fedb7b1624eb067fb8368c1d627d3563b93c6b7599f1f6656c56f28e01423d27

Sharing

Copy URL

Twitter E-mail

General

Target

fedb7b1624eb067fb8368c1d627d3563b93c6b7599f1f6656c56f28e01423d27
Size

95KB
MD5

6a90cc221f1235fb5ddeb62c7944a370
SHA1

d7cd48eaf86f871e1aaa21ae26b66bf74446fdf0
SHA256

fedb7b1624eb067fb8368c1d627d3563b93c6b7599f1f6656c56f28e01423d27
SHA512

68ca5ecbf341e3e78abcd76ab960108b309bd326645b99d49971111681ba8cd3268642e139371039c707dc91ddeab421447dbb3f8247fbc2512433c2b14a5b49
SSDEEP

1536:mHrJuCVOT9lI5O5zdVUtJXAUqNrzkNXbUj+hmp03zfV7yK:mHr4CVOT9C5O5zdygrwdb8+h007V7yK

Score

N/A

Malware Config

Signatures

Files

fedb7b1624eb067fb8368c1d627d3563b93c6b7599f1f6656c56f28e01423d27
.exe windows x86

3166fd8afdecccd35b594c954af382ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LoadResource
lstrlenA
WideCharToMultiByte
GetModuleFileNameA
GetNativeSystemInfo
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
LockResource
InterlockedExchange
FindResourceA
FindResourceExA
SizeofResource
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetThreadLocale
EnterCriticalSection
RaiseException

user32

SendMessageA
RegisterWindowMessageA
UnregisterClassA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA

ole32

CLSIDFromString

shlwapi

PathAppendA
SHDeleteKeyA
PathRemoveFileSpecA

msvcr80

_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
__setusermatherr
_onexit
_decode_pointer
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_lock
_amsg_exit
memset
strcat_s
_mbslen
_mbsicmp
memmove_s
free
memcpy_s
??3@YAXPAX@Z
_CxxThrowException
_mbsnbcpy
__CxxFrameHandler3

msvcp80

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3166fd8afdecccd35b594c954af382ac

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shlwapi

msvcr80

msvcp80

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 70KB - Virtual size: 72KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 70KB - Virtual size: 72KB