a671cfa70e95ba668c9906bf87c4027c8e14ed370ae35a21218f94468a768a6f

Sharing

Copy URL Twitter E-mail

General

Target

a671cfa70e95ba668c9906bf87c4027c8e14ed370ae35a21218f94468a768a6f
Size

328KB
MD5

93249dfe952df78dcecde6647e2c1e50
SHA1

797b5fd47510b11d1f889b0b3aa7372d32827f4a
SHA256

a671cfa70e95ba668c9906bf87c4027c8e14ed370ae35a21218f94468a768a6f
SHA512

1e319834573ca9b0c46453c51d40653ac4ab7d6fb34d4b977056ae78081750a7aa7abfc24f1deaeb00af11d49739822123756df58515a1965d4039a5424e9a2d
SSDEEP

3072:Uxl5zgd7vHtoVeJ74ORycOObsU5XFTpOBJ5FZmL+1BYXvKy09W8xTj7UQbEQH3n1:USPf4OgopiZ2G9ZMQbNiVa6ZAfjRX

Score

N/A

Malware Config

Signatures

Files

a671cfa70e95ba668c9906bf87c4027c8e14ed370ae35a21218f94468a768a6f
.exe windows x86

f92f1f0c87b0a019cfee351f588f23a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

locmgr

?LoadMenuA@CLocaleManager@@QBEPAUHMENU__@@GPBD@Z
?LoadStringA@CLocaleManager@@QBEHIPADHPBD@Z
?GetModuleHandleA@CLocaleManager@@QBEPAUHINSTANCE__@@PBD@Z
??1CLocaleManager@@QAE@XZ
??0CLocaleManager@@QAE@PBD0_NPAUHINSTANCE__@@K@Z

pvgds

??0CHorizSplitterGroup@@QAE@PAUHWND__@@W4FrameType@CPvSplitterGroup@@_N@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDKI1@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBD1I1@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDI1@Z
?IsKeyPressed@CPvUtils@@SA_NH@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDJI1@Z
?ShowInfoEx@CPvUtils@@SAHPAUHWND__@@PBDIPA_N1@Z
?RegisterComponent@CPvUtils@@SAKPBDAAJ@Z
?CreateSplitter@CHorizSplitterGroup@@UAEPAVCPvSplitter@@PAUHWND__@@H@Z
?CreateSplitter@CHorizSplitterGroup@@UAEPAVCPvSplitter@@PAVCWindow@ATL@@H@Z
?MakeEqual@CHorizSplitterGroup@@UAEXXZ
?SetClientRect@CHorizSplitterGroup@@UAEXPBUtagRECT@@@Z
?GetDragRect@CHorizSplitterGroup@@MBEXPAVCPvSplitter@@AAUtagRECT@@@Z
?GetAverageWH@CHorizSplitterGroup@@MBEHXZ
??1CHorizSplitterGroup@@UAE@XZ
??1CVertSplitterGroup@@UAE@XZ
?CreateSplitter@CVertSplitterGroup@@UAEPAVCPvSplitter@@PAUHWND__@@H@Z
?CreateSplitter@CVertSplitterGroup@@UAEPAVCPvSplitter@@PAVCWindow@ATL@@H@Z
?MakeEqual@CVertSplitterGroup@@UAEXXZ
?SetClientRect@CVertSplitterGroup@@UAEXPBUtagRECT@@@Z
?GetDragRect@CVertSplitterGroup@@MBEXPAVCPvSplitter@@AAUtagRECT@@@Z
?GetAverageWH@CVertSplitterGroup@@MBEHXZ
?RemoveSplitter@CPvSplitterGroup@@QAEXPAVCPvSplitter@@@Z
?RTrim@CPvUtils@@SAPBDPAD@Z
?CreateProcessA@CPvUtils@@SAHPBDPADPAU_PROCESS_INFORMATION@@PAK@Z
?IsNT@CPvUtils@@SA_NPAH@Z
??0CPvWaitCursor@@QAE@XZ
??1CPvWaitCursor@@QAE@XZ
?LTrim@CPvUtils@@SAPBDPAD@Z
?GetPathByCLSID@CPvUtils@@SA_NABU_GUID@@PBDH_N@Z
?UnRegisterComponent@CPvUtils@@SAKPBDAAJ@Z
??0CVertSplitterGroup@@QAE@PAUHWND__@@W4FrameType@CPvSplitterGroup@@_N@Z

pscl

??1EPSException@@UAE@XZ
?substring@CPSString@@QBE?AV1@HH@Z
??0EPSException@@QAE@ABVCPSString@@@Z
?lastIndexOf@CPSString@@QBEHGH_N@Z
??0CPSString@@QAE@PBGHH@Z
??1CPSRWByteBuffer@@UAE@XZ
??0EPSResultException@@QAE@J@Z
?getBundle@CPSAbstractResourceBundle@@CA?AV?$CPSSmartPtr@VCPSResourceBundle@@@@ABVCPSString@@PAVCPSLocale@@@Z
??0CPSObject@@QAE@ABV0@@Z
??0CPSComObject@@QAE@ABV0@@Z
??0CPSString@@QAE@PBDHPBGH@Z
??0CPSString@@QAE@XZ
??0CPSFilePath@@QAE@ABVCPSString@@@Z
?getDrive@CPSFilePath@@QBE?AVCPSString@@XZ
?replace@CPSString@@QAEAAV1@HHPBGHH@Z
??1CPSString@@UAE@XZ
??0CPSRWByteBuffer@@QAE@XZ
?getBytes@CPSString@@QBEXPAUIPSByteBuffer@@PBG@Z
??1CPSFilePath@@UAE@XZ
?QueryInterface@CPSAbstractByteBuffer@@UAGJABU_GUID@@PAPAX@Z
?AddRef@CPSAbstractByteBuffer@@UBGKXZ
?Release@CPSAbstractByteBuffer@@UBGKXZ
?clone@CPSObject@@UBEPAV1@XZ
??0EPSResultException@@QAE@ABV0@@Z
?equals@CPSObject@@UBE_NABV1@@Z
?getClass@CPSObject@@UBEPBVCPSClass@@XZ
?hashCode@CPSObject@@UBEKXZ
?toString@CPSObject@@UBE?AVCPSString@@XZ
?getLength@CPSRWByteBuffer@@UBEHXZ
?getData@CPSRWByteBuffer@@UBEPBDXZ
?getReadLock@CPSRWByteBuffer@@UBEPBDXZ
?releaseReadLock@CPSRWByteBuffer@@UBEXXZ
?isWritable@CPSRWByteBuffer@@UBE_NXZ
?getWriteLock@CPSRWByteBuffer@@UAEPADH@Z
?ensureCapacity@CPSRWByteBuffer@@UAEPADH@Z
?releaseWriteLock@CPSRWByteBuffer@@UAEXH@Z
?freeExtra@CPSRWByteBuffer@@UAEXXZ
??0EPSException@@QAE@ABV0@@Z
??1EPSResultException@@UAE@XZ
?compareTo@CPSObject@@UBEHABV1@@Z

pscore

_PSRegistryGetValue@24

kernel32

CloseHandle
GetCommandLineA
HeapDestroy
DeleteCriticalSection
GetProcAddress
LoadLibraryA
CreateEventA
InitializeCriticalSection
WaitForSingleObject
ReadFile
GetFileSize
LocalFree
CreateFileA
GetStartupInfoA
GetVersionExA
lstrlenA
InterlockedIncrement
lstrcatA
Sleep
lstrcmpiA
LoadLibraryExA
IsDBCSLeadByte
FindResourceA
LoadResource
GetLastError
FreeLibrary
GetModuleFileNameA
SizeofResource
GetShortPathNameA
MultiByteToWideChar
GetModuleHandleA
FlushInstructionCache
GetCurrentProcess
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
lstrcpynW
lstrcpynA
IsBadWritePtr
SetEvent
InterlockedDecrement
GetCurrentProcessId
WideCharToMultiByte
lstrcmpA
lstrcpyA
lstrlenW

user32

GetClassNameA
GetSysColorBrush
RemoveMenu
LoadBitmapA
LoadIconA
RedrawWindow
SetMenuItemInfoA
SetCapture
SetRect
InvertRect
DrawIcon
GetCursorPos
DispatchMessageA
GetWindowRect
GetMessageA
MessageBoxA
PostThreadMessageA
SetCursor
GetMenuStringA
SetMenuDefaultItem
InsertMenuA
GetMenuItemID
LoadAcceleratorsA
LoadMenuA
LoadImageA
EndPaint
DrawIconEx
BeginPaint
AppendMenuA
ModifyMenuA
EnableMenuItem
EnableWindow
WinHelpA
DestroyMenu
ReleaseDC
GetWindowDC
DeleteMenu
CreatePopupMenu
CheckRadioButton
IsDlgButtonChecked
OffsetRect
DrawTextA
SetWindowsHookExA
UnhookWindowsHookEx
FillRect
IsWindowEnabled
GetFocus
MessageBeep
GetActiveWindow
GetWindowThreadProcessId
GetKeyState
GetMessagePos
WindowFromPoint
ScreenToClient
GetSubMenu
TranslateAcceleratorA
PostMessageA
EndDialog
DialogBoxParamA
GetWindowPlacement
SystemParametersInfoA
CopyRect
IsRectEmpty
IsMenu
GetMenuItemCount
SetWindowPos
ClientToScreen
TrackPopupMenuEx
GetMenuItemInfoA
InvalidateRect
UpdateWindow
SetMenu
PeekMessageA
PtInRect
CallNextHookEx
GetSystemMetrics
GetDlgItem
DrawEdge
IsWindowVisible
SetFocus
PostQuitMessage
LoadStringW
RegisterWindowMessageA
SetRectEmpty
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetWindowLongA
SetWindowLongA
CreateWindowExA
CallWindowProcA
DestroyWindow
GetSysColor
InflateRect
CharLowerA
CharNextA
GetParent
TrackPopupMenu
GetMenuState
KillTimer
IsWindow
GetClientRect
MoveWindow
ShowWindow
SendMessageA
LoadStringA
DefWindowProcA
TranslateMessage
SetWindowTextA
ReleaseCapture

gdi32

DeleteDC
SetBkColor
SetBrushOrgEx
CreateCompatibleDC
CreatePatternBrush
SetTextColor
CreateBitmap
SetBkMode
GetObjectA
CreateFontIndirectA
DeleteObject
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateSolidBrush
CreateDIBSection
GetTextExtentPoint32A
RealizePalette
SelectPalette
PatBlt
SelectObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegDeleteValueA

shell32

DoEnvironmentSubstA

ole32

CoUninitialize
CoRegisterClassObject
CoResumeClassObjects
CoRevokeClassObject
CoInitialize
StringFromCLSID
CLSIDFromString
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocStringLen
RegisterTypeLi
LoadTypeLi
SysStringLen
VarUI4FromStr
SysFreeString
SysAllocString
VariantClear
LoadRegTypeLi

msvcp60

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JW4seekdir@ios_base@2@H@Z
?underflow@strstreambuf@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?overflow@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?pbackfail@strstreambuf@std@@MAEHH@Z
?_Global@_Locimp@locale@std@@0PAV123@A
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
?_Init@locale@std@@CAPAV_Locimp@12@XZ
??1strstreambuf@std@@UAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0_Lockit@std@@QAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1_Lockit@std@@QAE@XZ
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?freeze@strstreambuf@std@@QAEX_N@Z
??1ostrstream@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Destroy
PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_GetIcon
ImageList_AddMasked
ImageList_SetBkColor
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_Draw
ImageList_Remove
ImageList_Create
InitCommonControlsEx

msvcrt

_mbstok
memmove
realloc
_mbsrchr
_CxxThrowException
_spawnl
_purecall
malloc
free
_mbsnbicmp
atoi
__CxxFrameHandler
??2@YAPAXI@Z
_XcptFilter
wcslen
_onexit
__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_beginthreadex
_exit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
wcstombs
_splitpath
calloc
mbstowcs
wcscmp
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_ftol
_endthreadex

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f92f1f0c87b0a019cfee351f588f23a3

Headers

File Characteristics

Imports

locmgr

pvgds

pscl

pscore

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcp60

comctl32

msvcrt

Sections

.text Size: 208KB - Virtual size: 204KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 36KB - Virtual size: 32KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 208KB - Virtual size: 204KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 36KB - Virtual size: 32KB

.reloc
Size: 20KB - Virtual size: 19KB