66aa23f3bbeecf521998931fbc28e1f25d3ccbb3c404b8a58600edc9a244f3df

Sharing

Copy URL Twitter E-mail

General

Target

66aa23f3bbeecf521998931fbc28e1f25d3ccbb3c404b8a58600edc9a244f3df
Size

656KB
MD5

a07b5634ad530948f3e2235f5d096814
SHA1

f203c17ba42720d81715e9db44261fd7cfd58c0e
SHA256

66aa23f3bbeecf521998931fbc28e1f25d3ccbb3c404b8a58600edc9a244f3df
SHA512

90d32f92947d9a0d447f020a6f52ded01e8efe5d73402d7c94d09120574ef31f77758f7aa34297d5cc1e704f230473dbdb9c1d4adcf6bf3d611c1880575acbdc
SSDEEP

12288:vp3E2ol6SuECk1nBotcbJfIUZVTolgdDsZpKY5nNO2F:h3UTuECk1nmtgJfHVToKd4ZpKWnN1

Score

N/A

Malware Config

Signatures

Files

66aa23f3bbeecf521998931fbc28e1f25d3ccbb3c404b8a58600edc9a244f3df
.exe windows x86

b32e51aac33641bd44513ea1b2fb2f7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetStatusCallbackW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
InternetOpenW

winmm

PlaySoundW

mfc71u

ord587
ord563
ord753
ord6061
ord602
ord1957
ord3756
ord6033
ord2255
ord1270
ord347
ord1006
ord5210
ord2895
ord2077
ord2985
ord3158
ord572
ord3677
ord1049
ord1121
ord3824
ord2461
ord5971
ord1117
ord1118
ord2239
ord4074
ord6133
ord1479
ord6111
ord282
ord2926
ord290
ord1079
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2832
ord4475
ord3327
ord566
ord757
ord663
ord2132
ord426
ord3016
ord2155
ord6086
ord1386
ord709
ord501
ord4060
ord5465
ord3990
ord2159
ord6251
ord2310
ord2311
ord2651
ord5829
ord3927
ord865
ord5398
ord2460
ord776
ord4902
ord3198
ord3204
ord1925
ord1271
ord3155
ord5633
ord4094
ord2085
ord3238
ord1946
ord2365
ord1274
ord2361
ord2366
ord3497
ord3289
ord530
ord722
ord3946
ord5440
ord5727
ord2260
ord4100
ord5524
ord2066
ord5637
ord2121
ord1920
ord651
ord1555
ord1921
ord4255
ord751
ord2471
ord1461
ord2863
ord1586
ord562
ord2932
ord894
ord5636
ord3995
ord4117
ord2261
ord5705
ord277
ord1959
ord6001
ord2254
ord5723
ord1113
ord502
ord1176
ord5710
ord1244
ord3857
ord3281
ord3249
ord3157
ord5327
ord6293
ord5316
ord6282
ord4035
ord2521
ord5607
ord6056
ord5604
ord6050
ord4155
ord6053
ord5884
ord5638
ord5643
ord5519
ord5584
ord5410
ord5397
ord5917
ord5715
ord3174
ord6058
ord4061
ord866
ord900
ord3103
ord6301
ord4101
ord629
ord6161
ord2697
ord1430
ord288
ord5319
ord5083
ord384
ord5558
ord5489
ord3195
ord380
ord3017
ord897
ord5485
ord2340
ord1571
ord427
ord664
ord3331
ord760
ord6219
ord6116
ord1156
ord2086
ord1582
ord4234
ord3311
ord741
ord3395
ord5609
ord1416
ord2362
ord3753
ord1220
ord2648
ord3435
ord1784
ord1864
ord3590
ord1066
ord4347
ord4642
ord6140
ord6059
ord3752
ord1087
ord3570
ord4112
ord2713
ord583
ord777
ord1626
ord1534
ord3151
ord1200
ord1162
ord581
ord4226
ord1393
ord5911
ord1536
ord3417
ord3678
ord1472
ord774
ord1894
ord1086
ord4574
ord293
ord4109
ord4026
ord280
ord1058
ord870
ord1061
ord1060
ord899
ord896
ord6063
ord6232
ord1785
ord1883
ord354
ord283
ord605
ord577
ord3176
ord4256
ord4480
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2856
ord2708
ord4301
ord2829
ord2725
ord2531
ord5196
ord1590
ord1646
ord1647
ord1955
ord5171
ord1353
ord1198
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5199
ord4179
ord6271
ord5067
ord1899
ord5148
ord4238
ord1392
ord3940
ord1608
ord1611
ord5908
ord1542
ord1661
ord1662
ord2011
ord4884
ord4729
ord4206
ord5178
ord3635
ord4743
ord1178
ord1182
ord265
ord762
ord1908
ord266
ord314
ord764
ord315
ord765
ord416

msvcr71

memmove
??0exception@@QAE@ABV0@@Z
_except_handler3
_controlfp
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_beginthreadex
ceil
_localtime64
_time64
wcsncpy
wcsstr
swprintf
wcscat
_wfindfirst
_findclose
_purecall
wcslen
wcscpy
memset
free
memcmp
__CxxFrameHandler
??1exception@@UAE@XZ
_wtoi
__RTDynamicCast
wcscmp
realloc
memcpy
malloc
_wcsdup
??0exception@@QAE@XZ
_CxxThrowException

kernel32

SizeofResource
MultiByteToWideChar
lstrcpyW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
LoadResource
FreeLibrary
CloseHandle
CreateMutexW
GetLastError
LoadLibraryW
RaiseException
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
GetModuleFileNameW
lstrlenW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExW
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
SetEnvironmentVariableW
ExpandEnvironmentStringsW
lstrcmpW
LocalAlloc
FormatMessageW
GetVersion
lstrlenA
GetCPInfo
FreeResource
CreateEventW
ResetEvent
SetEvent
GetTickCount
CreateProcessW
LocalFree
GetStartupInfoW
GetCommandLineW
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
WaitForMultipleObjects
GetExitCodeThread
GetWindowsDirectoryW
WinExec
lstrcatW
GetProcAddress
GetCurrentThreadId
WaitForSingleObject
GetModuleHandleA
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
WideCharToMultiByte
LeaveCriticalSection

user32

EnableWindow
CopyRect
DrawEdge
DrawFocusRect
GetClientRect
SendMessageW
PostMessageW
RegisterWindowMessageW
MessageBoxW
GetNextDlgGroupItem
ClientToScreen
WindowFromPoint
SetParent
SetActiveWindow
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
DrawAnimatedRects
EnumChildWindows
GetCursorPos
GetDoubleClickTime
IsMenu
SetWindowRgn
RegisterClassExW
BeginPaint
EndPaint
MapWindowPoints
AdjustWindowRectEx
MoveWindow
GetDlgCtrlID
LoadIconW
GetActiveWindow
OffsetRect
GetCapture
ReleaseCapture
TrackMouseEvent
RedrawWindow
GetParent
ScreenToClient
GetWindowRect
InflateRect
PtInRect
LoadCursorW
CopyIcon
IsWindow
SetCursor
GetMessagePos
SetWindowLongW
SetMenuDefaultItem
LoadImageW
MsgWaitForMultipleObjects
PeekMessageW
PostQuitMessage
TranslateMessage
DispatchMessageW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDesktopWindow
ReleaseDC
RemoveMenu
ModifyMenuW
InsertMenuW
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuW
CreatePopupMenu
CreateMenu
LoadBitmapW
GetSysColorBrush
FillRect
SetRect
DrawIconEx
DestroyIcon
SystemParametersInfoW
GetSysColor
GetMenuItemInfoW
wsprintfW
SetForegroundWindow
GetWindow
FindWindowW
SetTimer
IsWindowVisible
InvalidateRect
UpdateWindow
GetDC
IsIconic
SetMenu
GetMenu
LoadMenuW
GetSubMenu
DeleteMenu
DrawIcon
KillTimer
GetSystemMetrics
GetClassNameW
CharNextW
GetWindowLongW

gdi32

SelectObject
CreateSolidBrush
DeleteObject
DeleteDC
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateDIBSection
SelectClipRgn
MaskBlt
StretchBlt
CreateBitmap
CreateRectRgn
CombineRgn
GetTextMetricsA
GetTextExtentPointA
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
GetObjectW
CreateFontIndirectW
CreateHatchBrush
CreatePen
CreateFontW

advapi32

RegDeleteKeyW
RegQueryValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW

shell32

SHAppBarMessage
ShellExecuteW
Shell_NotifyIconW
ShellExecuteExW

comctl32

ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIconSize
ord17
_TrackMouseEvent

shlwapi

PathRemoveFileSpecW
PathStripPathW

ole32

CoUninitialize
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoInitializeEx
OleRun
CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
GetErrorInfo
SysAllocString
VarUI4FromStr
VarBstrFromDate
SysAllocStringByteLen
SysStringByteLen
SystemTimeToVariantTime
DispCallFunc
VariantInit
VariantClear
SysFreeString
LoadRegTypeLi
LoadTypeLi
SysStringLen

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipAlloc
GdipFree
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImageBounds
GdipGetImageHeight
GdipGetImageWidth
GdiplusStartup
GdiplusShutdown
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromResource

msvcp71

?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?width@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

tlib_log

?location@Telecalib_logging@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDH0@Z
?getFormattedThreadId@Telecalib_logging@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFormattedProcessId@Telecalib_logging@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?unregisterApplication@Telecalib_logging@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createApplicationSpecificLogFile@Telecalib_logging@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0ABV23@_N@Z
??0LogEventHandler@@QAE@XZ
??1LogEventHandler@@UAE@XZ
?initDefaultLogs@Telecalib_logging@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@_N@Z

boost_log-vc71-mt-1_33

??1logger@logging@boost@@QAE@XZ
?find_log_by_name@logging@boost@@YA?AV?$shared_ptr@Ulogger_impl@logging@boost@@@2@AAUdefault_log_manager@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?write_msg@logging@boost@@YAXAAUdefault_log_manager@12@AAUlogger@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?is_enabled@logger@logging@boost@@QBE_NI@Z

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

tlib_cmndlgs

?AboutBox@@YAPAUHWND__@@PB_WPAU1@AAUAboutData@@@Z
??0AboutData@@QAE@XZ

Sections

.text
Size: 444KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b32e51aac33641bd44513ea1b2fb2f7e

Headers

File Characteristics

Imports

wininet

winmm

mfc71u

msvcr71

kernel32

user32

gdi32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

msvcp71

tlib_log

boost_log-vc71-mt-1_33

version

tlib_cmndlgs

Sections

.text Size: 444KB - Virtual size: 440KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 8KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 1KB

.rrdata Size: 76KB - Virtual size: 76KB

.text
Size: 444KB - Virtual size: 440KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 8KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 1KB

.rrdata
Size: 76KB - Virtual size: 76KB