81d98aa9ee5c57c4663b17568c1004cebdafbb4ab4acf37ed187b296f13bb76f

Sharing

Copy URL Twitter E-mail

General

Target

81d98aa9ee5c57c4663b17568c1004cebdafbb4ab4acf37ed187b296f13bb76f
Size

546KB
MD5

002c02c1456a01c7dc462ca0592fce40
SHA1

f45fc3ae71b3b18635640e896091641aa59ea231
SHA256

81d98aa9ee5c57c4663b17568c1004cebdafbb4ab4acf37ed187b296f13bb76f
SHA512

976e490134684fb18548471a118ed1c8c80b7bce8b7894335c127f5968d3e577acbfb033c9967ad3d9baa74311b23632d0a969e4f5a902d3ce399afad3fdb4d7
SSDEEP

12288:rb2ZFZbRffgo+Lc9QbE04DluxX41VY2Ttp8rjpb0inxi6/xI//vT:/2ZXbNfgNk+EtxUL90inxi6/xI//vT

Score

N/A

Malware Config

Signatures

Files

81d98aa9ee5c57c4663b17568c1004cebdafbb4ab4acf37ed187b296f13bb76f
.exe windows x86

8bb8a814bdb691c042fb9cfe6f683d26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
FreeLibrary
lstrcatA
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
Sleep
GetProcAddress
LoadLibraryExA
lstrlenA
lstrcpynA
GetShortPathNameA
GetFileAttributesA
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
LocalAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LeaveCriticalSection
EnterCriticalSection

user32

CharUpperBuffA
GetDesktopWindow
LoadStringA
PostMessageA
wsprintfA
LoadCursorA
RegisterClassExA
SetWindowLongA
PostQuitMessage
GetWindowLongA
DefWindowProcA
CreateWindowExA
UpdateWindow
ShowWindow

ole32

CoUninitialize

msvcp71

?_Nomemory@std@@YAXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

ccl40

ord324
ord1450
ord1455
ord1452
ord1907
ord1908
ord1914
ord1915
ord1923
ord573
ord576
ord585
ord574
ord1909
ord1564
ord1569
ord1586
ord1566
ord1920
ord1284
ord1754
ord1757
ord1761
ord1804
ord1755
ord1286
ord1295
ord1297
ord1299
ord1289
ord1301
ord1298
ord1303
ord1242
ord1239
ord140
ord158
ord139
ord157
ord529
ord1092
ord128
ord1166
ord143
ord160
ord142
ord936
ord939
ord1230
ord1234
ord1418
ord1233
ord1422
ord1419
ord1232
ord938
ord144
ord1167
ord1093
ord1689
ord493
ord1691
ord1178
ord1176
ord1174
ord145

msvcr71

_XcptFilter
__CxxFrameHandler
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_mbsicmp
_mbschr
memmove
_purecall
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
__p___argc
__p___argv
malloc
free
_except_handler3
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
??3@YAXPAX@Z
_exit
_c_exit
_onexit
__dllonexit
__security_error_handler
??1type_info@@UAE@XZ
memset
_callnewh
vsprintf
_vscprintf
_mbsinc

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 500KB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bb8a814bdb691c042fb9cfe6f683d26

Headers

File Characteristics

Imports

comctl32

kernel32

user32

ole32

msvcp71

ccl40

msvcr71

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 936B

.rsrc Size: 7KB - Virtual size: 6KB

.vmp0 Size: 500KB - Virtual size: 1.6MB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 936B

.rsrc
Size: 7KB - Virtual size: 6KB

.vmp0
Size: 500KB - Virtual size: 1.6MB