d7afcbe05cb59c439f81b011d439a9dec71130fabcd9da44f4c06be92d6de490

Sharing

Copy URL

Twitter E-mail

General

Target

d7afcbe05cb59c439f81b011d439a9dec71130fabcd9da44f4c06be92d6de490
Size

221KB
MD5

1744b33454f56ed316488487eee5c50e
SHA1

7f47576dcd8d7423b4ff31ecb75bd0b76270a046
SHA256

d7afcbe05cb59c439f81b011d439a9dec71130fabcd9da44f4c06be92d6de490
SHA512

4b5c8023020ca818264565fe36de217026c2dc4217721bb842c212b1ec8e084f16e46c3d2ee89f4e146574a18a8b91bbc72c33e49f805e96a66acf0f10d0e74c
SSDEEP

3072:yQWey0fJwAsEMH4J0pOBHJ0sVfEzCVnuDgbACruGnzOJfNYrRaQmbgPJH:y3ifJAEa4yONq4nlbFrwJfQsoH

Score

N/A

Malware Config

Signatures

Files

d7afcbe05cb59c439f81b011d439a9dec71130fabcd9da44f4c06be92d6de490
.exe windows x86

87c0776fc1cea2cd6634e4c74d228218

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc80u

ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4238
ord1393
ord3940
ord1608
ord1611
ord5911
ord6721
ord1534
ord1626
ord2388
ord1118
ord1925
ord3204
ord3281
ord583
ord2895
ord2366
ord4027
ord5636
ord5637
ord502
ord2361
ord1386
ord6063
ord2121
ord1178
ord1182
ord3590
ord3155
ord1270
ord5633
ord602
ord347
ord1156
ord6086
ord760
ord1271
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord764
ord2531
ord2725
ord2829
ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord2985
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord4255
ord3151
ord572
ord6747
ord380
ord3451
ord2461
ord1021
ord746
ord1176
ord762
ord1197
ord268
ord280
ord283
ord6133
ord3927
ord1476
ord774
ord1003
ord558
ord293
ord2311
ord287
ord2460
ord5398
ord4074
ord5485
ord870
ord577
ord1079
ord776
ord1058

msvcr80

_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
__CxxFrameHandler3
_wcsnicmp
_CxxThrowException
memset
wcsrchr
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
free
_wsplitpath
malloc
wcsncpy
calloc
_waccess
memcpy_s
_recalloc
_resetstkoflw
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
__setusermatherr

kernel32

GetFileAttributesW
GetProcAddress
WaitForSingleObject
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetCurrentProcessId
CreateEventW
GetModuleFileNameW
GetPrivateProfileIntW
GetVersion
InterlockedCompareExchange
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
SetEvent
GlobalDeleteAtom
GlobalFindAtomW
CreateMutexW
GetVersionExW
ReleaseMutex
LoadLibraryW
GetLastError
SetLastError
OutputDebugStringA
LoadLibraryExW
FreeLibrary
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetACP
HeapFree
HeapAlloc
GetProcessHeap
GetFileSize
OutputDebugStringW
ReadFile
CreateFileW
lstrcmpiW
lstrcpyW
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
Sleep
DeleteCriticalSection
InitializeCriticalSection
lstrlenW

user32

BeginPaint
FindWindowW
RedrawWindow
EndDialog
ShowWindow
GetDesktopWindow
LoadCursorW
UpdateLayeredWindow
IsWindow
IsRectEmpty
InflateRect
SetWindowTextW
GetDC
SetRect
CopyRect
DrawTextW
LoadStringW
ReleaseDC
GetParent
EndPaint
GetWindowLongW
AdjustWindowRect
SetWindowPos
OffsetRect
CreateDialogParamW
EnableWindow
GetSystemMetrics
DestroyWindow
InvalidateRect
UpdateWindow
GetWindowRect
SendMessageW
GetMessageW
DispatchMessageW
TranslateMessage
DdeInitializeW
DdeCreateStringHandleW
DdeGetData
DdeNameService
GetSysColor
GetClientRect
PostThreadMessageW
DdeUninitialize

gdi32

GetObjectW
SetDIBColorTable
SelectPalette
RealizePalette
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetBkMode
SetTextAlign
TextOutW
GetTextExtentPoint32W
RectVisible
CreateCompatibleDC
DeleteDC
SelectObject
GetTextMetricsW
CreateFontIndirectW
GetTextFaceW
DeleteObject
GetStockObject
GetNearestColor
CreateSolidBrush
Rectangle
GetDeviceCaps
CreatePalette
StretchDIBits
CreateDIBSection

gdiplus

GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipAlloc
GdipFree
GdipDeleteGraphics

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87c0776fc1cea2cd6634e4c74d228218

Headers

File Characteristics

Imports

mfc80u

msvcr80

kernel32

user32

gdi32

gdiplus

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 164KB - Virtual size: 164KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 164KB - Virtual size: 164KB