bef64ac316b2cebebc1c6388874baf94ca34d556e3b1bfaa701a3034483eb46e

Sharing

Copy URL Twitter E-mail

General

Target

bef64ac316b2cebebc1c6388874baf94ca34d556e3b1bfaa701a3034483eb46e
Size

312KB
MD5

7ceecb524870828e22d423a112be41ed
SHA1

527f00b8393019d409538bf2a87f392d0d6abce3
SHA256

bef64ac316b2cebebc1c6388874baf94ca34d556e3b1bfaa701a3034483eb46e
SHA512

cb98c2a9063480c94b2be572d5355c7e60b4e316edd41ad0194167988f8198b4ea069e2448df428cf7b2d9625a45fb1525e26efed8a44ae48108a812dcce8aa8
SSDEEP

6144:ABMZEVUTafROERUs3RdlbT/evFtKuwE686ZeaWs8C7ijE1w6Ic3:AMZEVUT5ERUs3Rb/eXyGs8C4E1wO3

Score

N/A

Malware Config

Signatures

Files

bef64ac316b2cebebc1c6388874baf94ca34d556e3b1bfaa701a3034483eb46e
.exe windows x86

739d567fc219b75d542d9ae6399f98d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetThreadLocale
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
DeleteFileA
CopyFileA
MoveFileA
GetProcAddress
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CreateThread
Sleep
GetCurrentThreadId
GetTickCount
GetLocalTime
GetModuleHandleA
SetCurrentDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
FindNextFileA
GetUserDefaultLangID
SetThreadPriority
SetFileAttributesA
GetFileAttributesA
RemoveDirectoryA
OpenEventA
CreateEventA
LoadLibraryA
GetCommandLineA
GetSystemDirectoryA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
ResumeThread
GetACP
TerminateProcess
SetEvent
lstrcatA
lstrcpyA
GetFileSize
SetFilePointer
SetEndOfFile
UnlockFile
GetTimeFormatA
LockFile
GetDateFormatA
SetLastError
OpenMutexA
CreateMutexA
OutputDebugStringA
ReleaseMutex
GetTempPathA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetStartupInfoA
LocalFree
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
lstrlenW
GetLastError
InterlockedIncrement
LoadLibraryExA
lstrcpynA
lstrcmpiA
IsDBCSLeadByte
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
FindClose
FindFirstFileA
WriteFile
CloseHandle
ReadFile
CreateFileA
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
InterlockedDecrement
OpenProcess

user32

CreateWindowExA
LoadIconA
CloseWindow
SetTimer
KillTimer
PostQuitMessage
DefWindowProcA
GetWindowThreadProcessId
MessageBoxA
PostThreadMessageA
SendMessageTimeoutA
RegisterClassExA
PostMessageA
CharNextA
LoadStringA
IsWindowVisible
GetWindowTextA
EnumWindows
FindWindowA
SendMessageA
CharUpperA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindow

advapi32

StartServiceCtrlDispatcherA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
GetUserNameA
RegEnumValueA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
RegisterServiceCtrlHandlerA
SetServiceStatus
DeleteService
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegDeleteValueA

shell32

ShellExecuteA
FindExecutableA
Shell_NotifyIconA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleRun
ProgIDFromCLSID
CLSIDFromProgID
StringFromIID
StringFromCLSID
CLSIDFromString
IIDFromString
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoInitialize
CoUninitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitializeEx
CoInitializeSecurity
CoResumeClassObjects
CoRevokeClassObject
CoRegisterClassObject
CoSuspendClassObjects
CoTaskMemFree

oleaut32

UnRegisterTypeLi
RegisterTypeLi
VarBstrCat
VariantInit
LoadTypeLi
LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
VariantClear
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
GetErrorInfo

hpvcr70

_mbsspn
_controlfp
_except_handler3
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
memset
_ultoa
printf
strchr
strncat
_vscprintf
puts
vsprintf
strncpy
sscanf
_mbsnbicmp
_mbspbrk
strstr
wcstok
strrchr
sprintf
wcsrchr
wcschr
_ltoa
rand
time
srand
isdigit
strtol
_strlwr
_strnicmp
strncmp
_ltow
_wtol
wcslen
atol
_mbsicmp
atoi
_mbscspn
_mbschr
malloc
free
??3@YAXPAX@Z
??2@YAPAXI@Z
??_V@YAXPAX@Z
realloc
_mbscmp
memmove
??_U@YAPAXI@Z
_purecall
wcsstr
wcscmp
_mbsrchr
_mbsstr

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

739d567fc219b75d542d9ae6399f98d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

hpvcr70

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 96KB - Virtual size: 96KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 96KB - Virtual size: 96KB