233279e6b5670330b5fe024e2f5c29b094a87c5f23c8768226bfa9f1890e0a87

Sharing

Copy URL Twitter E-mail

General

Target

233279e6b5670330b5fe024e2f5c29b094a87c5f23c8768226bfa9f1890e0a87
Size

188KB
MD5

62597e0567bf0e4bd82d2f738ad07fc0
SHA1

670f07186fb3adf395507190aa137bf12e12454c
SHA256

233279e6b5670330b5fe024e2f5c29b094a87c5f23c8768226bfa9f1890e0a87
SHA512

da47073513973db04f8b3cb04ffe3172a1be8f37cca13963764e107e2a5e9fc76a4645f8f9caa75a6ae45d89a42a1286225db831fe30c0640fc01539f9afc349
SSDEEP

3072:NvvYUrKUepA2DCOwD/P65ThZQ/6Evd1d9k9iIBoJ2ct+00B8Kvt4VXvQPFuDa9Zy:lZrKDpA2Pm/C5ThZQ/6Evd1vkt8W0k50

Score

N/A

Malware Config

Signatures

Files

233279e6b5670330b5fe024e2f5c29b094a87c5f23c8768226bfa9f1890e0a87
.exe windows x86

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
calloc
memcmp
memcpy
_beginthreadex
_strupr
wcscpy
atoi
wcstombs
wcslen
mbstowcs
strncat
vsprintf
__setusermatherr
fopen
fwrite
fclose
strrchr
malloc
_ftol
memmove
strcmp
__CxxFrameHandler
_CxxThrowException
strcpy
_except_handler3
rand
_access
??2@YAPAXI@Z
??3@YAXPAX@Z
strcat
free
strlen
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
exit
memset

kernel32

FreeLibrary
LocalAlloc
InterlockedExchange
WideCharToMultiByte
LocalFree
GetLastError
GetStartupInfoA
GetModuleHandleA
lstrlenA
MultiByteToWideChar
RaiseException
InterlockedDecrement
MoveFileA
GetFileSize
VirtualAlloc
ReadFile
CloseHandle
FindFirstFileA
WriteFile
FindClose
Sleep
LoadLibraryA
GetProcAddress

user32

IsWindow
SendMessageA
CreateWindowExA

advapi32

RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

ole32

CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

msvfw32

ICSendMessage

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

msvcp60

ole32

oleaut32

msvfw32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 32KB - Virtual size: 55KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 32KB - Virtual size: 55KB

.rsrc
Size: 4KB - Virtual size: 4KB