6d1fe1c5eecbb4ba3c0d7a7335b26dcd5626d2d2854c308377e83a8466c32282

Sharing

Copy URL Twitter E-mail

General

Target

6d1fe1c5eecbb4ba3c0d7a7335b26dcd5626d2d2854c308377e83a8466c32282
Size

108KB
MD5

5dbe6f11eeaba251b244fe668071f920
SHA1

529d3a999a9662909b008ac845b70e4447594d6d
SHA256

6d1fe1c5eecbb4ba3c0d7a7335b26dcd5626d2d2854c308377e83a8466c32282
SHA512

4bbd76bec9dbaf7fbe01088b04d26039bc4fa8fbe7d64569ece722217e4e11a8eed7cbd47d331f0bebd1b569008d5c48d5e006dfc7daffdbee3c2c3250c1c70d
SSDEEP

3072:yecM6rDfOcOtpEPgGXSDADeak7dJHB/AdG4:eD3OtpEP1SsQLH5Ad/

Score

N/A

Malware Config

Signatures

Files

6d1fe1c5eecbb4ba3c0d7a7335b26dcd5626d2d2854c308377e83a8466c32282
.exe windows x86

aa1f5f4bb1a90debf7e8e1ed22b29f7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc80

ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord6724
ord1551
ord3949
ord1671
ord2020
ord4890
ord4735
ord4212
ord5182
ord6703
ord299
ord1489
ord3997
ord762
ord265
ord266
ord334
ord593
ord784
ord5124
ord1917
ord4541
ord3683
ord566
ord757
ord5119
ord3830
ord1054
ord5975
ord1151
ord421
ord2804
ord5107
ord5661
ord2322
ord3333
ord4481
ord2838
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord3255
ord911
ord1207
ord4486
ord4262
ord3182
ord6067
ord781
ord297
ord304
ord6065
ord1903
ord6090
ord4035
ord2371
ord4580
ord3641
ord1794
ord1084
ord1063
ord587
ord572
ord3164
ord4261
ord2991
ord5214
ord4232
ord1402
ord5915
ord6725
ord1545
ord2086
ord741
ord3317
ord4240
ord1591
ord2095
ord620
ord3195
ord605
ord354
ord578
ord310
ord1670
ord764

msvcr80

_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
__CxxFrameHandler3
_configthreadlocale
atoi
strcpy_s
memcpy
_splitpath
_makepath
fopen
fgets
memset
fclose
_setmbcp
_stricmp
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
fread
ftell
fseek
sprintf
strncpy
malloc
free
_except_handler4_common
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s

kernel32

InterlockedExchange
SetFileAttributesA
Sleep
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFileAttributesA
FileTimeToSystemTime
GetFileAttributesExA
WideCharToMultiByte
DeleteFileA
GetModuleFileNameA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetCurrentDirectoryA

user32

LoadIconA
GetSystemMenu
wsprintfA
EnableWindow
GetWindowRect
GetClientRect
SendMessageA
AppendMenuA
IsWindow

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

comctl32

InitCommonControlsEx

msvcp80

??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa1f5f4bb1a90debf7e8e1ed22b29f7d

Headers

File Characteristics

Imports

mfc80

msvcr80

kernel32

user32

advapi32

comctl32

msvcp80

iphlpapi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 68KB - Virtual size: 65KB