fba65f00ac664a971613d7161849514af732a6af63c3863b80824987f8a6d36f

Sharing

Copy URL Twitter E-mail

General

Target

fba65f00ac664a971613d7161849514af732a6af63c3863b80824987f8a6d36f
Size

240KB
MD5

83b02cd67b90312ac387b4a8749222f0
SHA1

021c14563894c5031c58af9dd893ffe2d8a87372
SHA256

fba65f00ac664a971613d7161849514af732a6af63c3863b80824987f8a6d36f
SHA512

2d75d5ed022022ab00189a61b7f79a5b92a8f11709b039773d0da03e1d985c81dbd454ed9cea3f7e380417684c0d0e32c34f823f0d8fa080a004d6749d47c914
SSDEEP

6144:OZrKDpA2Pm/C5ThZQ/6Evd1vkt8W0k5ry/vQ9u26D9DYQxdp:OZrKDK2Pm/QhZQ/6IH8t8+lMoQ24mGdp

Score

N/A

Malware Config

Signatures

Files

fba65f00ac664a971613d7161849514af732a6af63c3863b80824987f8a6d36f
.exe windows x86

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
calloc
memcmp
memcpy
_beginthreadex
_strupr
wcscpy
atoi
wcstombs
wcslen
mbstowcs
strncat
vsprintf
__setusermatherr
fopen
fwrite
fclose
strrchr
malloc
_ftol
memmove
strcmp
__CxxFrameHandler
_CxxThrowException
strcpy
_except_handler3
rand
_access
??2@YAPAXI@Z
??3@YAXPAX@Z
strcat
free
strlen
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
exit
memset

kernel32

FreeLibrary
LocalAlloc
InterlockedExchange
WideCharToMultiByte
LocalFree
GetLastError
GetStartupInfoA
GetModuleHandleA
lstrlenA
MultiByteToWideChar
RaiseException
InterlockedDecrement
MoveFileA
GetFileSize
VirtualAlloc
ReadFile
CloseHandle
FindFirstFileA
WriteFile
FindClose
Sleep
LoadLibraryA
GetProcAddress

user32

IsWindow
SendMessageA
CreateWindowExA

advapi32

RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

ole32

CLSIDFromProgID
CLSIDFromString
OleRun
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

msvfw32

ICSendMessage

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64dff3be869487be7c0b887cf8dfc8ee

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

msvcp60

ole32

oleaut32

msvfw32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 32KB - Virtual size: 55KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 32KB - Virtual size: 55KB

.rsrc
Size: 56KB - Virtual size: 56KB