840a72f8f629bcf98916eac937b24ca807200628bef1987d8dba95de9375ec07

Sharing

Copy URL Twitter E-mail

General

Target

840a72f8f629bcf98916eac937b24ca807200628bef1987d8dba95de9375ec07
Size

696KB
MD5

73ae1347547d0036c8743956d1403ef8
SHA1

d6b90cc71559ee08612db7f0fc1699ec6e6995ad
SHA256

840a72f8f629bcf98916eac937b24ca807200628bef1987d8dba95de9375ec07
SHA512

0b3e45822a2873619b6c8ac19667b48c2663b35da31a4516169f8e71fb313cd8b5a67464a2977da2f208be7cea4492be2d3305a7b04ff548a5f799c5a9540b0b
SSDEEP

6144:b6LrjdQ1XEm9jPJow1KB+W+wRILo7dLwMSxL/rbqiwuMw+fT3ZIYZANztUTDteo2:bslg1S+W+wszxLjbqit+fkoeoYj

Score

N/A

Malware Config

Signatures

Files

840a72f8f629bcf98916eac937b24ca807200628bef1987d8dba95de9375ec07
.exe windows x86

c916098f9480a72a3dc634429ba50f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

insdvcps2000.idc

??0CCzConfigPS2000@@QAE@XZ
??_DCCzVATPS2000@@QAEXXZ
??_DCCzConfigPS2000@@QAEXXZ
InitPS2000Cfg

mfc42

ord537
ord2726
ord5715
ord3954
ord565
ord561
ord815
ord1575
ord2814
ord3810
ord6282
ord805
ord926
ord5856
ord941
ord939
ord3613
ord2458
ord543
ord453
ord5710
ord1832
ord4167
ord1238
ord3832
ord3315
ord1648
ord2063
ord463
ord3115
ord1572
ord5310
ord2105
ord539
ord1229
ord1175
ord1948
ord1169
ord348
ord521
ord6307
ord4424
ord2256
ord817
ord3079
ord4622
ord4080
ord3830
ord3825
ord3831
ord3081
ord3353
ord2976
ord3136
ord2985
ord3262
ord3147
ord4465
ord3259
ord5307
ord2982
ord5289
ord5303
ord4699
ord4079
ord2396
ord5300
ord3346
ord5675
ord924
ord3470
ord803
ord968
ord6289
ord350
ord663
ord3584
ord6283
ord3126
ord5651
ord2614
ord2919
ord5572
ord3663
ord940
ord535
ord4129
ord3811
ord2820
ord4202
ord4204
ord824
ord823
ord860
ord825
ord2817
ord3030
ord2393
ord826
ord800
ord858
ord922
ord540
ord4160
ord2818

msvcrt

_controlfp
__set_app_type
?terminate@@YAXXZ
_adjust_fdiv
__p__fmode
__p__commode
__getmainargs
__setusermatherr
_initterm
_XcptFilter
_acmdln
exit
__CxxFrameHandler
_purecall
isdigit
isxdigit
atol
_CxxThrowException
memmove
realloc
clock
_ftol
free
malloc
_stricmp
_atoi64
strncpy
_i64toa
_mbscmp
_mbsnbcpy
strtol
fclose
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
_exit
wcslen

kernel32

WaitForMultipleObjects
LoadResource
InterlockedDecrement
InterlockedIncrement
DebugBreak
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
PurgeComm
GetCommModemStatus
DeleteCriticalSection
GetPrivateProfileIntA
Sleep
EscapeCommFunction
OutputDebugStringA
WideCharToMultiByte
SetThreadPriority
GetCurrentThreadId
GetCurrentThread
lstrlenW
SetEvent
ResetEvent
WaitForSingleObject
lstrlenA
GetShortPathNameA
MultiByteToWideChar
GetModuleFileNameA
FreeLibrary
GetModuleHandleA
FindResourceA
GetLastError
SizeofResource
lstrcmpiA
lstrcpynA
LoadLibraryExA
GetCommandLineA
SetPriorityClass
IsDBCSLeadByte
SetCommState
GetCommState
GetCurrentProcess
GetCommTimeouts
CreateFileA
SetCommTimeouts
ReadFile
WriteFile
CloseHandle
WaitCommEvent
SetCommMask
ClearCommError
FormatMessageA
LocalFree
LocalAlloc
GetStartupInfoA
GetExitCodeThread

user32

MessageBoxA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
CharNextA
PostThreadMessageA
DispatchMessageA
IsWindow
wsprintfA
GetMessageA

advapi32

RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegCloseKey
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoRegisterClassObject
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoRevokeClassObject
CoSuspendClassObjects
CoUninitialize
CoInitializeSecurity
CoInitialize
CoTaskMemRealloc

oleaut32

SysAllocStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SysStringByteLen
VariantCopy
SysAllocString
VarUI4FromStr
VariantInit
VariantClear
SysFreeString
VariantChangeType
SetErrorInfo
GetErrorInfo
CreateErrorInfo

msvcp60

??1ios_base@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0ios_base@std@@IAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0locale@std@@QAE@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1locale@std@@QAE@XZ
??_7ios_base@std@@6B@
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1strstreambuf@std@@UAE@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?_Stinit@?1??_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@23@@Z@4HA
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@
?_Init@ios_base@std@@IAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?pbackfail@strstreambuf@std@@MAEHH@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1istrstream@std@@UAE@XZ
??1ostrstream@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Fpz@std@@3_JB
?clear@ios_base@std@@QAEXH_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??1_Lockit@std@@QAE@XZ
?_Global@_Locimp@locale@std@@0PAV123@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?freeze@strstreambuf@std@@QAEX_N@Z
?ends@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?setf@ios_base@std@@QAEHHH@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1strstream@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setprecision@std@@YA?AU?$_Smanip@H@1@H@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JW4seekdir@ios_base@2@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z

Sections

.text
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c916098f9480a72a3dc634429ba50f88

Headers

File Characteristics

Imports

insdvcps2000.idc

mfc42

msvcrt

kernel32

user32

advapi32

ole32

oleaut32

msvcp60

Sections

.text Size: 476KB - Virtual size: 472KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 5KB

.idata Size: 12KB - Virtual size: 11KB

.rsrc Size: 36KB - Virtual size: 32KB

.reloc Size: 100KB - Virtual size: 100KB

.text
Size: 476KB - Virtual size: 472KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 5KB

.idata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 36KB - Virtual size: 32KB

.reloc
Size: 100KB - Virtual size: 100KB