1983e63c1242721feab14434377683768fdeb2e6138aa7b68a6165356cffdba4

Sharing

Copy URL Twitter E-mail

General

Target

1983e63c1242721feab14434377683768fdeb2e6138aa7b68a6165356cffdba4
Size

119KB
MD5

803a804c62f9c11eabb6f627af9a2d00
SHA1

a3589114b5763d720b64cd71cc603e45d58a8f03
SHA256

1983e63c1242721feab14434377683768fdeb2e6138aa7b68a6165356cffdba4
SHA512

5e6ae2750fadf73e15fdbc9cf4777f3914233b07deb85a1d5bb114655148c9593732ebcf628678d4b3ea9e1f9fa29111e767a2ab51c5ef77e276cf0789ce6d60
SSDEEP

3072:+8Ef7D41KyiOOvKu/As7vLySDADeak7dJHB/AdGs:+8sOOvKHs7zySsQLH5Adl

Score

N/A

Malware Config

Signatures

Files

1983e63c1242721feab14434377683768fdeb2e6138aa7b68a6165356cffdba4
.exe windows x86

131c7a561361e801299f10ac0a8c6b9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90u

ord6579
ord524
ord744
ord4543
ord2904
ord2069
ord12270
ord4682
ord10468
ord4664
ord1492
ord6408
ord3353
ord1675
ord1809
ord1810
ord5324
ord5167
ord4631
ord5632
ord9351
ord6848
ord639
ord3488
ord7146
ord9510
ord5008
ord10252
ord2592
ord367
ord636
ord1353
ord2469
ord4131
ord6187
ord1354
ord3637
ord4527
ord10578
ord519
ord520
ord3830
ord430
ord683
ord4009
ord2283
ord1719
ord4660
ord3654
ord778
ord6635
ord6065
ord1686
ord5656
ord5371
ord3741
ord6577
ord1228
ord4693
ord2969
ord5616
ord4345
ord3681
ord2646
ord2645
ord2647
ord2644
ord2643
ord1753
ord6410
ord3354
ord4378
ord5293
ord5296
ord4800
ord4805
ord4802
ord4820
ord4823
ord4807
ord5209
ord5016
ord4596
ord4589
ord5418
ord4810
ord5214
ord4622
ord5224
ord4865
ord4866
ord4109
ord4945
ord5356
ord4987
ord5487
ord4861
ord4789
ord4927
ord5279
ord5407
ord4955
ord4904
ord5408
ord4942
ord5105
ord5384
ord5228
ord4707
ord4797
ord4798
ord6376
ord5230
ord5142
ord5239
ord5491
ord5401
ord5079
ord5382
ord4933
ord5397
ord5106
ord4549
ord1376
ord2194
ord4550
ord1298
ord1751
ord1754
ord1938
ord3355
ord1665
ord2274
ord12404
ord13194
ord9972
ord10457
ord10304
ord13136
ord12165
ord12617
ord7766
ord9965
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord8452
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord3112
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord9272
ord611
ord2208
ord6482
ord1098
ord4211
ord7332
ord7138
ord4043
ord4967
ord933
ord938
ord5404
ord3682
ord6804
ord4174
ord6802
ord1641
ord2368
ord2375
ord2630
ord2612
ord2610
ord2628
ord2640
ord2617
ord2633
ord2638
ord2621
ord2623
ord2625
ord2619
ord2635
ord2615
ord971
ord967
ord969
ord965
ord960
ord5683
ord5685
ord6466
ord1728
ord4702
ord5154
ord3743
ord5664
ord4603
ord6800
ord1137
ord285
ord3220
ord1607
ord813
ord286
ord5512
ord2074
ord3543
ord2106
ord2537
ord1272
ord1183
ord3537
ord296
ord1108
ord595
ord3489
ord4910
ord3286
ord3140
ord5650
ord1727
ord1791
ord1792
ord2139
ord5625
ord1442
ord6411
ord3226
ord5602
ord4652
ord5400
ord1493
ord600
ord280
ord266
ord265
ord799
ord1440
ord801

msvcr90

__CxxFrameHandler3
__wgetmainargs
_amsg_exit
__wargv
_wsplitpath
_wcsicmp
_CxxThrowException
memset
memcpy
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit

kernel32

GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceW
LoadResource
HeapFree
GetProcessHeap
LockResource
GetFileAttributesW
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle
WriteFile
SetFilePointer
GetFileSize
CreateFileW
FindClose
FindNextFileW
DeleteFileW
RemoveDirectoryW
SetFileAttributesW
GlobalAlloc
FindFirstFileW
InterlockedDecrement
GlobalUnlock
GlobalLock
SizeofResource

user32

LoadBitmapW
GetWindowDC
AdjustWindowRectEx
GetAsyncKeyState
GetCursorPos
SetTimer
KillTimer
IsZoomed
PtInRect
ScreenToClient
OffsetRect
SetWindowRgn
ReleaseDC
DestroyIcon
DrawIconEx
GetSystemMetrics
IsWindow
GetWindowLongW
UnhookWindowsHookEx
GetWindowRect
SystemParametersInfoW
DispatchMessageW
TranslateMessage
InvalidateRect
SetRect
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
EnableWindow
MessageBoxW

gdi32

GetStockObject
StretchBlt
CombineRgn
SetRectRgn
CreateRectRgn
CreateFontIndirectW
CreateCompatibleDC
SelectObject

shell32

SHGetSpecialFolderPathW

comctl32

InitCommonControlsEx

ole32

CoInitialize
CreateStreamOnHGlobal
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantClear

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipLoadImageFromFile
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdipDrawImageRectI

wininet

DeleteUrlCacheEntryW
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

131c7a561361e801299f10ac0a8c6b9a

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

user32

gdi32

shell32

comctl32

ole32

oleaut32

gdiplus

wininet

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 43KB - Virtual size: 42KB