70a4c7ca2a140f25cab2a0ae379d423faea9d69d698cee3ff7cb19d823ad5ebf

Sharing

Copy URL Twitter E-mail

General

Target

70a4c7ca2a140f25cab2a0ae379d423faea9d69d698cee3ff7cb19d823ad5ebf
Size

91KB
MD5

801772dfd20c45d07e6e6a02ef4c0fd0
SHA1

8ce6e5d2fcc9672d69c4f7846b4af096da8d6924
SHA256

70a4c7ca2a140f25cab2a0ae379d423faea9d69d698cee3ff7cb19d823ad5ebf
SHA512

bf0448b5be7f49965a54ad49f596198a1f73676f1a7dcd456fb105d836ab1961b2e47156c3101513faae2c26709a85659c15e746336101d7a9a2fe97a3245293
SSDEEP

1536:LJyOFcWJnFwzpejahe5SbFWnP7xSW6Alto2R24T+mc4cX7CLlYctYyETUspqXI:cOFcQnFqpejaPbWZrTJSjuPOkvI

Score

N/A

Malware Config

Signatures

Files

70a4c7ca2a140f25cab2a0ae379d423faea9d69d698cee3ff7cb19d823ad5ebf
.exe windows x86

10f43da1bcd761329a72db4191941f3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
SetUnhandledExceptionFilter
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
Sleep
FindResourceExW
FindResourceW
CreateMutexW
SizeofResource
LockResource
LoadResource
WaitForSingleObject
CloseHandle
GetCurrentProcess
FindFirstFileW
lstrcpynW
FindClose
FindNextFileW
IsDebuggerPresent
DeleteFileW
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

UnregisterClassA

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW

shell32

SHGetSpecialFolderPathW

msvcr80

__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_amsg_exit
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
memcpy_s
free
wcsncpy
wcsncpy_s
_encode_pointer
wcsncat_s
memmove_s
_vsnwprintf_s
??3@YAXPAX@Z
memset
__CxxFrameHandler3
_CxxThrowException

msvcp80

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

shlwapi

StrStrIW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10f43da1bcd761329a72db4191941f3b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcr80

msvcp80

shlwapi

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 76KB - Virtual size: 80KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 76KB - Virtual size: 80KB