36ac3c4f3a84fbaaa8a6cac95d7e1e915c563cf83dd7cf2092903063dbe36f7b

Sharing

Copy URL

Twitter E-mail

General

Target

36ac3c4f3a84fbaaa8a6cac95d7e1e915c563cf83dd7cf2092903063dbe36f7b
Size

247KB
MD5

4a3ac74ca0eb4398979158dd004df340
SHA1

8057977a427fccc9de78c9e4d151cb108ef298dc
SHA256

36ac3c4f3a84fbaaa8a6cac95d7e1e915c563cf83dd7cf2092903063dbe36f7b
SHA512

7420581fc6e79e2f70b29959753bf2ab3ff726b8d1c81711b3c04027562bf4c3a73562c7a32b7fe037658bc6728e6e85ef0e94db5de1cb3caa298b10629eed45
SSDEEP

3072:tg9ldijtz8ji0a6KT0MP3OY5hObYohoa2bkTssiMan0fIjj+sshzJOTG73IPBGnz:alMtz8j+0th8Ylan0f0shUG74X0FAr8

Score

N/A

Malware Config

Signatures

Files

36ac3c4f3a84fbaaa8a6cac95d7e1e915c563cf83dd7cf2092903063dbe36f7b
.exe windows x86

e29595a3468758abac35f7fe24812439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
wcscat
wcscpy
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
wcstombs
_mbsicmp
_mbslwr
memmove
??8type_info@@QBEHABV0@@Z
__RTtypeid
_itoa
putc
fputc
vfprintf
fprintf
_iob
_strcmpi
printf
strtol
_dup2
freopen
sscanf
realloc
?terminate@@YAXXZ
_mbscmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
free
_CxxThrowException
malloc
fopen
fclose
_purecall
fputs
exit
getc
_stricmp
sprintf
wcslen
__CxxFrameHandler

msvcirt

?flush@@YAAAVostream@@AAV1@@Z
?cin@@3Vistream_withassign@@A
?get@istream@@QAEAAV1@PADHD@Z
??0ostrstream@@QAE@XZ
??6ostream@@QAEAAV0@K@Z
?str@ostrstream@@QAEPADXZ
??1ostrstream@@UAE@XZ
??_Dostrstream@@QAEXXZ
??0strstream@@QAE@XZ
?ends@@YAAAVostream@@AAV1@@Z
?str@strstream@@QAEPADXZ
??1strstream@@UAE@XZ
??1ios@@UAE@XZ
??_Dstrstream@@QAEXXZ
??6ostream@@QAEAAV0@J@Z
?cout@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z
?cerr@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
?fd@ifstream@@QBEHXZ
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@D@Z

kernel32

FindNextFileA
FindClose
CreateFileA
CloseHandle
GetFullPathNameA
FindFirstFileA
InterlockedIncrement
lstrlenA
WideCharToMultiByte
InterlockedDecrement
SetCurrentDirectoryA
GetCurrentDirectoryA
GetComputerNameA
GetLocalTime
LoadLibraryA
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString
SafeArrayPutElement
SafeArrayCreate

ole32

CoUninitialize
CoCreateInstance
CoInitialize

user32

LoadStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
GetUserNameA
RegQueryValueExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e29595a3468758abac35f7fe24812439

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msvcirt

kernel32

oleaut32

ole32

user32

advapi32

version

Sections

.text Size: 211KB - Virtual size: 210KB

.data Size: 18KB - Virtual size: 18KB

.rsrc Size: 17KB - Virtual size: 21KB

.text
Size: 211KB - Virtual size: 210KB

.data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 17KB - Virtual size: 21KB