acb68c23fb20cea3c5a66c6dca621901e4b8d8edd2e2cf934691afb02d0973e1

Sharing

Copy URL Twitter E-mail

General

Target

acb68c23fb20cea3c5a66c6dca621901e4b8d8edd2e2cf934691afb02d0973e1
Size

152KB
MD5

1c82e316445a1da513c798434373df70
SHA1

da1f333c1065fce15207c7e79df82fb44d80d18e
SHA256

acb68c23fb20cea3c5a66c6dca621901e4b8d8edd2e2cf934691afb02d0973e1
SHA512

1eaa387dd5c972b876a24afbc80b57c7fb9a1ad465c253fd6dbdc9b846f51af5cbdb9adb21e96edeb1ff7e49015679c18cd9a644abc9740dcc0feadd56de4754
SSDEEP

3072:tv7mNAcAs5nnTHvopSEn81bG22U1k3vfm+quOpagSCE5AqV2zCN2xhWIJ9O:tuAPK7opwWfm+quOpGn5AqVZN2LtP

Score

N/A

Malware Config

Signatures

Files

acb68c23fb20cea3c5a66c6dca621901e4b8d8edd2e2cf934691afb02d0973e1
.exe windows x86

369b3c664320eac80e2c95fe5e79eeb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

common

?GetBSTR@CTXStringW@@QBEPA_WXZ
??YCTXStringW@@QAEAAV0@PB_W@Z
??0CTXBSTR@@QAE@XZ
??1CTXBSTR@@QAE@XZ
?MakeLower@CTXStringW@@QAEAAV1@XZ
?Find@CTXStringW@@QBEHPB_WH@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?Find@CTXStringW@@QBEH_WH@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?Right@CTXStringW@@QBE?AV1@H@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??8@YA_NABVCTXStringW@@PB_W@Z
?GetString@CTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?InitBugReport@TXBugReport@@YAXPB_W000GGKHHKKP6GHPAUtagBugReportInfo@1@PBD200PAPAXPAKPAX@Z@Z
?GetSession@TXLog@@YAKXZ
?GetLCID@NLS@@YAKXZ
?SetBugReportFlag@TXBugReport@@YAHK@Z
?SetBugReportUin@TXBugReport@@YAXK@Z
?ValidateBugReport@TXBugReport@@YAXXZ
?SetMainAndLogicMsgLoop@Misc@Util@@YAXPAVMessageLoopForUI@AsyncTask@@PAVMessageLoop@4@@Z
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?OnExitWinMain@Misc@Util@@YAXXZ
?ClearDeadQueue@Misc@Util@@YAXXZ
?GetLength@CTXStringW@@QBEHXZ
??4CTXStringW@@QAEAAV0@PA_W@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?Tokenize@CTXStringW@@QBE?AV1@PB_WAAH@Z
??0CTXStringW@@QAE@PA_W@Z
??BCTXStringW@@QBEPB_WXZ
?IsEmpty@CTXStringW@@QBE_NXZ
??0CTXStringW@@QAE@ABV0@@Z
?Empty@CTXStringW@@QAEXXZ
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??7CTXStringW@@QBE_NXZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?TXAssert@@YAHPB_W0H@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z

asynctask

??1Thread@AsyncTask@@UAE@XZ
??0MessageLoopForUI@AsyncTask@@QAE@XZ
??1MessageLoopForUI@AsyncTask@@UAE@XZ
??1Lock@AsyncTask@@QAE@XZ
??0Lock@AsyncTask@@QAE@XZ
?RegisterCallback@AtExitManager@AsyncTask@@SAXP6AXPAX@Z0@Z
?Release@Lock@AsyncTask@@QAEXXZ
?Acquire@Lock@AsyncTask@@QAEXXZ
?StartWithOptions@Thread@AsyncTask@@QAE_NABUOptions@12@@Z
??0Thread@AsyncTask@@QAE@PBD@Z

kernel32

LocalAlloc
Sleep
CreateFileW
OpenProcess
TerminateProcess
GetModuleFileNameW
GetCommandLineW
WideCharToMultiByte
SetThreadPriority
GetCurrentProcessId
ResumeThread
lstrlenW
FindClose
DeviceIoControl
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
FormatMessageW
LocalFree
CreateThread
GetVersionExW
IsProcessorFeaturePresent
FindFirstFileW
InitializeCriticalSectionAndSpinCount
UnmapViewOfFile
CloseHandle
MapViewOfFile
GetLastError
OpenFileMappingW
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection

user32

ReleaseDC
PostQuitMessage
GetWindowLongW
GetParent
GetWindowRect
ScreenToClient
ChildWindowFromPoint
FindWindowW
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowDC
GetSystemMetrics

gdi32

CreateCompatibleBitmap
GetObjectW
SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
GetBitmapBits

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW

ole32

CoInitializeEx
CoCreateInstance
CoGetClassObject
CoUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo

shlwapi

PathFindExtensionW

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

msvcr100

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
_fmode
_except_handler4_common
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_controlfp_s
_CxxThrowException
__CxxFrameHandler3
_commode
_exit
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_time64
_purecall
wcslen
memcmp
??_V@YAXPAX@Z
free
malloc
_resetstkoflw
labs
vswprintf_s
swprintf_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
_stricmp
wcsncpy_s
_snprintf_s
strlen
__iob_func
fprintf
rand
srand
wcscat_s
strncpy_s
memmove
isalnum
memchr
tolower
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
__initenv
_XcptFilter
exit
_invoke_watson

gdiplus

GdipCreateBitmapFromHBITMAP
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipSaveImageToFile

ws2_32

ntohs
htons
WSAGetLastError
getaddrinfo
htonl
inet_addr
recvfrom
sendto
WSAStartup
WSACleanup
socket
closesocket
setsockopt
inet_ntoa

iphlpapi

GetIpForwardTable
GetAdaptersAddresses
GetAdaptersInfo

netapi32

Netbios

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

369b3c664320eac80e2c95fe5e79eeb4

Headers

DLL Characteristics

File Characteristics

Imports

common

asynctask

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

msvcp100

msvcr100

gdiplus

ws2_32

iphlpapi

netapi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 73KB - Virtual size: 76KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 73KB - Virtual size: 76KB