12efa7a11dcbc9cc1450b13e2637b6263f9425152b320ffcb652fe0526fce62b

Sharing

Copy URL Twitter E-mail

General

Target

12efa7a11dcbc9cc1450b13e2637b6263f9425152b320ffcb652fe0526fce62b
Size

146KB
MD5

003f4d32facefcdc9890bdfd798b5670
SHA1

e9849d2473c7cf0edc74537909c12f88b678f1e3
SHA256

12efa7a11dcbc9cc1450b13e2637b6263f9425152b320ffcb652fe0526fce62b
SHA512

bc74a6d9b84a5996eb12d394170388bbbced901e069fc35495bcbdf5f5de7ba7035c47c950580262c76e22cef2391f2dfdeec3f3f945fc5af2ca636b3f39c375
SSDEEP

3072:76XGxgvXgaAXMcHmArvo9p0mAFhyFqiO1twcbNcfxGstQMdr0VUfBU2uOaXyrC2D:mNgaAXMcHmArvo9p0mAFhyF9OvDbNGpQ

Score

N/A

Malware Config

Signatures

Files

12efa7a11dcbc9cc1450b13e2637b6263f9425152b320ffcb652fe0526fce62b
.exe windows x86

9fa835b5b4ea4c7b121b9b97d8f064f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp90

??0?$allocator@D@std@@QAE@XZ
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?max_size@?$allocator@D@std@@QBEIXZ
??0?$allocator@_W@std@@QAE@XZ
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z

msvcr90

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??3@YAXPAX@Z
strcpy_s
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memset
memcpy
__CxxFrameHandler3
??1exception@std@@UAE@XZ
??_V@YAXPAX@Z
_invalid_parameter_noinfo
__CxxUnregisterExceptionObject
__CxxDetectRethrow
_CxxThrowException
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
??0exception@std@@QAE@XZ
memmove_s
__FrameUnwindFilter
_encoded_null

kernel32

GetStartupInfoA
GetProcAddress
LoadLibraryW
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringA

msvcm90

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fa835b5b4ea4c7b121b9b97d8f064f3

Headers

DLL Characteristics

File Characteristics

Imports

msvcp90

msvcr90

kernel32

msvcm90

mscoree

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 83KB - Virtual size: 83KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 83KB - Virtual size: 83KB

.reloc
Size: 2KB - Virtual size: 1KB