b4c23551e862b3b21b35f3984ea88d278f9ec4b78fe88460f5f63fa64beb83ae

Sharing

Copy URL

Twitter E-mail

General

Target

b4c23551e862b3b21b35f3984ea88d278f9ec4b78fe88460f5f63fa64beb83ae
Size

604KB
MD5

73f00dce07e433dded8d9ad2fdfaaec0
SHA1

2a444b5d2a61d3b322a631405fb9968df8f15a9b
SHA256

b4c23551e862b3b21b35f3984ea88d278f9ec4b78fe88460f5f63fa64beb83ae
SHA512

5d10eccf00094af9ed26707669d9511202b56d240bb8c3e9a12fc08b02da77caaca9a95be9a703ebee0ffbd6b87b83d155c812cef051bd81a06e7b65dfe88851
SSDEEP

12288:TaR/IXT3c9E2ERGO4AsPgWx2yd0dsKIfi95ukk49:T4/aT3c9E22GU0Qy0iji9o49

Score

N/A

Malware Config

Signatures

Files

b4c23551e862b3b21b35f3984ea88d278f9ec4b78fe88460f5f63fa64beb83ae
.exe windows x86

12a69483b4e40791a8546ca254a808af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW
ShellExecuteW

kernel32

InitializeCriticalSection
InterlockedDecrement
MulDiv
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
LocalFree
GetTempPathW
CloseHandle
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetExitCodeThread
CreateThread
TlsAlloc
TlsFree
TlsGetValue
GlobalFree
CreateFileW
SizeofResource
LockResource
LoadResource
FindResourceW
GetModuleHandleW
GetWindowsDirectoryW
DeviceIoControl
GetLastError
GetVersionExW
GetVolumeInformationW
WaitForSingleObject
CreateRemoteThread
GetProcAddress
GetCurrentThreadId
CompareFileTime
SystemTimeToFileTime
GetStartupInfoW
lstrlenA
MultiByteToWideChar
GetSystemDirectoryW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
Sleep

user32

GetDC
GetActiveWindow
DialogBoxParamW
PostThreadMessageW
FindWindowW
GetWindowThreadProcessId
PostMessageW
ShowWindow
InvalidateRect
UpdateWindow
GetMessageW
DispatchMessageW
DestroyWindow
CallWindowProcW
ReleaseDC
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
RedrawWindow
IsWindow
FillRect
MessageBoxW
GetWindowTextW
SetFocus
HideCaret
SetWindowLongW
CreateWindowExW
GetWindowDC
DefWindowProcW
GetWindowLongW
GetParent
GetWindow
SystemParametersInfoW
MapWindowPoints
SetWindowPos
EndDialog
GetWindowRect
MoveWindow
GetClientRect
SendMessageW
SetWindowTextW

gdi32

GetDeviceCaps
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
DeleteDC
DeleteObject
CreateFontW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsTextUnicode

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID

oleaut32

OleLoadPicture
SysAllocString
VariantInit
VariantCopy
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantChangeType
CreateErrorInfo

msvcp60

?do_scan_not@?$ctype@G@std@@MBEPBGFPBG0@Z
?do_tolower@?$ctype@G@std@@MBEPBGPAGPBG@Z
?do_tolower@?$ctype@G@std@@MBEGG@Z
?do_toupper@?$ctype@G@std@@MBEPBGPAGPBG@Z
?do_toupper@?$ctype@G@std@@MBEGG@Z
?do_widen@?$ctype@G@std@@MBEPBDPBD0PAG@Z
?do_widen@?$ctype@G@std@@MBEGD@Z
?do_narrow@?$ctype@G@std@@MBEPBGPBG0DPAD@Z
?do_narrow@?$ctype@G@std@@MBEDGD@Z
??1?$ctype@D@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Iscloc@locale@std@@QBE_NXZ
??0?$ctype@D@std@@QAE@PBF_NI@Z
??1_Lockit@std@@QAE@XZ
??_7bad_cast@std@@6B@
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
?do_tolower@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_tolower@?$ctype@D@std@@MBEDD@Z
?do_toupper@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_toupper@?$ctype@D@std@@MBEDD@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??1locale@std@@QAE@XZ
??0locale@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?do_is@?$ctype@G@std@@MBE_NFG@Z
?do_is@?$ctype@G@std@@MBEPBGPBG0PAF@Z
??0?$ctype@G@std@@QAE@I@Z
?_Xran@std@@YAXXZ
?id@?$ctype@G@std@@2V0locale@2@A
??1?$ctype@G@std@@UAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBGI@Z
?do_scan_is@?$ctype@G@std@@MBEPBGFPBG0@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0runtime_error@std@@QAE@ABV01@@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Xlen@std@@YAXXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?_Doraise@runtime_error@std@@MBEXXZ
?what@runtime_error@std@@UBEPBDXZ
??_7runtime_error@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

msvcrt

fclose
fwrite
_wfopen
srand
clock
_wgetenv
??0exception@@QAE@ABV0@@Z
abs
time
_CxxThrowException
_wtol
_lrotr
malloc
free
wcstok
_wsplitpath
strcpy
rand
??0exception@@QAE@ABQBD@Z
sprintf
strncpy
memcmp
strcat
isalnum
_lrotl
wcscat
localtime
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_findclose
wcscmp
_wfindnext
_wfindfirst
_wgetcwd
__CxxFrameHandler
swprintf
memcpy
wcslen
wcschr
??2@YAPAXI@Z
_ftol
strlen
__p___wargv
__p___argc
_wremove
_waccess
_wcsicmp
??1exception@@UAE@XZ
wcscpy
memset
fabs
wcsncpy
_wcsnicmp
_wmkdir
_wchdir

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a69483b4e40791a8546ca254a808af

Headers

File Characteristics

Imports

shell32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp60

msvcrt

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 484KB - Virtual size: 481KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 484KB - Virtual size: 481KB