7f8917968ce6c2e6aedcf32753c638d7c38373f0171c5d9dc9b1ae4eb9674608

Sharing

Copy URL Twitter E-mail

General

Target

7f8917968ce6c2e6aedcf32753c638d7c38373f0171c5d9dc9b1ae4eb9674608
Size

569KB
MD5

6a0a57316e662108334460133b4b2c20
SHA1

6b987a439e4c7145c9021342158e1a13d02ae7d2
SHA256

7f8917968ce6c2e6aedcf32753c638d7c38373f0171c5d9dc9b1ae4eb9674608
SHA512

9d56b59e06c6fab252af9a08d38ca3ed61a82604e05c1df17650baa1dd6e02171e5cdbfe7e301f703daa9e5f1fa98fcd8c0850eb3f3229efbf96e587ea376a90
SSDEEP

6144:hQcRT6d7q7Mndx+O0enIgK54IQzeeeL4/QhZwzZwoCUssl3b0vIswXQ:qch67hIgKKM4Yh0lCPsl3bm

Score

N/A

Malware Config

Signatures

Files

7f8917968ce6c2e6aedcf32753c638d7c38373f0171c5d9dc9b1ae4eb9674608
.exe windows x86

849b1d02e19a9765fa002357747ab15b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleInitialize
OleUninitialize

version

GetFileVersionInfoA
VerQueryValueA

kernel32

GetEnvironmentVariableA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetTickCount
InterlockedIncrement
InterlockedDecrement
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetVersionExA
CreateFileA
FindClose
MoveFileA
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetSystemInfo
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleExA
GetCurrentThreadId
Sleep
GetCommandLineW
FindFirstFileW
lstrlenW
GetModuleFileNameA
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentDirectoryA
IsBadWritePtr
VirtualProtect
IsBadReadPtr
SetUnhandledExceptionFilter
TerminateThread
CreateThread
MultiByteToWideChar
GetCurrentProcess
WriteFile
GetThreadContext
VirtualQuery
OpenProcess
SetFilePointer
GlobalMemoryStatus
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetLastError
DeleteFileA
CreateMutexA
ReleaseMutex
CloseHandle
OpenMutexA
WaitForSingleObject
SetErrorMode
SetEvent
ResetEvent
CreateEventA
lstrlenA
SetEnvironmentVariableA

user32

GetDC
ReleaseDC
RegisterWindowMessageA
RegisterClassExA
GetClassInfoExA
CreateWindowExA
DefWindowProcA
PostThreadMessageA
DestroyWindow
UnregisterClassA
CharPrevA
CharNextA
GetSystemMetrics
SetMessageQueue

advapi32

RegCreateKeyA
RegCreateKeyW
RegSetValueW
RegOpenKeyW
RegEnumKeyA
RegDeleteKeyA
RegQueryValueW
RegQueryValueA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA

gdi32

GetDeviceCaps

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHCreateDirectoryExA

shlwapi

PathAppendW
PathAddBackslashW

msvcp100

?_Xlength_error@std@@YAXPBD@Z

msvcr100

_invoke_watson
_controlfp_s
_putenv
__setusermatherr
_configthreadlocale
_initterm_e
_except_handler4_common
_acmdln
exit
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_fmode
_initterm
??3@YAXPAX@Z
strchr
strncpy
printf
fclose
fprintf
fseek
fopen
strtok
??_V@YAXPAX@Z
_control87
atoi
memset
strrchr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
strncat
_vsnprintf
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
__CxxFrameHandler3
malloc
_purecall
free
realloc
_ismbcspace
memcpy
sprintf
memmove
_stricmp
strtoul
getenv
strstr
_ismbblead
wmemcpy_s
_vscwprintf
vswprintf_s
memcpy_s
memmove_s
??0exception@std@@QAE@ABQBDH@Z
wcstok
_wcsdup
calloc
_recalloc
strtol
wcsnlen
_gmtime32
_time32
vsprintf
asctime
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_commode

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

849b1d02e19a9765fa002357747ab15b

Headers

DLL Characteristics

File Characteristics

Imports

ole32

version

kernel32

user32

advapi32

gdi32

shell32

shlwapi

msvcp100

msvcr100

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 3KB - Virtual size: 315KB

.rsrc Size: 396KB - Virtual size: 395KB

.reloc Size: 89KB - Virtual size: 92KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 3KB - Virtual size: 315KB

.rsrc
Size: 396KB - Virtual size: 395KB

.reloc
Size: 89KB - Virtual size: 92KB