7c20e5d2baa4920e4aa5279f90bde69352e680f9369155eb35867ae8bf96ec98

Sharing

Copy URL Twitter E-mail

General

Target

7c20e5d2baa4920e4aa5279f90bde69352e680f9369155eb35867ae8bf96ec98
Size

346KB
MD5

0c1cc531f2a4b78db2750958803fdee0
SHA1

6fe5a3915472f5decd53cd64d4e3c040bf39846e
SHA256

7c20e5d2baa4920e4aa5279f90bde69352e680f9369155eb35867ae8bf96ec98
SHA512

3dc03b233496272f313a3b122db8533ea1b1d47c69e6cdc50bef6a6bafcb9604271712947ffa4d4c2c933a3f58fe18d1b44b357e945aed294daad647b559d900
SSDEEP

6144:ffwfxL8UNEjsra6OFo7OUpSMZo66N2goL8N8Jm3fr5F8AUi:ffwGUI7W7OUpSMZH5gN8Jmvr5eri

Score

N/A

Malware Config

Signatures

Files

7c20e5d2baa4920e4aa5279f90bde69352e680f9369155eb35867ae8bf96ec98
.exe windows x86

da3309ab36b34de53416efe39f9181d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionW
InternetWriteFile
HttpAddRequestHeadersW
InternetCloseHandle
HttpOpenRequestW
HttpAddRequestHeadersA
HttpEndRequestW
InternetConnectW
HttpSendRequestExW
InternetOpenW

psapi

GetModuleFileNameExW

kernel32

InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
GetLastError
HeapSize
DecodePointer
DeleteCriticalSection
GetTempPathW
MultiByteToWideChar
MapViewOfFile
UnmapViewOfFile
SystemTimeToTzSpecificLocalTime
CreateDirectoryW
GetTickCount
VirtualQueryEx
GetProcessTimes
OpenProcess
WideCharToMultiByte
ReadProcessMemory
FileTimeToSystemTime
CreateFileW
GetLocalTime
CreateFileMappingW
OutputDebugStringA
CloseHandle
DeleteFileW
FindResourceExW
FindResourceW
LoadResource
GetCurrentProcess
SizeofResource
LeaveCriticalSection
FlushInstructionCache
SetLastError
EnterCriticalSection
LockResource
GetCurrentThreadId
GetFileSize
ReadFile
GetCommandLineW
FreeLibrary
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
TerminateProcess
GetModuleFileNameW
GetProcAddress
lstrcmpiW
GetEnvironmentVariableW
GetThreadContext
OutputDebugStringW
GetCurrentThread
LoadLibraryW
GetFileAttributesW
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
GetVersionExA
SuspendThread
ResumeThread
SetFilePointer
SystemTimeToFileTime
SetFileTime
GetProcessHeap
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetFileInformationByHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
WriteFile
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
IsDebuggerPresent
HeapReAlloc
HeapAlloc
HeapFree

user32

SetWindowTextW
MapWindowPoints
SendMessageW
MessageBeep
UnregisterClassW
GetMonitorInfoW
GetWindow
GetDesktopWindow
wsprintfW
GetMessageW
CharNextW
CharLowerBuffW
TranslateMessage
IsDialogMessageW
PeekMessageW
CreateDialogParamW
DefWindowProcW
DispatchMessageW
DestroyWindow
GetWindowRect
PostQuitMessage
GetSystemMetrics
DialogBoxParamW
GetParent
GetClientRect
GetWindowLongW
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
SetWindowPos
CheckDlgButton
ShowWindow
IsDlgButtonChecked
GetActiveWindow
LoadImageW

advapi32

RegDeleteValueW
SetSecurityDescriptorDacl
GetUserNameA
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegCreateKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeSecurityDescriptor

shell32

CommandLineToArgvW
ShellExecuteW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
SysAllocString
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp

shlwapi

PathFileExistsW
PathFindFileNameW
PathRemoveExtensionW

comctl32

InitCommonControlsEx

dbghelp

MiniDumpWriteDump

msvcp120

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

msvcr120

swprintf_s
_wfsopen
vswprintf_s
fwrite
wcscpy_s
fclose
memmove_s
_vscwprintf
wmemcpy_s
_recalloc
memcpy_s
vsprintf_s
_wcsicmp
wcsncpy_s
malloc
wcsstr
_wtol
_vsnprintf_s
_localtime64_s
_ultoa_s
strcpy_s
_strdup
wcscat_s
strcat_s
strncpy_s
calloc
wcsncpy
strncpy
rand
srand
memset
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
_except_handler4_common
__CxxFrameHandler3
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_CxxThrowException
memcpy
??3@YAXPAX@Z
memmove
free
??_V@YAXPAX@Z
_purecall
_hypot
??2@YAPAXI@Z

vvmid

pick_hex

version

GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da3309ab36b34de53416efe39f9181d2

Headers

DLL Characteristics

File Characteristics

Imports

wininet

psapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

dbghelp

msvcp120

msvcr120

vvmid

version

Sections

.text Size: 143KB - Virtual size: 142KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 149KB - Virtual size: 152KB

.text
Size: 143KB - Virtual size: 142KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 149KB - Virtual size: 152KB