56deb3c59064df87eaeb7d8f91e6e10c0658d4c2eb06935415dbd15cb709d128

Sharing

Copy URL Twitter E-mail

General

Target

56deb3c59064df87eaeb7d8f91e6e10c0658d4c2eb06935415dbd15cb709d128
Size

169KB
MD5

92e2cc6d5cd1475af1363598a6cf1890
SHA1

2829c5eb38b1dceb8009fc255370a1cd093077c6
SHA256

56deb3c59064df87eaeb7d8f91e6e10c0658d4c2eb06935415dbd15cb709d128
SHA512

157598107ae685a0372303714247d199b45cce7e8d6f9e019637bc2f1284df0212420970f96ee41d85a03f3320963136f5633670d8c504d0eeba37940a6d840a
SSDEEP

3072:tlEf4qu1AsICsWJ7t11VlUjpNw24Gs8GMkqadOHh16M:jksP/T524rLMSK

Score

N/A

Malware Config

Signatures

Files

56deb3c59064df87eaeb7d8f91e6e10c0658d4c2eb06935415dbd15cb709d128
.exe windows x86

2b2b8f5dffe06fbabd3c39487c0e2afa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

comctl32

FlatSB_SetScrollPos
FlatSB_GetScrollPos
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_Draw
GetEffectiveClientRect
InitCommonControls
DrawInsert
ImageList_LoadImageA
InitCommonControlsEx
ImageList_BeginDrag
ImageList_GetImageCount
CreateUpDownControl
FlatSB_GetScrollRange

kernel32

HeapSize
lstrlenA
GetVersionExW
UnlockFileEx
GetCurrentProcess
VirtualAlloc
DeleteVolumeMountPointA

msvcp60

?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
_Nan
?denorm_min@?$numeric_limits@F@std@@SAFXZ
?uncaught_exception@std@@YA_NXZ
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0?$messages@D@std@@QAE@I@Z
?_Tidy@ios_base@std@@AAEXXZ
?intl@?$moneypunct@G$0A@@std@@2_NB
?do_get_date@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?_Psum@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPADPADI@Z
??_Fbad_exception@std@@QAEXXZ
?do_truename@?$numpunct@D@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
?signaling_NaN@?$numeric_limits@N@std@@SANXZ
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@KAPADPADDH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??Dstd@@YA?AV?$complex@M@0@ABMABV10@@Z
??1?$moneypunct@D$0A@@std@@UAE@XZ
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
?do_toupper@?$ctype@G@std@@MBEGG@Z
_Getcvt
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
?_Init_cnt@_Winit@std@@0HA
?scan_not@?$ctype@D@std@@QBEPBDFPBD0@Z
??1?$_Mpunct@G@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??4overflow_error@std@@QAEAAV01@ABV01@@Z
?do_grouping@?$numpunct@G@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
_FCosh
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIXZ
??Pstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@CAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAH@Z
?sync@?$basic_filebuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPADII@Z
??_F_Timevec@std@@QAEXXZ
??1?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
_Inf
wctrans
?pos_format@?$_Mpunct@D@std@@QBE?AUpattern@money_base@2@XZ
?rdbuf@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPAV?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Gstd@@YA?AV?$complex@M@0@ABMABV10@@Z
?_Init@?$codecvt@DDH@std@@IAEXABV_Locinfo@2@@Z
?max@?$numeric_limits@H@std@@SAHXZ
?rbegin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$reverse_iterator@PAGGAAGPAGH@2@XZ
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?sqrt@std@@YA?AV?$complex@O@1@ABV21@@Z
?do_grouping@?$numpunct@D@std@@MBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Nstd@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?epsilon@?$numeric_limits@G@std@@SAGXZ
??1money_base@std@@UAE@XZ
?denorm_min@?$numeric_limits@N@std@@SANXZ
??4?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?infinity@?$numeric_limits@E@std@@SAEXZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??8std@@YA_NABMABV?$complex@M@0@@Z
??1ostrstream@std@@UAE@XZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MAEPAV12@PAGH@Z
?id@?$messages@D@std@@2V0locale@2@A
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
?round_error@?$numeric_limits@N@std@@SANXZ
?max@?$numeric_limits@J@std@@SAJXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Global@_Locimp@locale@std@@0PAV123@A
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDH@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0overflow_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
?_Init@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEXABV_Locinfo@2@@Z
_Eps
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0ABV12@@Z
?_Nanv@?$_Ctr@M@std@@SAMM@Z
?seekpos@?$basic_filebuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
??_7?$moneypunct@D$00@std@@6B@
??1?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??0?$moneypunct@D$0A@@std@@QAE@I@Z
?pubsync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEHXZ
?find_first_not_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?min@?$numeric_limits@G@std@@SAGXZ
?compare@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEHPBG@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?exceptions@ios_base@std@@QBEHXZ
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
?assign@?$char_traits@D@std@@SAXAADABD@Z
?get@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHAAK@Z
?empty@locale@std@@SA?AV12@XZ
?arg@std@@YAOABV?$complex@O@1@@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEPAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$complex@N@std@@QAEAAV01@ABV01@@Z

powrprof

ValidatePowerPolicies
SetActivePwrScheme
WritePwrScheme
IsPwrSuspendAllowed
IsPwrHibernateAllowed
CanUserWritePwrScheme
ReadPwrScheme
LoadCurrentPwrScheme
GetCurrentPowerPolicies
SetSuspendState
EnumPwrSchemes
ReadGlobalPwrPolicy
CallNtPowerInformation
MergeLegacyPwrScheme
GetPwrDiskSpindownRange
DeletePwrScheme
GetPwrCapabilities
IsPwrShutdownAllowed
WriteGlobalPwrPolicy
GetActivePwrScheme
IsAdminOverrideActive

msvcrt40

ungetwc
calloc
_CIcos
_wcreat
??6ostream@@QAEAAV0@M@Z
??_8iostream@@7Bostream@@@
_mbscpy
fflush
_wstrtime
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
ldexp
??0exception@@QAE@XZ
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
_wutime
iswupper
_spawnvpe
_wpgmptr
_wgetdcwd
?xalloc@ios@@SAHXZ
_fcloseall
_fgetwchar
??_Eistream_withassign@@UAEPAXI@Z
_fmode
??4stdiostream@@QAEAAV0@AAV0@@Z
_mktemp
??_Gexception@@UAEPAXI@Z
_seh_longjmp_unwind
atol
?unlock@ios@@QAAXXZ
?overflow@strstreambuf@@UAEHH@Z
strcat
wcscspn
?xsgetn@streambuf@@UAEHPADH@Z
wcsrchr
?setb@streambuf@@IAEXPAD0H@Z
fclose
??_7filebuf@@6B@
??0fstream@@QAE@XZ
_mbsnbcpy
?unlockc@ios@@KAXXZ
?rdbuf@istrstream@@QBEPAVstrstreambuf@@XZ
strlen
_strtime
??0ofstream@@QAE@PBDHH@Z
strcspn
_wfullpath
?sync@strstreambuf@@UAEHXZ
_strdup
time
_CIlog10
_endthread
_strupr
_adjust_fdiv
??6ostream@@QAEAAV0@PBX@Z
system
_ismbchira

gdi32

CreatePenIndirect
Pie
GdiPlayDCScript
GetFontAssocStatus
STROBJ_vEnumStart
CreateSolidBrush
BRUSHOBJ_hGetColorTransform
GdiResetDCEMF
SetBkMode
GetTextColor
AngleArc
DeleteObject
GetEnhMetaFileA
STROBJ_bEnum
GetViewportOrgEx
EnumMetaFile
PtVisible
GetTransform
GdiSetPixelFormat
PaintRgn
SelectObject

msvcirt

?hex@@YAAAVios@@AAV1@@Z
??0iostream@@IAE@XZ
??_Gostream_withassign@@UAEPAXI@Z
?setp@streambuf@@IAEXPAD0@Z
??_Difstream@@QAEXXZ
??_Gofstream@@UAEPAXI@Z
??_Eostream@@UAEPAXI@Z
??4logic_error@@QAEAAV0@ABV0@@Z
?write@ostream@@QAEAAV1@PBDH@Z
??_Gfstream@@UAEPAXI@Z
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ
??_Estdiostream@@UAEPAXI@Z
?peek@istream@@QAEHXZ
?iword@ios@@QBEAAJH@Z
?setf@ios@@QAEJJJ@Z
??4strstream@@QAEAAV0@AAV0@@Z
?seekg@istream@@QAEAAV1@J@Z
?read@istream@@QAEAAV1@PADH@Z
?doallocate@strstreambuf@@MAEHXZ
?str@istrstream@@QAEPADXZ
?cerr@@3Vostream_withassign@@A
?open@fstream@@QAEXPBDHH@Z
??_8stdiostream@@7Bistream@@@
?sputn@streambuf@@QAEHPBDH@Z
?blen@streambuf@@IBEHXZ
?in_avail@streambuf@@QBEHXZ
??4streambuf@@QAEAAV0@ABV0@@Z
??0ofstream@@QAE@ABV0@@Z
?fd@filebuf@@QBEHXZ
??6ostream@@QAEAAV0@PBC@Z
?gcount@istream@@QBEHXZ
??0strstreambuf@@QAE@ABV0@@Z
?get@istream@@IAEAAV1@PADHH@Z
??0strstreambuf@@QAE@P6APAXJ@ZP6AXPAX@Z@Z
??_Distream@@QAEXXZ
?ignore@istream@@QAEAAV1@HH@Z
??_8stdiostream@@7Bostream@@@
??1streambuf@@UAE@XZ
??5istream@@QAEAAV0@AAH@Z
?precision@ios@@QBEHXZ
??_Eostream_withassign@@UAEPAXI@Z
??0filebuf@@QAE@H@Z
??0filebuf@@QAE@HPADH@Z
??0ostream@@IAE@XZ
?seekoff@strstreambuf@@UAEJJW4seek_dir@ios@@H@Z

user32

TranslateMessageEx
LoadAcceleratorsW
wsprintfA
LoadAcceleratorsA
FindWindowA
LoadCursorA
MessageBoxExW
GetSystemMenu
GetWindowTextA
InSendMessageEx
GetClientRect
FindWindowW

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b2b8f5dffe06fbabd3c39487c0e2afa

Headers

File Characteristics

Imports

comctl32

kernel32

msvcp60

powrprof

msvcrt40

gdi32

msvcirt

user32

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 1KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 1KB