09d31a5ed8e5d8507a2be40a188bfbb0

Sharing

Copy URL Twitter E-mail

General

Target

09d31a5ed8e5d8507a2be40a188bfbb0
Size

44KB
MD5

09d31a5ed8e5d8507a2be40a188bfbb0
SHA1

97d9e421a81e507d352ddc0eb6c7e7dc18d198c1
SHA256

56d1e580b0c590a0cee3ed342da76cc482bf21a86a28d54f1f68303d75ea6130
SHA512

6b29dc2b505f74f94c74221aa7ff817e1d94b96614f90ddf64b3c543d7ea8e685809ea51968ca3438e7823dfab35c44ce068c599877d2eb5001f514f1f18d1f6
SSDEEP

768:vgaiN2B520ATulr6HqDCNJ/w1PM4B5rQvVWkg2dnX6zvCAmhUIlTJ5lzzFQ:vgv8nqTulmCiBw1PMVs2dnqvdm6IVLT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09d31a5ed8e5d8507a2be40a188bfbb0

Files

09d31a5ed8e5d8507a2be40a188bfbb0
.exe windows:5 windows x86 arch:x86

3b3f7b50f25728f66bbe502a0c9c0dce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

NDdeIsValidShareNameA
NDdeSetTrustedShareW
NDdeGetShareSecurityA
NDdeShareEnumW
NDdeShareGetInfoW
NDdeGetShareSecurityW
NDdeShareGetInfoA
NDdeGetErrorStringA
NDdeShareSetInfoA
NDdeSetTrustedShareA
NDdeTrustedShareEnumW
NDdeIsValidAppTopicListA
NDdeShareSetInfoW
NDdeIsValidAppTopicListW
NDdeShareDelA
NDdeGetTrustedShareA
NDdeSpecialCommandW
NDdeGetTrustedShareW
NDdeIsValidShareNameW
NDdeGetErrorStringW

adsldpc

ADSICreateDSObject
ADSIOpenDSObject
LdapModDnS
BerBvFree
LdapTypeToAdsTypeDNWithBinary
ADSISetObjectAttributes
intcmp
ADsEnumClasses
SchemaGetSyntaxOfAttribute
ADsEnumAttributes
BuildADsParentPathFromObjectInfo
LdapParseResult
BuildLDAPPathFromADsPath2
ADSICloseDSObject
?SetExclaimnationDisabler@CLexer@@QAEXH@Z
LdapModifyExtS
FindEntryInSearchTable
BuildADsPathFromParent
SchemaGetStringsFromStringTable
ConvertSidToU2Trustee
ADsGetNextColumnName
ADsDeleteAttributeDefinition
LdapFirstEntry
SchemaOpen
?SetFSlashDisabler@CLexer@@QAEXH@Z
LdapDeleteExtS
LdapSearchExtS
ADSIGetFirstRow

msvcrt

_aexit_rtn
_mbsset
ftell
?raw_name@type_info@@QBEPBDXZ
memmove
signal
freopen
_mbsrchr
__getmainargs
_ismbcalpha
__p__commode
__set_app_type
_umask
_strdup
exit
_Strftime

kernel32

lstrcmpiA
RtlMoveMemory
ContinueDebugEvent
GetVolumeNameForVolumeMountPointW
OpenJobObjectA
CallNamedPipeW
TryEnterCriticalSection
GetLastError
ReadFileEx
GetModuleHandleW
GetCurrentThread
lstrlenA
QueryPerformanceCounter
GetBinaryTypeW
SetCommConfig
GetExitCodeThread
WaitForSingleObject
ConvertDefaultLocale
BeginUpdateResourceA
LoadLibraryW
SetEndOfFile
GetModuleFileNameW
GetLocaleInfoW

opengl32

glPopClientAttrib
wglCopyContext
glNormal3d
glTexGeni
glIndexs
glTexCoord1s
glLightf
glEvalCoord1d
glFogf
glScaled
glGetLightfv
glIndexd
glEvalPoint2
glNormal3iv
glStencilMask
glVertex3d
wglGetPixelFormat
glRects
glDepthMask
glEvalCoord1dv
GlmfInitPlayback
glPixelTransferf
glVertex4iv
glTexCoord3fv
glScalef
glColor3ubv
glTexParameterfv

odbcbcp

bcp_setcolfmt
bcp_done
bcp_readfmtA
SQLCloseEnumServers
SQLInitEnumServers
bcp_columns
bcp_bind
bcp_colfmt
SQLLinkedServers
bcp_exec
bcp_initA
bcp_readfmtW

apphelp

SdbGetStandardDatabaseGUID
SdbGetMsiPackageInformation
SdbQueryData
ApphelpFixMsiPackage
SetPermLayers
SdbSetPermLayerKeys
SdbGetDatabaseMatch
SdbUnregisterDatabase
ApphelpCheckIME
SdbReadStringTag
ApphelpFreeFileAttributes
SdbFindFirstMsiPackage_Str

user32

EndDialog

imgutil

DllCanUnloadNow
SniffStream
DecodeImage
CreateDDrawSurfaceOnDIB
DllGetClassObject
GetMaxMIMEIDBytes
CreateMIMEMap
DitherTo8
IdentifyMIMEType
ComputeInvCMAP

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b3f7b50f25728f66bbe502a0c9c0dce

Headers

DLL Characteristics

File Characteristics

Imports

nddeapi

adsldpc

msvcrt

kernel32

opengl32

odbcbcp

apphelp

user32

imgutil

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 6KB - Virtual size: 5KB