93a6ef9e8b9e3aaae493298cdcb0e247e7de77c19898b309e1bd3b713995ce2b

Sharing

Copy URL Twitter E-mail

General

Target

93a6ef9e8b9e3aaae493298cdcb0e247e7de77c19898b309e1bd3b713995ce2b
Size

3.3MB
MD5

6844488e264888571921cec27dba8408
SHA1

10b8e3198c437896724d48a938d4fb897da7641a
SHA256

93a6ef9e8b9e3aaae493298cdcb0e247e7de77c19898b309e1bd3b713995ce2b
SHA512

3561ecaf2aac7ad66c36a15473a8b9e9e486977167fba6a22e9b8767e11a640b690280db89a0e7dc687239b9b0647958f03c66ddc19633f47ab83560c95d23e7
SSDEEP

98304:xWyf5RvzA5A3mlDFYqeJfpZ9OMfkgbQfz1VydGt7yFKd:QO5RHDqOjR8gkfzjyMt7xd

Score

N/A

Malware Config

Signatures

Files

93a6ef9e8b9e3aaae493298cdcb0e247e7de77c19898b309e1bd3b713995ce2b
.exe windows x86

f8fd4d6f27f7cf10a45e3b31cd356e0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc80u

ord4884
ord4234
ord1646
ord4729
ord354
ord5210
ord1647
ord4206
ord2985
ord1955
ord5178
ord1388
ord5171
ord1922
ord6262
ord1353
ord1474
ord1924
ord5803
ord4961
ord4092
ord1475
ord3311
ord3339
ord2080
ord4093
ord6275
ord1538
ord2082
ord3796
ord4228
ord1561
ord6273
ord4231
ord1513
ord2163
ord2169
ord3165
ord2399
ord3223
ord2381
ord2379
ord2397
ord2155
ord2409
ord2386
ord2402
ord572
ord2407
ord2390
ord2392
ord1472
ord1058
ord2394
ord2388
ord3990
ord2404
ord6700
ord2384
ord931
ord6166
ord1079
ord3756
ord1590
ord929
ord925
ord6161
ord3189
ord920
ord282
ord5229
ord5231
ord5524
ord4098
ord5956
ord1479
ord1591
ord4276
ord2261
ord4716
ord3983
ord3397
ord1634
ord3400
ord3842
ord1572
ord5829
ord1906
ord3286
ord2648
ord5199
ord2077
ord5727
ord4179
ord2444
ord1536
ord1785
ord6271
ord4226
ord5067
ord1899
ord5801
ord5148
ord3635
ord4238
ord3158
ord1392
ord3925
ord2745
ord777
ord5416
ord313
ord1189
ord380
ord5489
ord2697
ord2696
ord3195
ord386
ord631
ord2271
ord2279
ord1220
ord1393
ord1662
ord5196
ord5911
ord1661
ord1198
ord2856
ord6721
ord1542
ord4480
ord6086
ord1582
ord4256
ord1271
ord6063
ord2086
ord6720
ord3176
ord5908
ord709
ord4574
ord1611
ord1894
ord501
ord1608
ord3940
ord3327
ord620
ord591
ord605
ord2011
ord4032
ord4008
ord3198
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord3204
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord1925
ord5222
ord2239
ord3942
ord4562
ord5226
ord1049
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord757
ord2832
ord566
ord2534
ord2640
ord2527
ord3712
ord3713
ord3677
ord3703
ord2638
ord4535
ord3943
ord4475
ord4255
ord741
ord715
ord3157
ord657
ord587
ord577
ord2460
ord293
ord1430
ord266
ord5319
ord265
ord2897
ord5083
ord762
ord629
ord384
ord774
ord283
ord2311
ord776
ord280
ord1118
ord927
ord764

msvcr80

_wcmdln
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
fread
memmove
_wmkdir
isdigit
isxdigit
tolower
_gmtime64
strtok
strchr
fwrite
strncmp
_beginthreadex
_wfopen
strftime
strstr
fclose
strcspn
isprint
_errno
atoi
toupper
strerror
strspn
_initterm
abort
isspace
_localtime64
malloc
free
calloc
wcsstr
_wtoi
swscanf
exit
_purecall
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memset
_CxxThrowException
__CxxFrameHandler3
_initterm_e
_configthreadlocale
__setusermatherr
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
memcpy_s
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_mktime32
_wstat32
_except_handler4_common
_invoke_watson
_controlfp_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
isalpha
_crt_debugger_hook
memcpy

kernel32

PurgeComm
EscapeCommFunction
SetCommMask
CreateEventW
WaitForSingleObject
GetTickCount
ReadFile
ClearCommError
WriteFile
RemoveDirectoryW
CloseHandle
GetSystemDirectoryW
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WinExec
WideCharToMultiByte
CreateProcessW
DeleteFileW
Sleep
TerminateProcess
GetModuleFileNameW
GetLocalTime
GetLastError
CreateMutexW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
InterlockedDecrement
SetupComm
LocalFileTimeToFileTime
GetFileAttributesW
CreateDirectoryW
SetFileTime
SetFilePointer
SystemTimeToFileTime
GetCurrentDirectoryW
MultiByteToWideChar
FileTimeToSystemTime
GetFileSize
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
GetCurrentThreadId
GetModuleFileNameA
GetCurrentProcessId
FlushFileBuffers
CreateFileW
GetEnvironmentVariableA
SearchPathA
GetVersionExA
QueryPerformanceFrequency
FormatMessageA
CreateFileMappingA
CreateMutexA
DeleteFiber
FreeLibrary
SetErrorMode
GetVersion
ReleaseSemaphore
GetWindowsDirectoryA
TlsAlloc
QueryPerformanceCounter
FindFirstFileA
TerminateThread
LocalAlloc
HeapReAlloc
TlsGetValue
CreateFileA
TlsSetValue
ConvertThreadToFiber
LocalFree
OutputDebugStringA
HeapAlloc
FindNextFileA
GetModuleHandleA
SwitchToFiber
InterlockedIncrement
SwitchToThread
GetProcAddress
ResumeThread
ReleaseMutex
GetComputerNameW
DeviceIoControl
OpenSemaphoreA
CreateSemaphoreA
GetProcessTimes
GetSystemTime
FindClose
GetVolumeInformationA
InterlockedCompareExchange
OpenMutexA
LoadLibraryA
InterlockedExchange
GetStartupInfoW
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
lstrlenA
GetCommState
CreateFiber
SetCommTimeouts
SetCommState

user32

wsprintfW
KillTimer
EnableWindow
LoadIconW
SetTimer
FillRect
SendMessageW

gdi32

CreateSolidBrush
CreateFontW

ole32

CoCreateInstance
CoInitialize
OleRun

oleaut32

SysAllocString
VariantClear
VariantInit
VariantCopy
SysFreeString
GetErrorInfo

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 653KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8fd4d6f27f7cf10a45e3b31cd356e0c

Headers

File Characteristics

Imports

mfc80u

msvcr80

kernel32

user32

gdi32

ole32

oleaut32

msvcp80

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 116KB - Virtual size: 653KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 116KB - Virtual size: 653KB

.rsrc
Size: 28KB - Virtual size: 25KB