eb301bbee68c0e0a003c1e64c8eaa2f3718d4579177f8e027a3c6a6961da90db

Sharing

Copy URL Twitter E-mail

General

Target

eb301bbee68c0e0a003c1e64c8eaa2f3718d4579177f8e027a3c6a6961da90db
Size

452KB
MD5

64e699965be14666e8ae6ad5eb550f30
SHA1

8888bacf7cfbbb8cca630b7b34f7244c4cadcb38
SHA256

eb301bbee68c0e0a003c1e64c8eaa2f3718d4579177f8e027a3c6a6961da90db
SHA512

401332c37f7262cdfdb1006b0e63f0534619d86d32c6a5e79e3835bc15e07f01c34f47aecae90d419e2220a46a8939d5ae517110eeb7134f06ad7adbc2218b10
SSDEEP

6144:K2GN0DuaBRgOUjYy+l6ao7a07XDt3ErFg0IQLOKfqlhhTSsQLH5Adx6:lPRgOEYDl68IDtUrF9Rq3xSsPdx6

Score

N/A

Malware Config

Signatures

Files

eb301bbee68c0e0a003c1e64c8eaa2f3718d4579177f8e027a3c6a6961da90db
.exe windows x86

69adc9506ea1e88764d084201cbec655

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

mfc80u

ord774
ord1472
ord870
ord631
ord2279
ord2271
ord386
ord3990
ord5524
ord287
ord2742
ord2745
ord3925
ord1479
ord2895
ord6111
ord282
ord6700
ord3390
ord3927
ord2261
ord1476
ord896
ord899
ord5484
ord6086
ord314
ord6751
ord741
ord2121
ord563
ord3311
ord4480
ord2856
ord1590
ord1646
ord1647
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord4179
ord6271
ord5067
ord1899
ord5148
ord4234
ord1393
ord3940
ord1608
ord1611
ord5911
ord6721
ord1582
ord2086
ord3198
ord3204
ord1118
ord1925
ord572
ord2985
ord5196
ord5210
ord777
ord3678
ord5727
ord2366
ord1894
ord1006
ord6063
ord3756
ord3395
ord1271
ord2362
ord6251
ord6061
ord5609
ord2361
ord5398
ord2460
ord587
ord715
ord605
ord354
ord3176
ord4256
ord5199
ord4238
ord1392
ord5908
ord6720
ord1542
ord1661
ord1662
ord2011
ord4884
ord4729
ord4206
ord5178
ord1079
ord3158
ord4226
ord1536
ord2077
ord1058
ord3286
ord1572
ord1634
ord2155
ord4574
ord1785
ord3635
ord2159
ord1430
ord900
ord5319
ord2897
ord629
ord5083
ord384
ord6284
ord5873
ord266
ord265
ord1908
ord383
ord5279
ord418
ord5283
ord5657
ord5102
ord2798
ord421
ord1147
ord5914
ord5558
ord2260
ord1198
ord1431
ord6009
ord5485
ord6173
ord6167
ord277
ord2444
ord3249
ord6166
ord6161
ord1087
ord1162
ord1200
ord581
ord776
ord762
ord2239
ord757
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord566
ord3677
ord283
ord293
ord2311
ord280
ord577
ord764
ord315
ord765
ord753
ord3383

msvcr80

isalpha
tolower
isspace
fclose
_vsnprintf_s
fprintf
fputc
ferror
fseek
ftell
fread
fopen_s
__wargv
strlen
_localtime64_s
wcsftime
_time64
memcpy
_wtoi
memset
getchar
isalnum
wprintf
strncpy_s
strcpy_s
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
_purecall
malloc
free
?_open@@YAHPBDHH@Z
strncmp
__CxxFrameHandler3
strchr
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
vsprintf_s
strrchr
strcpy
strncpy
sprintf
_lseek
_close
_write
_read
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
printf
_lock

kernel32

CopyFileW
ResumeThread
GetTickCount
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
lstrcpyW
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
EndUpdateResourceW
UpdateResourceW
BeginUpdateResourceW
GetModuleFileNameW
GetModuleHandleW
GetDiskFreeSpaceExW
Sleep
WideCharToMultiByte
MultiByteToWideChar
GetLastError
CreateEventW
GetCommandLineW
LocalFree
LocalAlloc
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
DeleteFileW
CreateThread
CreateFileW
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFileTime
CloseHandle
RemoveDirectoryW
CreateDirectoryW
SetFileAttributesW

user32

GetWindowLongW
LoadIconW
LoadCursorW
CopyIcon
GetParent
ReleaseDC
GetDC
GetWindowRect
InflateRect
InvalidateRect
IsWindow
SetCursor
SetCapture
RedrawWindow
GetClientRect
PtInRect
ReleaseCapture
MessageBeep
SendMessageW
EnableWindow
GetSysColor
MessageBoxW
PostMessageW
SetWindowLongW

gdi32

GetObjectW
CreateFontIndirectW
GetStockObject
GetTextExtentPoint32W

advapi32

RegQueryValueW
RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFileExistsW

msvcp80

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xran@_String_base@std@@SAXXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69adc9506ea1e88764d084201cbec655

Headers

File Characteristics

Imports

version

mfc80u

msvcr80

kernel32

user32

gdi32

advapi32

shell32

shlwapi

msvcp80

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 4KB - Virtual size: 1.0MB

.rsrc Size: 220KB - Virtual size: 217KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 4KB - Virtual size: 1.0MB

.rsrc
Size: 220KB - Virtual size: 217KB