4f232466bcdc754ec92e361f0a601a20610a2f854505a622764d9de9c3a78e41

Sharing

Copy URL Twitter E-mail

General

Target

4f232466bcdc754ec92e361f0a601a20610a2f854505a622764d9de9c3a78e41
Size

180KB
MD5

df776f4eb39724a91c21efe322d2daa6
SHA1

ec5ce58b9cdaa6d37e7f2d9108911fd58ee3a2ea
SHA256

4f232466bcdc754ec92e361f0a601a20610a2f854505a622764d9de9c3a78e41
SHA512

a6e3b04926a9a50a7eed5719a3b6b34b5ac8e4df6cc7ef903f52087ae5ec7571aa94f76277af63d5a904b8329260ccd76b1711abb4ae8ae53413a1c582dac16b
SSDEEP

3072:lHOIi3yCtNxp4sF8BEfsY0CXUqogdXyOanQTr3gdJL4lmd7CNowMd:lHOlF8B50Xid/L4U7aowk

Score

N/A

Malware Config

Signatures

Files

4f232466bcdc754ec92e361f0a601a20610a2f854505a622764d9de9c3a78e41
.exe windows x86

2c7bf2ca904d5f9695330e55c725ecb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recvfrom
htons
setsockopt
closesocket
sendto
bind
WSAGetLastError
inet_addr
htonl
socket
ntohs
inet_ntoa
gethostbyaddr

msgwnd

?MW_Destroy@@YAXXZ
?MW_ShowMsg@@YAXPBGHH@Z
?MW_ShowMsg@@YAXXZ

etinfo

?mgRefreshMenuText@@YAXPAVCMenu@@PBG@Z
?mgRefreshDlgText@@YAXPAUHWND__@@PBG@Z
?mgViewDlgText@@YAXXZ
?mgLoadLocateString@@YAPBGPBG@Z

sockct

?SockCt_DeInit@@YAXXZ
?SockCt_SendDataA@@YAHHPAXK@Z
?SockCt_CloseA@@YAHH@Z
?SockCt_TCPConnectServerA@@YAHAAHIAAUTSockCt_CallBackInfo@@PBG@Z
?SockCt_Init@@YAHXZ

mfc42u

ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord825
ord815
ord800
ord1197
ord4215
ord2576
ord3649
ord3658
ord641
ord693
ord2430
ord2506
ord858
ord540
ord2613
ord1131
ord2717
ord5261
ord4370
ord4847
ord4992
ord4704
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord5710
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord324
ord4229
ord1143
ord1165
ord2858
ord2371
ord755
ord470
ord861
ord2355
ord2362
ord6330
ord535
ord2810
ord922
ord925
ord2813
ord547
ord2574
ord6051
ord1768
ord4396
ord5286
ord3365
ord3635
ord567
ord2294
ord1637
ord3991
ord3281
ord1569
ord927
ord538
ord6003
ord823
ord3993
ord6266
ord6451
ord2637
ord6195
ord5706
ord6211
ord942
ord4124
ord5679
ord537
ord2385
ord665
ord5438
ord3313
ord353
ord3297
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord4667
ord6370
ord6898

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_controlfp
_wcmdln
exit
_XcptFilter
_exit
__setusermatherr
swscanf
_ftol
ceil
_beginthreadex
wcscpy
wcsrchr
wcslen
swprintf
_wcsicmp
_wsplitpath
wcscmp
__CxxFrameHandler
_initterm
__wgetmainargs

kernel32

GetPrivateProfileStringW
GetStartupInfoW
WritePrivateProfileStringW
GetLastError
CreateFileW
SetFilePointer
WriteFile
CreateProcessW
GetModuleHandleW
lstrlenA
CloseHandle
GetModuleFileNameW
SetPriorityClass
GetCurrentProcess
ReleaseMutex
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetComputerNameW
SetEvent
CreateEventW
CreateDirectoryW
ResetEvent
WaitForSingleObject
GetTickCount
MultiByteToWideChar
CreateMutexW

user32

LoadMenuW
SetTimer
ModifyMenuW
EnableWindow
CreatePopupMenu
PostMessageW
KillTimer
GetCursorPos
SetWindowPos
MessageBoxW
IsWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
AppendMenuW
SendMessageW
LoadIconW
FindWindowW
ShowWindow
SetForegroundWindow
GetSubMenu

advapi32

RegQueryValueExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

shell32

Shell_NotifyIconW

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c7bf2ca904d5f9695330e55c725ecb8

Headers

File Characteristics

Imports

ws2_32

msgwnd

etinfo

sockct

mfc42u

msvcrt

kernel32

user32

advapi32

shell32

msvcp60

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 108KB - Virtual size: 108KB