224cc78316a891f4ebac210506686571d588bfe316c8173ec7f21ef8f1f9b78d

Sharing

Copy URL Twitter E-mail

General

Target

224cc78316a891f4ebac210506686571d588bfe316c8173ec7f21ef8f1f9b78d
Size

336KB
MD5

67f83587950ddafc033e270426783b10
SHA1

f1727ed6ab11cd80abae0ebdeeadf05df1f3c66b
SHA256

224cc78316a891f4ebac210506686571d588bfe316c8173ec7f21ef8f1f9b78d
SHA512

273a80b4294846baef1686ac52a25e671987e17bf459d979f032c762560b14827c75930f8f88deb578f0875f68998e75a0c907bf5f9a58f6a86b9919642dcbf9
SSDEEP

6144:3p35n9pWZx6bT7t/btinc7zFiEH4FZIqzT8w22+X6FegkIX:535nTAxCVM8QEKIqzNmgkS

Score

N/A

Malware Config

Signatures

Files

224cc78316a891f4ebac210506686571d588bfe316c8173ec7f21ef8f1f9b78d
.exe windows x86

93e072ae9d19c981c1ff49111d42e972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mslur71

_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_exit
_except_handler3
__dllonexit
_onexit
_controlfp
_strdup
_fileno
_stat
_mkdir
_rmdir
_c_exit
strtol
_ftime
??3@YAXPAX@Z
memcmp
_beginthread
??2@YAPAXI@Z
isalnum
memmove
gmtime
strftime
ctime
mktime
localtime
_daylight
_timezone
tmpnam
strerror
isdigit
sscanf
strncpy
strncat
atol
exit
free
realloc
calloc
malloc
getenv
strstr
fputs
fputc
_errno
fread
fwrite
fflush
time
fopen
fclose
rename
remove
strtok
tolower
memset
memcpy
isspace
strrchr
toupper
strncmp
strchr
atoi
sprintf
strlen
strcpy
strcat
__set_app_type
strcmp
_unlink

wsock32

send
htons
socket
setsockopt
inet_ntoa
connect
gethostname
ioctlsocket
ntohs
recv
WSAGetLastError
select
__WSAFDIsSet
gethostbyname
closesocket
WSACleanup
WSAStartup

pe_cc

_MUMIMEGetParam@8
_MECFreeEventRecord@8
_MECGetAppPath@12
_MECSendEvent@12
_MECCreateEventRecord@8
_MECGetApplicationDirPath@8
_FEGetErrorFormBySystem@12
_UFLCreate@24
_UFLSetLiteral@8
_UFLCountChildren@4
_DPGetc@4
_MUStrToLower@4
_MUFarFree@4
_MUGetDefaultFormExtension@4
_MUMIMEFindMIMETypeSuffix@12
_cp_clearA@4
_DPBigWrite@12
cp_csprintfA
_pe_malloc@4
_MERegisterStrError@28
_MUStrcmp@8
_MUIsFormMIMEType@4
_MIMEManager_GetSingleton@4
_MIMEManager_DeleteParam@16
_IFSObject_ReleaseRef@4
_MUCreateTempFileWithSuffix@8
cp_smprintfA
_MECShutdown@4
_cp_strnicmpA@12
_cp_strcpyA@8
_cp_strstrA@8
_cp_strdupA@4
ActualOnDebugStringf
_DPWrite@16
_UFLGetLiteralByRef@16
_cp_strlenA@4
_UFLDereference@16
_UFLGetRefCode@4
_UFLExtractFile@8
_UFLEncodeFromFile@8
_DPCopyFile@12
_DPClose@4
_cp_mallocA@4
_cp_freeA@4
_UFLReadForm@8
_UFLDestroy@4
_MEIsError@0
_MUFree@4
_MUGetopt@12
_MUIsIdleNeeded@0
_pe_realloc@12
_MECReceiveEvent@20
_MUReadConfigByFileName@8
_MEDisableHandler@8
_MEGetErrorStack@4
_MEEnableHandler@8
_FEGetErrorForm@8
_MECSetApplicationDirPath@8
_MERegisterErrorHandler@36
_MEClearError@4
_MUIdle@0
_MEIsErrorBySystem@4
_MEClearErrorBySystem@4
_MGDeRegisterGlobal@8
_IFSInitialize@12
_MECreateSystem@4
_MERegisterErrorHandlerBySystem@40
_MEAttachThreadToSystem@8
_MUGetCurrentThreadID@4
_MEDetachThreadFromSystem@8
_MUGettimeofday@4
_UFLSetGlobalData@8
_MGIsValidGlobal@8
_MGLookUpGlobal@12
_MGRegisterGlobal@12
_MULStringKeyHash@8
_cp_stristrA@8
_cp_strrchrA@8
_MUKillTrailingWhitespace@4
_MUKillLeadingWhitespace@4
_MURemoveEscapes@4
_MUExtrFileName@4
_DPPutc@8
_MUFreeList@8
ActualDebugStringf
_MUGetDefaultFormMIMEType@4
_UFLWriteFormPool@16
_cp_strncpyA@12
_MURemoveExtraSeparators@8
_UFLReadFormPool@8
_MUGetPathOfSelf@4
_MUExtrDirName@4
_MUStrcat@12
_cp_strcatA@8
_DPRead@16
_MULGetNextEx@28
_MULReleaseCursor@12
_MULDestroyByKey@16
_MUIsFormExtension@4
_MULSetByKey@24
_MULGetSize@12
_pe_clear@4
_MUOpendir@4
_MERegisterStrErrorEx@36
_MURealloc@8
MERegisterErrorEx
_MUStrdup@4
_MUStrlen@4
_DPOpenFile@8
_MUCreateTempFile@4
_MUNeedIdle@0
_MUReaddir@4
_MUClosedir@4
_UFLGetFormFromResource@4
_UFLEncloseFile@20
_UFLSetLiteralByRef@16
_MUStat@8
cp_sprintfA
_UFLWriteForm@16
_UFLWriteDocumentPool@24
_MUGetUserFolder@4
_MULPointerKeyHash@8
_MULCreateHash@12
_MUGetHInstance@4
cp_csmprintfA
_LocalizationManager_GetResourceHandle@16
_MUStricmp@8
_MUStrnicmp@12
_MULDestroyList@8
_cp_strncmpA@12
_MURegisterCallback@20
_MUSetHInstance@4
_MUGetFolderPathOfSelf@4
_IFXScanForExtensions@8
_LocalizationManager_SetDefaultLocale@4
_MECInitialize@4
_MEDestroySystem@4
_MECSetIdentifier@12
_LocalizationManager_GetString@12
_MUDeRegisterCallback@4
_ConfigManager_GetSingleton@4
_ConfigManager_GetFromCurrentConfig@12
_cp_strchrA@8
_cp_stricmpA@8
cp_saprintfA
_cp_reallocA@12
_DPOpenMem@12
_DPSeek@12
_cp_strcmpA@8
_DPTell@4
_MUBuildList@12

kernel32

WaitForSingleObject
CreateProcessA
CreateEventA
CreateMutexA
ReleaseMutex
ReadFile
WriteFile
GetPrivateProfileStringA
GlobalFindAtomA
SetEvent
GetTempPathA
GlobalDeleteAtom
GetStartupInfoA
GetModuleHandleA
WinExec
GetVersionExA
GetProcessHeap
HeapFree
HeapAlloc
OpenProcess
CloseHandle
GetTickCount
GlobalAddAtomA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetProcAddress
FreeLibrary
SetLastError
Sleep
GetLastError
GetModuleFileNameA
GetStdHandle
MultiByteToWideChar

user32

DdeNameService
DdeGetLastError
DdeFreeStringHandle
DdeKeepStringHandle
UpdateWindow
InvalidateRect
CopyRect
GetClientRect
ShowWindow
IsIconic
SetWindowPos
GetDesktopWindow
GetWindowRect
PostMessageA
SendMessageA
GetDlgItem
EndDialog
SetDlgItemTextA
GetDlgItemTextA
DrawTextA
DialogBoxParamA
SetForegroundWindow
FindWindowA
GetWindowThreadProcessId
MsgWaitForMultipleObjects
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
DdeConnect
DdeConnectList
DdeQueryConvInfo
DdeCmpStringHandles
DdeQueryNextServer
DdeDisconnectList
DdeUninitialize
DdeCreateDataHandle
DdeQueryStringA
DdeDisconnect
DdeClientTransaction
DdeAccessData
DdeUnaccessData
DdeFreeDataHandle
DdeInitializeA
DdeCreateStringHandleA
GetClassInfoA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetSystemMenu
InsertMenuA
BeginPaint
FillRect
DrawIcon
EndPaint
DefWindowProcA

gdi32

DeleteObject
CreatePen
CreatePalette
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectPalette
RealizePalette
CreateSolidBrush
SelectObject
Rectangle
MoveToEx
LineTo

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA

shell32

FindExecutableA

ole32

OleUninitialize
CLSIDFromProgID
CoCreateInstance
GetRunningObjectTable
CreateItemMoniker
OleInitialize

oleaut32

SysAllocString
VariantChangeType
VariantInit
SysFreeString
SysAllocStringLen

Sections

.text
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93e072ae9d19c981c1ff49111d42e972

Headers

File Characteristics

Imports

mslur71

wsock32

pe_cc

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 224KB - Virtual size: 220KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 1KB

.rmnet Size: 52KB - Virtual size: 52KB

.text
Size: 224KB - Virtual size: 220KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 1KB

.rmnet
Size: 52KB - Virtual size: 52KB