af53863d22c9b75846ce08cb72ac1886471dd9c8be114d74d639e697fef41aa4

Sharing

Copy URL

Twitter E-mail

General

Target

af53863d22c9b75846ce08cb72ac1886471dd9c8be114d74d639e697fef41aa4
Size

352KB
MD5

4d469fd117c27918a6d95042e18e6166
SHA1

caae101b6a56e0e7c7eb3855143ca71fa36e0130
SHA256

af53863d22c9b75846ce08cb72ac1886471dd9c8be114d74d639e697fef41aa4
SHA512

022f595a63b956291a477bef23b011f91e70ae0794fd20c1af94052254948a164593b3bb34b793835099047bd086e7d4a0c4ece281df13aed3e91908a12cf8b0
SSDEEP

6144:uihMzvZZHZh+Prl7WOYXXwLzsM8U9gguG4m/eCgz:u/zRZUl+X04M8Unu7m/rgz

Score

N/A

Malware Config

Signatures

Files

af53863d22c9b75846ce08cb72ac1886471dd9c8be114d74d639e697fef41aa4
.exe windows x86

b53dad2036fce2e5ed203c7be86ca2c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
ResetEvent
WaitForMultipleObjects
HeapDestroy
GetLastError
CreateMutexA
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
TerminateThread
GetVolumeInformationA
WritePrivateProfileStringA
GetSystemDirectoryA
GetTickCount
GetModuleHandleA
CreateThread
GetStartupInfoA
LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
lstrcmpA
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
SetEvent
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
CloseHandle
CreateEventA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
FindResourceA
InterlockedDecrement

user32

DefWindowProcA
GetWindowLongA
SetWindowLongA
TrackMouseEvent
EndPaint
BeginPaint
IsDialogMessageA
PostMessageA
IsWindowEnabled
KillTimer
SetTimer
InvalidateRect
GetClientRect
GetDC
ReleaseDC
GetWindowRect
EqualRect
GetParent
GetWindowDC
UpdateLayeredWindow
RegisterClassExA
SystemParametersInfoA
CreateWindowExA
SetWindowPos
PtInRect
ReleaseCapture
GetCapture
PostQuitMessage
DestroyWindow
SetWindowTextA
MoveWindow
GetDlgItem
SetWindowRgn
ScreenToClient
GetSystemMetrics
LoadBitmapA
DrawTextA
GetCursorPos
SetActiveWindow
AttachThreadInput
ShowWindow
SetCapture
CreateDialogIndirectParamA
TranslateAcceleratorA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA
wsprintfA
InvalidateRgn
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
IsWindow
GetClassNameA
GetFocus
IsChild
SetFocus
FillRect
CallWindowProcA
GetSysColor
SendMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
IsWindowVisible
GetForegroundWindow
GetWindowThreadProcessId
BringWindowToTop

gdi32

CreateRoundRectRgn
CreateFontIndirectA
SetTextColor
SetBkMode
CreateRectRgn
CreateCompatibleBitmap
CreateSolidBrush
GetObjectA
CreateRectRgnIndirect
CombineRgn
CreateCompatibleDC
CreateDIBSection
SelectObject
GetDeviceCaps
BitBlt
DeleteDC
GetStockObject
DeleteObject

advapi32

RegOpenKeyExA
RegQueryValueExA

ole32

CoUninitialize
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoInitialize
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
OleDraw
OleCreate
OleSetContainedObject
CoCreateInstance

oleaut32

SysAllocStringLen
OleCreateFontIndirect
GetErrorInfo
SysFreeString
SysAllocString
VariantChangeType
VariantClear
VariantCopy
VariantInit
SysStringLen
LoadRegTypeLi
DispCallFunc

ws2_32

sendto
WSACreateEvent
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAResetEvent
WSACloseEvent
closesocket
inet_addr
htons
WSAGetLastError
socket
WSAStartup
inet_ntoa
gethostbyname
ntohs
htonl
ntohl

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

iphlpapi

GetAdaptersInfo

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_AddMasked

msvcrt

__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
fclose
strrchr
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
atol
_itoa
_ultoa
??0exception@@QAE@ABQBD@Z
malloc
srand
rand
sprintf
memmove
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
atoi
time
_except_handler3
realloc
free
_mbscmp
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
_purecall
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_adjust_fdiv

msvcp60

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1ios_base@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0ios_base@std@@IAE@XZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_8?$basic_ofstream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??_7?$basic_ofstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b53dad2036fce2e5ed203c7be86ca2c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ws2_32

version

iphlpapi

comctl32

msvcrt

msvcp60

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 36KB - Virtual size: 33KB

.text Size: 132KB - Virtual size: 132KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 36KB - Virtual size: 33KB

.text
Size: 132KB - Virtual size: 132KB