8147a63f19624ddf047e893c0459d39197a7b4c8dfb902e041cfb1ec87a99d9f

Sharing

Copy URL Twitter E-mail

General

Target

8147a63f19624ddf047e893c0459d39197a7b4c8dfb902e041cfb1ec87a99d9f
Size

467KB
MD5

e3dc937c4be2e70235b60294bc6452ae
SHA1

b8cc73b2604366df68dc051cefd37ddb80240416
SHA256

8147a63f19624ddf047e893c0459d39197a7b4c8dfb902e041cfb1ec87a99d9f
SHA512

3ee4aa6f049788d9d6432631a9d70cdbe6482ba68925a2aa99912b4c3e296d593d672878924d578b21f0d22cb383316787b6de139758f5309ad4f4b266a2fb0a
SSDEEP

12288:0znmNOY2zFmYPuU3bc5+dity0JkhQwFJojmA1vV238IHGUXNBp:tNO7mYifcQcojmGw3V1Tp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8147a63f19624ddf047e893c0459d39197a7b4c8dfb902e041cfb1ec87a99d9f

Files

8147a63f19624ddf047e893c0459d39197a7b4c8dfb902e041cfb1ec87a99d9f
.exe windows:6 windows x86 arch:x86

562334df50e076c711a54782112d87d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Files\EDK_V3\OCI\CUI\EmpTV_3090180\Release\EmpTV.pdb

Imports

oci

OCIServerDetach
OCISessionBegin
OCIAttrSet
OCIServerAttach
OCIHandleFree
OCILogoff
OCIEnvCreate
OCIBindByName
OCIStmtExecute
OCIDefineByPos
OCIStmtPrepare
OCIErrorGet
OCILogon
OCIHandleAlloc
OCIStmtFetch

kernel32

FileTimeToLocalFileTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
WaitForSingleObject
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
GetOEMCP
GetCPInfo
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetVolumeInformationA
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
GetTimeZoneInformation
ReadConsoleW
ReadConsoleInputW
SetConsoleMode
GetConsoleMode
CreateFileW
EnumSystemLocalesW
IsValidLocale
SetFilePointerEx
GetStdHandle
HeapQueryInformation
GetCommandLineW
GetFileType
SetStdHandle
GetConsoleCP
GetModuleHandleExW
ExitProcess
RtlUnwind
GetStringTypeW
LCMapStringW
CompareStringW
OutputDebugStringW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
GetFileSize
FlushFileBuffers
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
LoadLibraryA
GetSystemDirectoryW
EncodePointer
SetErrorMode
CompareStringA
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetModuleFileNameA
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
FormatMessageA
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
SetLastError
OutputDebugStringA
GetACP
MultiByteToWideChar
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
HeapFree
GetCommandLineA
GetModuleHandleA
CloseHandle
SetConsoleTitleA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
WriteConsoleW

user32

LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CharUpperA
GetWindowThreadProcessId
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetSystemMetrics
SetWindowTextA
IsWindowEnabled
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
LoadIconW
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowRect
RemovePropA
GetPropA
SetPropA
ValidateRect
EndPaint
BeginPaint
GetClientRect
SetRectEmpty
SetForegroundWindow
GetForegroundWindow
UpdateWindow
SetMenu
GetMenu
EnableWindow
GetCapture
GetKeyState
GetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
IsWindowVisible
ClientToScreen
RealChildWindowFromPoint
SetTimer
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
SetCursor
OffsetRect
GetParent
GetSubMenu
GetMenuItemID
GetMenuItemCount
PostMessageA
PostQuitMessage
SendMessageA
GetScrollPos
GetWindowTextA
GetWindowLongA
GetWindow
RegisterWindowMessageA
DispatchMessageA
PeekMessageA
GetMessagePos
GetMessageTime
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsWindow
IsMenu
KillTimer
InvalidateRect
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
DestroyMenu
DestroyWindow
RedrawWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPos

gdi32

GetClipBox
GetStockObject
PtVisible
RectVisible
RestoreDC
SaveDC
SelectObject
SetMapMode
Escape
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
DeleteObject
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
DeleteDC

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA

ole32

CoTaskMemFree
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

562334df50e076c711a54782112d87d7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

oci

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

ole32

oleaut32

oleacc

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 7KB - Virtual size: 19KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 7KB - Virtual size: 19KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 20KB - Virtual size: 19KB