b992c2fdd82dd84271307c88594ce52ee1b096276248e21f0018db60c428e23b

Sharing

Copy URL Twitter E-mail

General

Target

b992c2fdd82dd84271307c88594ce52ee1b096276248e21f0018db60c428e23b
Size

80KB
MD5

19322aaf86e8ace9fbadb1e24b0cfc10
SHA1

ae17a5098c0793218706f4ff34cf8bd59be2b37e
SHA256

b992c2fdd82dd84271307c88594ce52ee1b096276248e21f0018db60c428e23b
SHA512

e8a3839bfd00afe4fcb210a6c556f7637a655380dcc44d9fde588e122917f3faff68e1e65d55e6e4436998e171591e8646b6284a15593450aafb285ff5ad1702
SSDEEP

1536:b8PRE/i0SLUGo7fie1uZNUjZQ8gxLE6wfsVdgZ8meXGpqo8ZvDvcCP:bt1/GFeAaZQ8gxdg1pOZrvz

Score

N/A

Malware Config

Signatures

Files

b992c2fdd82dd84271307c88594ce52ee1b096276248e21f0018db60c428e23b
.exe windows x86

d32da111f8dab54832f768676a47bebd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwlib

?GetUserID@UserId@KwLib@@YA_NQADH@Z
?GetInstallSRC@UserId@KwLib@@YA_NQADH@Z
?Base64Encode@Base64@KwLib@@YAHPADPBDH1@Z
?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

kwmodconfig

AfxGetConfigManager

msvcr90

__getmainargs
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
_amsg_exit
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
_invoke_watson
_controlfp_s
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??2@YAPAXI@Z
??_V@YAXPAX@Z
memset
__CxxFrameHandler3
_snprintf
__setusermatherr
_cexit

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d32da111f8dab54832f768676a47bebd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp90

kwlog

kwlib

kwmodconfig

msvcr90

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 70KB - Virtual size: 72KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 70KB - Virtual size: 72KB