c292c2ad93940e80ede838684f36fdfaa4b48e5b217b77e3bd6a9f9645ccc630

Sharing

Copy URL

Twitter E-mail

General

Target

c292c2ad93940e80ede838684f36fdfaa4b48e5b217b77e3bd6a9f9645ccc630
Size

100KB
MD5

672a0cab9a31b775e98d7dedb8c54107
SHA1

ab9ccd47dc92d7c1cd76b20265bbe647b078fe07
SHA256

c292c2ad93940e80ede838684f36fdfaa4b48e5b217b77e3bd6a9f9645ccc630
SHA512

cc1d14a855f275c418fe788f86fa4912aa18d8ee58aa18588b1cbb099129fa994094828b9dd344536d0d9938082de7cd713a162d4057129d0cfc2b087500707d
SSDEEP

1536:VeaHO8oxHUcNfTB2uIbIqwJ3KH9zFoWx1S4MoIEshsyg6y3l5LS49:HE020IqwJ3aFoWLSkIeD6K59

Score

N/A

Malware Config

Signatures

Files

c292c2ad93940e80ede838684f36fdfaa4b48e5b217b77e3bd6a9f9645ccc630
.exe windows x86

dfef97ef7ae935f0f7e07e9b855df7b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
FreeConsole
SetConsoleTitleA
GetCurrentProcessId
GetStdHandle
SetProcessShutdownParameters
SetConsoleCtrlHandler
AllocConsole
FreeLibrary
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
GetCommandLineW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
EnterCriticalSection
GetStartupInfoA
GetModuleHandleA
LocalFree
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
ConnectNamedPipe
CreateFileA
Sleep
FlushFileBuffers
DisconnectNamedPipe
CreateNamedPipeA
ReadFile
WriteFile
GetLastError
WaitForMultipleObjects
InterlockedExchange
OutputDebugStringA
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
TerminateThread
CloseHandle
GetCurrentThreadId
InterlockedIncrement
ExitProcess
InterlockedDecrement

user32

CreateWindowExA
LoadImageA
LoadMenuA
DefWindowProcA
PostQuitMessage
DestroyMenu
DestroyIcon
GetSubMenu
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
FindWindowExA
GetSystemMenu
DeleteMenu
PostMessageA
FindWindowA
GetClassInfoA
TrackPopupMenu
SetForegroundWindow
InsertMenuA
GetCursorPos

advapi32

RegQueryValueExW
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW

shell32

Shell_NotifyIconA
CommandLineToArgvW
ShellExecuteA

oleaut32

SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringLen
SysStringByteLen
SysAllocStringLen
VariantClear

msvcp71

?_Nomemory@std@@YAXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Xran@_String_base@std@@QBEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msvcr71

__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_purecall
??3@YAXPAX@Z
wcslen
swprintf
_CxxThrowException
__CxxFrameHandler
ctime
time
??0exception@@QAE@ABV0@@Z
_makepath
strrchr
_splitpath
_beginthreadex
fclose
sprintf
_iob
_fdopen
_open_osfhandle
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_findclose
_findnext
_findfirst
wcscmp
printf
??_V@YAXPAX@Z
free
_read
malloc
_close
_fstat
_open
vprintf
_wcsicmp
strncpy
strchr
_acmdln
_except_handler3
_callnewh
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_controlfp

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfef97ef7ae935f0f7e07e9b855df7b0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

oleaut32

msvcp71

msvcr71

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB