fba56b44b5711d60d3b28ac5af78db159f26c3d9f26dbe33c48eb0b499888c54

Sharing

Copy URL

Twitter E-mail

General

Target

fba56b44b5711d60d3b28ac5af78db159f26c3d9f26dbe33c48eb0b499888c54
Size

255KB
MD5

4952a922380f3906c2907ce1c6b3b8f0
SHA1

66feb0f9c9b92ce80f6261193857afb1bf731dc8
SHA256

fba56b44b5711d60d3b28ac5af78db159f26c3d9f26dbe33c48eb0b499888c54
SHA512

3b6bc3369831117b6f1aab40bc23af888fc07eecc756aa84faf12ed363907382c8407d473aba66950b81c22293b9c57bdef5bdd0297312ea1aa2521c4735e4eb
SSDEEP

6144:W9NjUUUzRdTGZ2D6YmxXdL+RvdP144IT2S:iaFlw2eYmxXsR1tLIT2S

Score

N/A

Malware Config

Signatures

Files

fba56b44b5711d60d3b28ac5af78db159f26c3d9f26dbe33c48eb0b499888c54
.exe windows x86

6798ec936a6e7b413fa8f3c6390cec82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpReadDumpStream

ws2_32

socket
WSACleanup
setsockopt
connect
htons
gethostbyname
inet_addr
closesocket
recv
WSAStartup
send

minizip

zipClose
zipOpen
zipCloseFileInZip
zipWriteInFileInZip
zipOpenNewFileInZip

kernel32

CloseHandle
MapViewOfFile
CreateFileMappingW
CreateFileW
InterlockedDecrement
lstrlenA
GetLastError
CopyFileW
FindClose
FindNextFileW
FindFirstFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
OutputDebugStringW
SetErrorMode
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToLocalFileTime
ReadFile
FileTimeToDosDateTime
MultiByteToWideChar
RaiseException
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
ExitProcess
GetModuleHandleA
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
FlushInstructionCache
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

LoadStringW
UnregisterClassA
wsprintfW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetTimer
GetWindow
MessageBeep
GetSystemMetrics
LoadImageW
LoadBitmapW
GetDlgItem
SetWindowTextW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxW
KillTimer
SetDlgItemTextW
EndDialog
GetActiveWindow
IsWindowEnabled
LoadCursorW
SetCursor
ShowCursor
GetParent
MapWindowPoints
SendMessageW
GetCursorPos
GetWindowRect
SystemParametersInfoW
SetWindowPos
ShowWindow
EndPaint
BeginPaint
GetDC
InflateRect
DrawTextW
ReleaseDC
GetClientRect
CallWindowProcW
GetWindowLongW
GetSysColor
DestroyWindow
DialogBoxParamW
DefWindowProcW
IsWindow
InvalidateRect

gdi32

CreateFontIndirectW
GetObjectW
ExtTextOutW
SetBkColor
SelectObject
GetStockObject
SetBkMode
CreateCompatibleDC
SetTextColor
SetWindowOrgEx
OffsetWindowOrgEx
GetWindowOrgEx
ExtSelectClipRgn
CreateRectRgnIndirect
BitBlt
Rectangle
DeleteObject

shell32

ShellExecuteW
SHCreateDirectoryExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
VariantClear
SysFreeString
SysAllocString

atl71

ord23
ord65
ord61
ord43
ord64
ord44
ord66

comctl32

InitCommonControlsEx
_TrackMouseEvent

msvcp71

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?id@?$ctype@G@std@@2V0locale@2@A
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Nomemory@std@@YAXXZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z

msvcr71

_strupr
free
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_snwprintf
wcslen
wcscpy
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
??_V@YAXPAX@Z
__CxxFrameHandler
strlen
tolower
wcsftime
localtime
fclose
_atoi64
fread
_wfopen
sprintf
atoi
strncmp
memcpy
_wstat
_except_handler3
_purecall
fwrite
swprintf
time
wcsrchr
memmove
realloc
malloc
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
memset

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6798ec936a6e7b413fa8f3c6390cec82

Headers

File Characteristics

Imports

dbghelp

ws2_32

minizip

kernel32

user32

gdi32

shell32

ole32

oleaut32

atl71

comctl32

msvcp71

msvcr71

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 160KB - Virtual size: 160KB