49c810c465023f49372d5cdf87ae94f8ea14c4252d52bb7565a1eb054c7c8f55

Sharing

Copy URL Twitter E-mail

General

Target

49c810c465023f49372d5cdf87ae94f8ea14c4252d52bb7565a1eb054c7c8f55
Size

475KB
MD5

188e3b1485ba357a5f6302d1a9860569
SHA1

ec17a8e6b016993d9757fad581ae019e1d03decb
SHA256

49c810c465023f49372d5cdf87ae94f8ea14c4252d52bb7565a1eb054c7c8f55
SHA512

25808930b0cec0e3d9849eba823e31c39f300a00a0b82d16437c36122e57fcf4d6c9ea0e8d498bed45bfd0f4fa44530cb26a39f59759418ba3535bbe97a5ba53
SSDEEP

12288:/A9ay1/VQfsQ6r54y0WFZVuyrnKYYLjFU:oX7msQ6r5P7K/jFU

Score

N/A

Malware Config

Signatures

Files

49c810c465023f49372d5cdf87ae94f8ea14c4252d52bb7565a1eb054c7c8f55
.exe windows x86

00bab694ab909a7b3ae96a023ec51eec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
CreateEventA
CreateProcessA
GetOverlappedResult
CancelIo
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetFileSize
SetFilePointer
SetEndOfFile
CreateMutexW
ReleaseMutex
WaitNamedPipeW
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
DisconnectNamedPipe
WriteFile
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
GetSystemDefaultLCID
CompareStringW
GetACP
FindFirstFileW
FindNextFileW
GetTempPathW
GetCurrentDirectoryW
GetFileAttributesW
FindClose
GetTickCount
Sleep
GetLocalTime
SystemTimeToFileTime
GetSystemTimeAsFileTime
ResumeThread
TerminateThread
GetExitCodeThread
LoadLibraryExW
GetWindowsDirectoryW
GetSystemDirectoryW
LocalAlloc
LocalFree
GetModuleFileNameW
GetComputerNameW
GetVersionExW
GetSystemInfo
LoadLibraryA
GetCurrentProcess
ProcessIdToSessionId
SetThreadPriority
GetDiskFreeSpaceExW
GetDriveTypeW
GetLastError
QueryDosDeviceW
ReadFile
CloseHandle
DeviceIoControl
CreateFileW
WaitForSingleObject
SetLastError
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
LoadLibraryW
FreeLibrary
GetProcAddress
CreateEventW
SetEvent
ResetEvent
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleW
GetThreadPriority
OpenThread

msvcr80

_controlfp_s
_except_handler4_common
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_set_invalid_parameter_handler
_invoke_watson
sprintf_s
wcschr
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_errno
rand
srand
_wcsupr_s
wcslen
_vsnwprintf_s
_except_handler3
printf
malloc
free
strlen
_beginthreadex
_wgetenv_s
wcsncmp
memcmp
??2@YAPAXI@Z
_CxxThrowException
??_V@YAXPAX@Z
__CxxFrameHandler3
??3@YAXPAX@Z
_purecall
memset
memmove
memcpy
_wcsnicmp
__iob_func
realloc
vfprintf
abort
memchr
strcmp
qsort
_time64
_lrotl
fprintf
?_type_info_dtor_internal_method@type_info@@QAEXXZ

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z

Sections

.text
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00bab694ab909a7b3ae96a023ec51eec

Headers

File Characteristics

Imports

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 345KB - Virtual size: 345KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 38KB - Virtual size: 54KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 345KB - Virtual size: 345KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 38KB - Virtual size: 54KB

.rsrc
Size: 6KB - Virtual size: 5KB