1e2d1168b5adf82398806c456f7174c7a6a4b6f9215d746ad4f1e52ad5913ae3

Sharing

Copy URL Twitter E-mail

General

Target

1e2d1168b5adf82398806c456f7174c7a6a4b6f9215d746ad4f1e52ad5913ae3
Size

152KB
MD5

745aec672db47bb9f8f6aefb72e0a00e
SHA1

58919407d35ae54cf44fc9bd72ed93e8cd0dbfd8
SHA256

1e2d1168b5adf82398806c456f7174c7a6a4b6f9215d746ad4f1e52ad5913ae3
SHA512

20f15f5f1c86da3b2c1f69bcf789dca6bd5e584aa52b4954c69d9b9c10e216fd6956f71a693db032238ed3c017199fdd90b66f0cf45aff35566709a8d1c33528
SSDEEP

1536:nr/ParbRDlwNqBLTr8mo55Nw2i9MWa/UgIp38td1zRCHuvrR0DcAOOfseKM+ZKXU:r/AbxlwMJ8mo7NRVIFu10DPOIseKMdA3

Score

N/A

Malware Config

Signatures

Files

1e2d1168b5adf82398806c456f7174c7a6a4b6f9215d746ad4f1e52ad5913ae3
.exe windows x86

5243a91bad0cfe51ec451b4988e2c4e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_strcmpi
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
clock
_CxxThrowException
realloc
strchr
strncat
exit
printf
time
srand
atoi
rand
strncpy
strcat
strcpy
strcmp
strrchr
_except_handler3
malloc
free
memcmp
??2@YAPAXI@Z
memset
__CxxFrameHandler
strstr
strlen
_ftol
ceil
memmove
memcpy
??3@YAXPAX@Z
_strnicmp
_onexit

ws2_32

gethostbyname
htons
connect
socket
WSACleanup
WSAStartup
closesocket
select
ntohs
setsockopt
send
inet_addr
sendto
htonl
inet_ntoa
WSAGetLastError
gethostname
getsockname
recv

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

mfc42

ord537
ord6648
ord2764
ord4129
ord926
ord924
ord922
ord535
ord858
ord6663
ord860
ord4278
ord2818
ord939
ord6877
ord800
ord540

kernel32

TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
CopyFileA
ReleaseMutex
OpenEventA
SetErrorMode
SetFileAttributesA
CreateMutexA
LocalSize
Process32Next
CreateToolhelp32Snapshot
lstrcmpiA
GetModuleHandleA
GetStartupInfoA
Process32First
DisconnectNamedPipe
CreatePipe
GetSystemDirectoryA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProcessHeap
HeapAlloc
GetModuleFileNameA
OutputDebugStringA
WinExec
TerminateThread
GetTickCount
CreateThread
OpenProcess
FreeLibrary
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
SetLastError
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
SetEvent
InterlockedExchange
CancelIo
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrlenA
CreateProcessA
lstrcatA
GetLogicalDriveStringsA
FindClose
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
HeapFree

user32

IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
GetCursorInfo
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetWindowTextA
SetClipboardData
CloseClipboard
SetCursorPos
WindowFromPoint
SetCapture
mouse_event
MapVirtualKeyA
SystemParametersInfoA
SendMessageA
DestroyCursor
LoadCursorA
wsprintfA
CharNextA
EnumWindows
IsWindow
CloseWindow
CreateWindowExA
PostMessageA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
GetClipboardData
CloseDesktop

gdi32

CreateCompatibleBitmap
GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject

advapi32

AdjustTokenPrivileges
GetTokenInformation
LookupAccountSidA
CreateServiceA
StartServiceCtrlDispatcherA
SetServiceStatus
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
CloseServiceHandle
DeleteService
ControlService
QueryServiceStatus
OpenServiceA
RegSetValueExA
RegCreateKeyA
SetNamedSecurityInfoA
BuildExplicitAccessWithNameA
GetNamedSecurityInfoA
SetEntriesInAclA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
OpenProcessToken
FreeSid
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegEnumValueA
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid

shell32

SHGetSpecialFolderPathA

wininet

InternetOpenUrlA

msvfw32

ICOpen
ICSeqCompressFrameEnd
ICSeqCompressFrame
ICSeqCompressFrameStart
ICSendMessage
ICClose
ICCompressorFree

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

Sections

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5243a91bad0cfe51ec451b4988e2c4e1

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

msvcp60

mfc42

kernel32

user32

gdi32

advapi32

shell32

wininet

msvfw32

wtsapi32

Sections

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 28KB - Virtual size: 27KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 28KB - Virtual size: 27KB