19ab5987cfd5f8d4bb734d8fc1e4615e36a964905d5de12d726a9146ce445e89

Sharing

Copy URL Twitter E-mail

General

Target

19ab5987cfd5f8d4bb734d8fc1e4615e36a964905d5de12d726a9146ce445e89
Size

292KB
MD5

7c98dbf9c5b4e22ab6d5a4ba15e803e1
SHA1

c9bc6470dbb56f3c48ce3c141ccc9260746e8676
SHA256

19ab5987cfd5f8d4bb734d8fc1e4615e36a964905d5de12d726a9146ce445e89
SHA512

77ffbd41c50c9cc0e82750b59365274018fda1935e229808bf5a3b7bab14f8b1aa524c13a1142b015b1591d6792640de603b518087d3e5f141173cf19220bc5c
SSDEEP

3072:VMIiKpdEJu6HnG3xU0X5uJEvfnf6Zkbt2Oco2SqX+M45j3xoJ/LrxtUup9ZQe7n8:V/7SXpBYff6Ob/ySqXx46scH17OUHG

Score

N/A

Malware Config

Signatures

Files

19ab5987cfd5f8d4bb734d8fc1e4615e36a964905d5de12d726a9146ce445e89
.exe windows x86

04d1044b8bbdf6243ac2c4debeb23b53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

filectrl

?FileSetUpdateAppList@@YAHXZ
?FileExitSys@@YAHXZ
?FileSetCtrlFlag@@YAHE@Z
?FileInitalSys@@YAHEEE@Z
?FileSetServFlag@@YAHE@Z
?FileGetLog@@YAHPAU_FILE_LOG@@@Z

mfc71

ord1207
ord764
ord578
ord781
ord4108
ord5529
ord785
ord310
ord911
ord297
ord4109
ord304
ord2468
ord5491
ord629
ord1439
ord5089
ord384
ord784
ord266
ord265
ord762
ord1084
ord4035
ord6288
ord2469
ord5323
ord6180
ord6174
ord4541
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord757

msvcr71

_mbsnbcpy
_access
_stat
time
_itoa
fputs
_strlwr
fgets
fwrite
strncmp
printf
_stricmp
_mbslwr
strftime
_localtime64
_time64
__p___argc
__p___argv
_splitpath
_mbscmp
fprintf
fscanf
difftime
realloc
wcsstr
_vsnprintf
vfprintf
_close
_read
_open
_setmbcp
abort
memchr
strcmp
localtime
isspace
isalnum
qsort
fflush
_setmode
ftell
fseek
_purecall
atoi
tolower
isalpha
memset
__security_error_handler
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_iob
_controlfp
__CxxFrameHandler
fopen
fread
strchr
_mbsicmp
malloc
free
_except_handler3
sprintf
fclose
_mbsrchr
strncpy

kernel32

GetSystemTimeAsFileTime
GetStartupInfoA
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetStdHandle
GetFileType
GetCurrentThreadId
GetDiskFreeSpaceA
SetFilePointer
ReadFile
WriteFile
DeviceIoControl
GetFileSize
MoveFileA
GetWindowsDirectoryA
GetSystemDirectoryA
SetCurrentDirectoryA
OutputDebugStringA
CreateMutexA
SetConsoleCtrlHandler
FormatMessageA
LocalFree
CreateSemaphoreA
Sleep
CreateThread
WaitForSingleObject
CreateFileA
GetModuleFileNameA
DeleteFileA
CopyFileA
_lclose
CloseHandle
lstrlenA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

advapi32

OpenServiceA
RegQueryValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
StartServiceA
OpenSCManagerA
RegCloseKey
RegSetValueExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerExA
ControlService
QueryServiceStatus
DeleteService
CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
SetServiceStatus
RegOpenKeyExA

msvcp71

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?clear@ios_base@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d1044b8bbdf6243ac2c4debeb23b53

Headers

File Characteristics

Imports

filectrl

mfc71

msvcr71

kernel32

user32

advapi32

msvcp71

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 36KB - Virtual size: 52KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 36KB - Virtual size: 52KB

.rsrc
Size: 52KB - Virtual size: 50KB