203c09c01f3ccb37e8b3eae41acbffe4de4877b137f2c910aab7e70c9e986b59

Sharing

Copy URL Twitter E-mail

General

Target

203c09c01f3ccb37e8b3eae41acbffe4de4877b137f2c910aab7e70c9e986b59
Size

32KB
MD5

0b55c1ae945969dbe169a8df8f0af670
SHA1

a7a97ca91c48c9e79cde55c240d280ee71d888ba
SHA256

203c09c01f3ccb37e8b3eae41acbffe4de4877b137f2c910aab7e70c9e986b59
SHA512

05883efc60bf9f091ca8da8894c0b07449b901838d62d82a849da485e6561ac33be10f5cc66750bc0be6920c9b4b3ed49d7a3e75db58d84fa7430010093bc953
SSDEEP

768:BGipaQppLMbkHOFnZygyKJTqjYzwoX9doyo:BR8cOFFqEwodo

Score

N/A

Malware Config

Signatures

Files

203c09c01f3ccb37e8b3eae41acbffe4de4877b137f2c910aab7e70c9e986b59
.exe windows x86

10f43da1bcd761329a72db4191941f3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
SetUnhandledExceptionFilter
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
Sleep
FindResourceExW
FindResourceW
CreateMutexW
SizeofResource
LockResource
LoadResource
WaitForSingleObject
CloseHandle
GetCurrentProcess
FindFirstFileW
lstrcpynW
FindClose
FindNextFileW
IsDebuggerPresent
DeleteFileW
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

UnregisterClassA

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyW

shell32

SHGetSpecialFolderPathW

msvcr80

__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_amsg_exit
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
memcpy_s
free
wcsncpy
wcsncpy_s
_encode_pointer
wcsncat_s
memmove_s
_vsnwprintf_s
??3@YAXPAX@Z
memset
__CxxFrameHandler3
_CxxThrowException

msvcp80

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

shlwapi

StrStrIW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f43da1bcd761329a72db4191941f3b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcr80

msvcp80

shlwapi

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 20KB