size: 390KB

.data
Size: 241KB - Virtual size: 241KB

.rsrc
Size: 504KB - Virtual size: 3.6MB