7777c1b24808637d913dcb016cb1aa9844dcfe6a3f608ea5b5f5d527280e6191

Sharing

Copy URL Twitter E-mail

General

Target

7777c1b24808637d913dcb016cb1aa9844dcfe6a3f608ea5b5f5d527280e6191
Size

244KB
MD5

9e36659576e8fbf250fa02f3c28ba5e9
SHA1

46bac073157bdc3fea399a3e64bcef0a2d5afb8b
SHA256

7777c1b24808637d913dcb016cb1aa9844dcfe6a3f608ea5b5f5d527280e6191
SHA512

fddaa4d292a7d1864f09e88d82473ec111aa686adfeb2881f7783b5dbfd1cdea3b3c900c9d76360867cdf5e0c8a96fec864f3d563fd80a928302bf6b753f3d91
SSDEEP

6144:5FxGnnKmtoDSNSCUOtTvGgKLeaQgCrP+:5vGnoqSCUJej

Score

N/A

Malware Config

Signatures

Files

7777c1b24808637d913dcb016cb1aa9844dcfe6a3f608ea5b5f5d527280e6191
.dll windows x86

81601b52ecc662811976e841bfb2f620

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90u

ord6822
ord5734
ord5737
ord265
ord5559
ord441
ord5939
ord2479
ord6687
ord4519
ord690
ord2537
ord266
ord5778
ord909
ord1248
ord1250
ord1254
ord813
ord286
ord1239
ord391
ord799
ord1152
ord1137
ord1603
ord6811
ord1243
ord5767
ord3589
ord296
ord3558
ord1556
ord5383
ord1298
ord4490
ord811
ord1314
ord1313
ord2676
ord4324
ord280
ord1329
ord3185
ord600
ord801

msvcr90

__dllonexit
_CxxThrowException
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
wcslen
memcpy_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
free
wcsncpy_s
wcscpy_s
malloc
calloc
_recalloc
_strlwr_s
strncmp
_ultoa_s
wcsnlen
_wcslwr_s
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
memset
_wtol
_unlock
__CxxFrameHandler3
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt

kernel32

LoadLibraryA
lstrlenA
HeapFree
GetProcAddress
GetTempFileNameW
DeleteFileW
GetProcessHeap
WideCharToMultiByte
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetLastError
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
InterlockedDecrement

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleRun

oleaut32

VariantCopy
VariantInit
SysStringLen
SysAllocString
SysFreeString
GetErrorInfo
VariantClear

msvcp90

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

??0CLiveSearch@@QAE@XZ
??1CLiveSearch@@QAE@XZ
??4CLiveSearch@@QAEAAV0@ABV0@@Z
?Search@CLiveSearch@@QAE?AW4HVS_RET_VAL@@UONLINE_SEARCH_ATTRIBUTES@@AAV?$vector@UONLINE_RESULT_SET@@V?$allocator@UONLINE_RESULT_SET@@@std@@@std@@@Z

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81601b52ecc662811976e841bfb2f620

Headers

File Characteristics

Imports

mfc90u

msvcr90

kernel32

advapi32

ole32

oleaut32

msvcp90

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 101KB - Virtual size: 101KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 96KB - Virtual size: 96KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 101KB - Virtual size: 101KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 4KB - Virtual size: 4KB