eee37d7208ae8ca2661d6020452d357bce80afb25b391ca9eb92183dede09fc5

Sharing

Copy URL Twitter E-mail

General

Target

eee37d7208ae8ca2661d6020452d357bce80afb25b391ca9eb92183dede09fc5
Size

296KB
MD5

d19a316584c6e0b5b7ee1310cc482f8c
SHA1

4a64c373bcfabd2083dab8f2cce676bea0702abe
SHA256

eee37d7208ae8ca2661d6020452d357bce80afb25b391ca9eb92183dede09fc5
SHA512

a404a9511cf53841d0f672125f593aad13dfe7877c4d3c9f2f94349737d5dfd85b9174d9a7bc5ca7e804b058eaba1d29e01cfb1dbc7da89e568045d8111313d4
SSDEEP

3072:HU8W103qu9w3J2SW3eumodSL3rV2X3ZOXGgszezUVyzLwLcZZl3S3b4aMl+qxWMM:E03qu9w3JVcdSL3Z2eGgpzGxL2xWME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eee37d7208ae8ca2661d6020452d357bce80afb25b391ca9eb92183dede09fc5

Files

eee37d7208ae8ca2661d6020452d357bce80afb25b391ca9eb92183dede09fc5
.exe windows:4 windows x86 arch:x86

0ba0450ef8ed8190ee423a83fe251d9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libmysql

mysql_query
mysql_store_result
mysql_num_rows
mysql_fetch_field
mysql_fetch_row
mysql_num_fields
mysql_free_result
mysql_close
mysql_real_connect
mysql_select_db
mysql_init

kernel32

GetFileTime
SetErrorMode
GetTickCount
RtlUnwind
TerminateProcess
GetStartupInfoA
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetFileSize
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GlobalUnlock
GlobalLock
lstrcpyA
GlobalAlloc
lstrlenA
WideCharToMultiByte
WinExec
SetFileAttributesA
GetFileAttributesA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetLastError
GetVolumeInformationA
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
GetThreadLocale
SizeofResource
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
ExitProcess
CloseHandle
WriteFile
CreateFileA
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
GetProcAddress
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindNextFileA
FindFirstFileA
FindClose
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
lstrcmpA
FormatMessageA
LocalFree
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetStringTypeW

user32

EndDialog
SetWindowContextHelpId
MapDialogRect
wvsprintfA
LoadStringA
GetClassNameA
PtInRect
GetDesktopWindow
LoadCursorA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
CreateDialogIndirectParamA
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetRect
GetWindowTextA
InflateRect
DrawStateA
InvalidateRect
KillTimer
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
GetMessageA
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
SetFocus
DestroyMenu
IsIconic
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
EnableWindow
GetDC
GetTabbedTextExtentA
ReleaseDC
IsWindow
LoadMenuA
GetSubMenu
SendMessageA
GetSystemMetrics
FillRect
GetSysColor
DrawFocusRect
CopyRect
EmptyClipboard
SetClipboardData
OpenClipboard
CloseClipboard
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
MessageBoxA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
GetStockObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RoundRect
CreatePen
CreateSolidBrush
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
GetTextExtentPoint32A

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegSetValueExA
OpenProcessToken

shell32

ShellExecuteA
ShellExecuteExA
SHChangeNotify

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
CoRevokeClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 29.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ba0450ef8ed8190ee423a83fe251d9d

Headers

File Characteristics

Imports

libmysql

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

iphlpapi

Sections

.text Size: 204KB - Virtual size: 201KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 28KB - Virtual size: 29.4MB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 204KB - Virtual size: 201KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 28KB - Virtual size: 29.4MB

.rsrc
Size: 12KB - Virtual size: 11KB