4b03318f9bb52177f409c6e4c7fe5d5ab6477cdc9c2d248a832348d9c40e1a87

Sharing

Copy URL Twitter E-mail

General

Target

4b03318f9bb52177f409c6e4c7fe5d5ab6477cdc9c2d248a832348d9c40e1a87
Size

252KB
MD5

a389f93992be7d215f1f4aec2a0783f8
SHA1

8485f0944f27b2e7aeeab4f668a293b654f4768d
SHA256

4b03318f9bb52177f409c6e4c7fe5d5ab6477cdc9c2d248a832348d9c40e1a87
SHA512

a7c1b1a80ae4a1f9213b95860f1ad6e9755c7845b8ed4318b8bd258c27ac9768f9588f4e8a74842cc280b2e113fadd162740f85126590ecb2fe5d50898ef259f
SSDEEP

6144:fjgfV/Rgo4wA/tvFqQErLNZT9/EQlEQcMr/aBM59Pg/MNA:TojA/tvFRGE2cC59I/MNA

Score

N/A

Malware Config

Signatures

Files

4b03318f9bb52177f409c6e4c7fe5d5ab6477cdc9c2d248a832348d9c40e1a87
.exe windows x86

91e0465fd55ceee797135aa22f97f8d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wmvcore

WMCreateProfileManager
WMCreateWriter

kernel32

LeaveCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
DeleteCriticalSection
lstrlenW
lstrcpyA
GetModuleHandleA
WideCharToMultiByte
GetLastError
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
RaiseException
EnterCriticalSection
GetCommandLineA
Sleep
CreateThread
CreateEventA
CloseHandle
WaitForSingleObject
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcatA
GetCurrentThreadId
SetEvent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetStartupInfoA
ExitProcess
GetSystemTimeAsFileTime

user32

CharNextA
PostThreadMessageA
GetMessageA
CharUpperA
DispatchMessageA
TranslateMessage

advapi32

RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA

shell32

SHGetFileInfoA

ole32

CoUninitialize
CoInitialize
CoRegisterClassObject
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoRevokeClassObject

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
SysStringLen
LoadRegTypeLi
SysFreeString
VarUI4FromStr
VariantChangeType
VariantClear
LoadTypeLi
VariantInit
SafeArrayGetLBound

shlwapi

PathFindExtensionA

msvcp71

?_Nomemory@std@@YAXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
__security_error_handler
_acmdln
wcsncpy
realloc
free
malloc
_mbschr
memmove
_resetstkoflw
_wcsicmp
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_except_handler3
_purecall
wcslen
_CxxThrowException
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_callnewh
__CxxFrameHandler
??3@YAXPAX@Z
wcscpy
memcmp
memset
memcpy
??_V@YAXPAX@Z

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

91e0465fd55ceee797135aa22f97f8d5

Headers

File Characteristics

Imports

wmvcore

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcp71

msvcr71

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text Size: 148KB - Virtual size: 148KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 148KB - Virtual size: 148KB