4f7306da69fb3bcbc380a52b4b8247d7392064e872035b7f2d086edae097a31b

Sharing

Copy URL Twitter E-mail

General

Target

4f7306da69fb3bcbc380a52b4b8247d7392064e872035b7f2d086edae097a31b
Size

540KB
MD5

a15c8bca241a0871cfd7906f203c2f63
SHA1

d950e4b5aab02d0fdeb69ff7f79fc932a9fc7cbe
SHA256

4f7306da69fb3bcbc380a52b4b8247d7392064e872035b7f2d086edae097a31b
SHA512

a6c4705c5efde1c6e3cd4c7e6a30da0c9927b944f5c8723fbc0d236a4a8a0a962c5ea0e1e6d8a58695d3279165f78562f2e732e51b877daadf5491a91824442d
SSDEEP

6144:LhXzqqchSskjbej6kQu+ZiHDluBQxenOqOMD5H1ob0gJrz1Jk3/Ts:WdkjCODu+ZiHwBQxeQUCb0gNE3Ls

Score

N/A

Malware Config

Signatures

Files

4f7306da69fb3bcbc380a52b4b8247d7392064e872035b7f2d086edae097a31b
.exe windows x86

1119acfd19a447609f7ed59eb7f95303

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetDeviceDriverFileNameW
GetDeviceDriverBaseNameW
EnumDeviceDrivers
EnumProcesses

mfc80u

ord1176
ord1178
ord774
ord709
ord501
ord1479
ord2895
ord282
ord265
ord266
ord1079
ord4119
ord1894
ord1058
ord1785
ord6063
ord3249
ord5327
ord261
ord6293
ord1172
ord5316
ord6282
ord776
ord5869
ord2461
ord3677
ord4535
ord566
ord3327
ord4255
ord4475
ord2832
ord5562
ord5209
ord5226
ord4562
ord3942
ord2239
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord5096
ord1007
ord3800
ord5579
ord2009
ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord757
ord2340
ord3157
ord3155
ord1946
ord3238
ord2085
ord4094
ord741
ord5210
ord4234
ord1393
ord5911
ord6721
ord1582
ord2086
ord1571
ord651
ord1921
ord1960
ord5803
ord572
ord3311
ord2985
ord3756
ord6115
ord287
ord5524
ord2364
ord416
ord1272
ord2877
ord4074
ord4098
ord899
ord3990
ord894
ord860
ord2155
ord778
ord4314
ord5727
ord4574
ord5640
ord330
ord356
ord355
ord1270
ord5633
ord760
ord3331
ord602
ord5723
ord6033
ord5638
ord326
ord2361
ord347
ord758
ord567
ord3678
ord4347
ord6061
ord6086
ord3281
ord3296
ord2366
ord1920
ord2225
ord5609
ord2648
ord1416
ord3995
ord4117
ord5637
ord502
ord5636
ord3417
ord2362
ord3158
ord4226
ord1536
ord2077
ord587
ord762
ord629
ord5083
ord384
ord6013
ord3280
ord3570
ord4101
ord2261
ord4109
ord5705
ord4078
ord4755
ord6116
ord2788
ord3224
ord2952
ord4232
ord2083
ord658
ord5763
ord5867
ord3645
ord3208
ord4230
ord1549
ord1628
ord2081
ord642
ord6058
ord3174
ord5715
ord5917
ord5397
ord5410
ord5584
ord5519
ord5643
ord5884
ord6053
ord4155
ord6050
ord1198
ord6056
ord5607
ord2521
ord715
ord3286
ord1572
ord1634
ord2066
ord3395
ord3133
ord736
ord3306
ord1579
ord1637
ord3983
ord6219
ord2255
ord2074
ord2867
ord5865
ord2713
ord5972
ord5829
ord3946
ord2651
ord5178
ord4206
ord4729
ord4884
ord2011
ord1662
ord1661
ord6720
ord5908
ord1611
ord1608
ord3940
ord1392
ord4238
ord5148
ord1899
ord5067
ord6271
ord4179
ord5199
ord3397
ord4716
ord4276
ord1591
ord5956
ord5231
ord5229
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord2531
ord2725
ord2829
ord4301
ord2708
ord2856
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4480
ord4256
ord3176
ord354
ord605
ord1542
ord1271
ord3198
ord1925
ord2311
ord1118
ord3204
ord3635
ord5558
ord900
ord896
ord6700
ord290
ord870
ord1472
ord293
ord283
ord280
ord577
ord2460
ord5398
ord777
ord764
ord589
ord5604

msvcr80

_swprintf
memcpy_s
_invalid_parameter_noinfo
memset
_wcsicmp
vswprintf_s
wcsncat
swscanf
_wcsnicmp
wcsncpy
_beginthread
_purecall
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??0exception@std@@QAE@XZ
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
sprintf_s
calloc
free
wcsncat_s
swprintf_s
memmove_s
_wtoi
memcpy

kernel32

GetTickCount
DeviceIoControl
GetProcAddress
LoadLibraryW
GetVersionExW
GetLastError
CloseHandle
OpenMutexW
GetVersion
CreateMutexW
FileTimeToSystemTime
GetProcessTimes
OpenProcess
TerminateProcess
SetPriorityClass
QueryDosDeviceW
GetModuleHandleW
DuplicateHandle
GetCurrentProcess
GetCurrentProcessId
TerminateThread
WaitForSingleObject
VirtualFree
VirtualAlloc
LoadLibraryA
GetFileAttributesW
WideCharToMultiByte
lstrlenW
lstrcpynW
GetPriorityClass
Module32FirstW
CreateToolhelp32Snapshot
LocalFree
LocalAlloc
Module32NextW
ReleaseMutex
CreateMutexA
CreateFileW
SetLastError
GetCurrentDirectoryW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
FreeLibrary
IsDebuggerPresent
UnhandledExceptionFilter

user32

GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IntersectRect
ScreenToClient
UpdateWindow
IsRectEmpty
SystemParametersInfoW
RegisterWindowMessageW
PostMessageW
SetCapture
GetFocus
ReleaseCapture
LoadBitmapW
DrawFrameControl
GetWindowLongW
ClientToScreen
GetDlgItem
InflateRect
SetRectEmpty
LoadImageW
GetDesktopWindow
GetSysColor
LoadCursorW
SetCursor
CopyRect
GetAsyncKeyState
SetCursorPos
SetLayeredWindowAttributes
GetParent
GetTopWindow
RedrawWindow
IsWindowVisible
GetDC
SetWindowRgn
FrameRect
GetWindow
GetCursorPos
GetWindowRect
FillRect
PtInRect
GetClassNameW
IsChild
EnumWindows
GetWindowThreadProcessId
GetWindowTextW
GetSystemMetrics
SetTimer
IsIconic
DrawIcon
IsWindow
LoadIconW
InvalidateRect
GetClientRect
EnableWindow
SendMessageW

gdi32

CreateCompatibleDC
SelectObject
SetBitmapDimensionEx
FloodFill
RoundRect
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateFontIndirectW
GetBitmapBits
SetBitmapBits
CreatePalette
GetDIBits
StretchDIBits
GetObjectW
GetCurrentObject
FrameRgn
FillRgn
CreateDCW
CombineRgn
CreatePolygonRgn
CreateEllipticRgn
CreateRectRgn
GetTextExtentPoint32W
SetPixel
GetPixel
StretchBlt
BitBlt
CreateCompatibleBitmap
GetBitmapDimensionEx
SetDIBitsToDevice
RealizePalette
GetStockObject
CreateSolidBrush
CreateFontW

msimg32

TransparentBlt

advapi32

DeleteService
ControlService
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerW
StartServiceW
CreateServiceW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenServiceW

shell32

SHGetFileInfoW
ShellExecuteW

oleaut32

SysFreeString

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??Bios_base@std@@QBEPAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??7ios_base@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?width@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QBEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1119acfd19a447609f7ed59eb7f95303

Headers

File Characteristics

Imports

version

psapi

mfc80u

msvcr80

kernel32

user32

gdi32

msimg32

advapi32

shell32

oleaut32

msvcp80

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 152KB - Virtual size: 149KB

.nrdata Size: 80KB - Virtual size: 80KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 152KB - Virtual size: 149KB

.nrdata
Size: 80KB - Virtual size: 80KB