69648d7ddf074e968764af9573196fcc97f23e72667b2e15b39623be84958ee0

Sharing

Copy URL Twitter E-mail

General

Target

69648d7ddf074e968764af9573196fcc97f23e72667b2e15b39623be84958ee0
Size

264KB
MD5

2c911f0ef6915ebbff5e02167ca89e89
SHA1

2a555123f31053e249dfc8c01d9fa8f1737ea10b
SHA256

69648d7ddf074e968764af9573196fcc97f23e72667b2e15b39623be84958ee0
SHA512

7be5e289d6feab0cf61cc7e1a9bb400e892b10ba89188a0f3e2ff87e954e86ae749922453098ed52ad344c3b7b1bc475d0d885d2d3dff898dab387b7b5d12eb1
SSDEEP

3072:V8uQOXsOS5a4C1NCi+QSFCfICsj0VBa4pyPgBFPDdSYjBE1ooy2nPLYTuK:VpJu5a53SFkYwBaAbIY9E138T

Score

1^/10

Malware Config

Signatures

Files

69648d7ddf074e968764af9573196fcc97f23e72667b2e15b39623be84958ee0
.exe windows x86

87ae5550fd06b4200b9be7ecd4710536

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libmysql

mysql_affected_rows
mysql_insert_id
mysql_store_result
mysql_num_rows
mysql_free_result
mysql_data_seek
mysql_fetch_row
mysql_options
mysql_real_escape_string
mysql_ping
mysql_query
mysql_init
mysql_close
mysql_real_connect
mysql_error

kernel32

SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GlobalHandle
TlsFree
GlobalReAlloc
LocalReAlloc
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
CreateDirectoryA
RaiseException
HeapSize
GetACP
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
GetProfileStringA
InterlockedExchange
SetConsoleTitleA
AllocConsole
LeaveCriticalSection
EnterCriticalSection
Sleep
GetCurrentThreadId
TlsSetValue
ResumeThread
CreateThread
TlsAlloc
InitializeCriticalSection
CloseHandle
WaitForSingleObject
CreateProcessA
GetModuleFileNameA
GlobalFree
GlobalAlloc
SuspendThread
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetExitCodeThread
CreateRemoteThread
GetProcAddress
GetModuleHandleA
GetLastError
WriteFile
CreateFileA
Module32Next
UnlockFile
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
TerminateProcess
TlsGetValue
WideCharToMultiByte
MultiByteToWideChar
DeleteCriticalSection
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalLock
LoadResource
FindResourceA
LockResource
GlobalUnlock
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
GetVersion
FreeLibrary
LoadLibraryA
InterlockedDecrement
SetLastError
MulDiv
InterlockedIncrement
lstrlenA
LocalFree
FormatMessageA
lstrcpynA
LocalAlloc
DuplicateHandle
LockFile

user32

CreateWindowExA
DefWindowProcA
GetWindowTextLengthA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
GetTopWindow
CopyRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
CharUpperA
LoadCursorA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
InvalidateRect
GetClassLongA
SetPropA
UnhookWindowsHookEx
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
UpdateWindow
GetFocus
GetCursorPos
GetDlgCtrlID
GetWindowDC
GetDC
SetRect
FillRect
ReleaseDC
EnumWindows
EnumChildWindows
MoveWindow
GetWindowRect
WindowFromPoint
SetForegroundWindow
GetDesktopWindow
GetWindow
GetClassNameA
GetWindowTextA
GetWindowThreadProcessId
AttachThreadInput
GetParent
SetCursorPos
mouse_event
MapVirtualKeyA
PostMessageA
keybd_event
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
IsWindowUnicode
SendMessageA
SetTimer
EnableWindow
LoadIconA
GetPropA
CharNextA
InflateRect
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA

gdi32

GetTextExtentPointA
PatBlt
Escape
ExtTextOutA
RectVisible
PtVisible
GetDeviceCaps
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectA
GetDIBits
DeleteDC
CreateSolidBrush
Rectangle
TextOutA
BitBlt
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

wininet

HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetOpenA
InternetCloseHandle
InternetSetOptionExA
InternetSetStatusCallback
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpAddRequestHeadersA

ws2_32

socket
WSAGetLastError
WSACleanup
recv
closesocket
send
connect
htons
inet_ntoa
gethostbyname
WSAStartup

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87ae5550fd06b4200b9be7ecd4710536

Headers

File Characteristics

Imports

libmysql

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

ws2_32

Sections

.text Size: 196KB - Virtual size: 192KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 196KB - Virtual size: 192KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 12KB - Virtual size: 11KB