6de6bb8c54d96c26e28c03e18bbeed0781438315ce5d10d5aa7c42435d0a84d0

Sharing

Copy URL Twitter E-mail

General

Target

6de6bb8c54d96c26e28c03e18bbeed0781438315ce5d10d5aa7c42435d0a84d0
Size

573KB
MD5

5a8eabe87e624d0c17fcc1e25f9216e0
SHA1

9b628903ca5e383d9e49d27b2a5055d1ee900d3b
SHA256

6de6bb8c54d96c26e28c03e18bbeed0781438315ce5d10d5aa7c42435d0a84d0
SHA512

070a6606735fe92f37eb0a4a15bc1f7d4510b27f2a31549e38e40b5b6e8c1b8533b5c7a9c83e64b9757613ee3b4ad5d44188e7578c379ddd9c98bc8a52ce39c6
SSDEEP

12288:1POao+OjcySYxFkxwK9neeO3HbId4h7cgLxLQmxv:ZFqkxwIeeU7u4hcSdxv

Score

N/A

Malware Config

Signatures

Files

6de6bb8c54d96c26e28c03e18bbeed0781438315ce5d10d5aa7c42435d0a84d0
.exe windows x86

91fb561820975d546fcecc670f6f1ddc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90u

ord6013
ord1603
ord1250
ord799
ord600
ord1607
ord296
ord290
ord2537
ord814
ord5979
ord1254
ord2676
ord280
ord286
ord813
ord811
ord3729
ord6630
ord3220
ord285
ord3185
ord909
ord801

msvcr90

__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_swprintf
_vswprintf
__argc
__wargv
free
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
toupper
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3

kernel32

FindFirstFileW
FindNextFileW
GetModuleFileNameW
MultiByteToWideChar
LockResource
LoadResource
SizeofResource
FindResourceW
GetModuleHandleW
MapViewOfFile
OpenFileMappingW
GetTickCount
GetLastError
CreateFileMappingW
CloseHandle
UnmapViewOfFile
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTempPathW
GetCurrentProcessId
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
CreateMutexW
WaitForSingleObject
ReleaseMutex
FindClose

user32

wsprintfW
MessageBoxW
LoadStringW

shell32

SHGetFolderPathW

ole32

CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString

msvcp90

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

91fb561820975d546fcecc670f6f1ddc

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

user32

shell32

ole32

oleaut32

msvcp90

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 23KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 23KB

.vmp0
Size: 500KB - Virtual size: 1.6MB