SecuriteInfo[.]com[.]Variant[.]Babar[.]125059[.]28112[.]9969[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Babar.125059.28112.9969.exe
Size

42KB
MD5

29bc0f523346c5e29af56fd6d8df8c8c
SHA1

6fb36c71f7e18e2011fbcf572db359875e239d45
SHA256

c460a48027425eca82dd897948cfd20668a91d038124b4f85ea5ad04a2f7f4a2
SHA512

a2ee45a782c464c7e675da6772f0468ba1c2aa4f24f9159a8175919bab150372114169c3675e7872e243d8188339ba7c0427d8877d5511d81b4525a84cef16eb
SSDEEP

768:234NY+HA8iRb2j/8i3SJPCotxSVStWHhduTJaG7NaPqAehvcUa8JSje:23MYkqFmYC4tWBctL7Jey

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Variant.Babar.125059.28112.9969.exe
.exe windows x86

d31adcc7c291236a5f034d1b58ef3319

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
memmove
memcpy
_exit
_XcptFilter
exit
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
memset

comctl32

ord17
CreateStatusWindowW
CreateToolbarEx

kernel32

VirtualAlloc
EnumLanguageGroupLocalesW
GetModuleHandleW
ReadFile
GetFileSize
GetStartupInfoW
GlobalUnlock
lstrcpyW
GlobalLock
GlobalAlloc
lstrlenW
HeapFree
HeapAlloc
GetProcessHeap
lstrcmpW
LocalFree
FormatMessageW
GetLastError
CloseHandle
WriteFile
WideCharToMultiByte
CreateFileW
GetCurrentDirectoryW
MultiByteToWideChar
CreateProcessW
lstrcatW
GetWindowsDirectoryW

wininet

CreateUrlCacheGroup
InternetAttemptConnect
InternetConfirmZoneCrossing
InternetSetDialState
FtpSetCurrentDirectoryA
InternetCrackUrlA
FtpSetCurrentDirectoryW
GetUrlCacheEntryInfoExA
FtpGetCurrentDirectoryW
GetUrlCacheEntryInfoA
FindNextUrlCacheEntryExA

odbc32

ord207
ord167
ord70
ord265
ord52
ord260

rpcrt4

MesEncodeFixedBufferHandleCreate
NdrRpcSsDisableAllocate
RpcAsyncInitializeHandle
RpcServerUseProtseqIfExA
UuidCreateNil
RpcBindingInqAuthInfoExA
UuidFromStringA
NdrNsSendReceive

msi

ord85
ord151
ord29
ord167
ord135
ord78
ord145
ord49
ord33

rtutils

RouterLogEventDataA
RouterLogEventStringW
TracePrintfA
RouterLogEventStringA
LogErrorW

user32

LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetCursorPos
CheckDlgButton
IsDlgButtonChecked
EndDialog
GetWindowTextW
GetWindowTextLengthW
GetDlgItem
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SendMessageW
wsprintfW
GetClientRect
IsWindowVisible
MoveWindow
EnableMenuItem
GetMenu
LoadStringW
UpdateWindow
ShowWindow
CreateWindowExW
ReleaseDC
InvertRect
GetDC
SetWindowTextW
DialogBoxParamW
DefWindowProcW
RegisterClassW
LoadCursorW
MessageBoxW
CheckMenuItem
DestroyWindow
SetFocus
SetCapture
ReleaseCapture
GetCapture
SetCursor
ScreenToClient

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueW
RegEnumKeyW
RegGetValueW
RegCreateKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyW
RegEnumValueW

shell32

ShellAboutW

ole32

OleUninitialize
OleInitialize
CLSIDFromString

oleaut32

VariantInit
SysStringLen
LoadTypeLi
SysFreeString
VariantChangeType

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d31adcc7c291236a5f034d1b58ef3319

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

comctl32

kernel32

wininet

odbc32

rpcrt4

msi

rtutils

user32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 2KB