a7e0be88fea213490a95fefea1692c6005d03709d7114f4cccd169fd36df5210

Sharing

Copy URL Twitter E-mail

General

Target

a7e0be88fea213490a95fefea1692c6005d03709d7114f4cccd169fd36df5210
Size

245KB
MD5

7d4d670f3fbbb0bfea35505c179db810
SHA1

3ae389ec71824c75c32073dcf1177108feab497c
SHA256

a7e0be88fea213490a95fefea1692c6005d03709d7114f4cccd169fd36df5210
SHA512

fa5e08615f17ad27eae36930550c772d2ced1300973f5ab052603d99952c0a8fb588ebb68ccca1aa77a1bcf525ad328c10d56a2f4258c2d50824ba3389affa9b
SSDEEP

6144:W6CGaYmLyZ2D6YmxXdL+SwMjMtFNFLpw0Z:zCGanm2eYmxXsSwM6NFL20Z

Score

N/A

Malware Config

Signatures

Files

a7e0be88fea213490a95fefea1692c6005d03709d7114f4cccd169fd36df5210
.exe windows x86

f4784a28242b3dc39716d60acc416a6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpReadDumpStream

ws2_32

socket
WSACleanup
setsockopt
connect
htons
gethostbyname
inet_addr
closesocket
recv
WSAStartup
send

minizip

zipClose
zipOpen
zipCloseFileInZip
zipWriteInFileInZip
zipOpenNewFileInZip

kernel32

CloseHandle
MapViewOfFile
CreateFileMappingW
CreateFileW
InterlockedDecrement
lstrlenA
GetLastError
CopyFileW
FindClose
FindNextFileW
FindFirstFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
OutputDebugStringW
SetErrorMode
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToLocalFileTime
ReadFile
FileTimeToDosDateTime
MultiByteToWideChar
RaiseException
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
ExitProcess
GetModuleHandleA
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
FlushInstructionCache
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

LoadStringW
wsprintfW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetTimer
GetWindow
MessageBeep
GetSystemMetrics
LoadImageW
LoadBitmapW
GetDlgItem
SetWindowTextW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxW
KillTimer
SetDlgItemTextW
EndDialog
GetActiveWindow
IsWindowEnabled
LoadCursorW
SetCursor
ShowCursor
GetParent
MapWindowPoints
SendMessageW
GetCursorPos
GetWindowRect
SystemParametersInfoW
SetWindowPos
ShowWindow
EndPaint
BeginPaint
GetDC
InflateRect
DrawTextW
ReleaseDC
GetClientRect
CallWindowProcW
GetWindowLongW
GetSysColor
DestroyWindow
DefWindowProcW
DialogBoxParamW
IsWindow
InvalidateRect

gdi32

CreateFontIndirectW
GetObjectW
ExtTextOutW
SetBkColor
SelectObject
GetStockObject
SetBkMode
CreateCompatibleDC
SetTextColor
SetWindowOrgEx
OffsetWindowOrgEx
GetWindowOrgEx
ExtSelectClipRgn
CreateRectRgnIndirect
BitBlt
Rectangle
DeleteObject

shell32

ShellExecuteW
SHCreateDirectoryExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
VariantClear
SysFreeString
SysAllocString

atl71

ord23
ord65
ord61
ord43
ord64
ord44
ord66

comctl32

InitCommonControlsEx
_TrackMouseEvent

msvcp71

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Nomemory@std@@YAXXZ
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

msvcr71

_strupr
free
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_snwprintf
wcslen
wcscpy
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler
strlen
tolower
wcsftime
localtime
??_V@YAXPAX@Z
fclose
_atoi64
fread
_wfopen
sprintf
atoi
strncmp
memcpy
_wstat
_except_handler3
_purecall
fwrite
swprintf
time
wcsrchr
malloc
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
memset

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4784a28242b3dc39716d60acc416a6e

Headers

File Characteristics

Imports

dbghelp

ws2_32

minizip

kernel32

user32

gdi32

shell32

ole32

oleaut32

atl71

comctl32

msvcp71

msvcr71

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 160KB - Virtual size: 160KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 160KB - Virtual size: 160KB