8d0ee4a6259e5cfbcef151dd8f8d0c6a06d2b427ab780c3cf5dfe415ad734b7a

Sharing

Copy URL Twitter E-mail

General

Target

8d0ee4a6259e5cfbcef151dd8f8d0c6a06d2b427ab780c3cf5dfe415ad734b7a
Size

248KB
MD5

81bdc6d5569de63df28a2f26f68532c0
SHA1

a4a29192e01e777ac6b7952a52a1b68e18b4f577
SHA256

8d0ee4a6259e5cfbcef151dd8f8d0c6a06d2b427ab780c3cf5dfe415ad734b7a
SHA512

93064b20546329dfa60a32ca60f983fb6ff55e37df95ea9ad25cae46392379aa3eca05649cc7e6701431df8a3b014440a44ab8a562b73e7e494de6766cd293dc
SSDEEP

6144:IhrZ2HYy0gQdWAlMlIIoFxHMkGwF4tNuhsX:IhrZ2HYy0NdhagxskGe4wY

Score

N/A

Malware Config

Signatures

Files

8d0ee4a6259e5cfbcef151dd8f8d0c6a06d2b427ab780c3cf5dfe415ad734b7a
.dll windows x86

447ad8c58b1ee01ad8c31b54d8a8cb8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetLastError
MultiByteToWideChar
FormatMessageA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

newtrf

?GenEDC@@YAHPAEKPAV?$LittleEndian@K@@@Z
?GetOrdinalNumber@CNeroError@@UBE?AVCOrdinalNumber@@XZ
?Convert2kToMode2Form1With2336@@YAHQBEQAEPBE@Z

neroerr

?EnableMessageTranslation@CNeroError@@UAEXH@Z
?GetLine@CNeroError@@UBEHXZ
?GetErrorFile@CNeroError@@UBEPBDXZ
?GetError@CNeroError@@UBEHXZ
?GetTime@CNeroError@@UBEJXZ
?SetFatal@CNeroError@@UAEHH@Z
?GetDescriptionLine@CNeroError@@UBEHHHPADH_N@Z
?GetDescriptionLine@CNeroError@@UBEHHHPADH@Z
??0CNeroError@@IAE@PBDHH@Z
??1CNeroError@@UAE@XZ
?ERRAdd@@YAABVINeroError@@ABV1@@Z
?GetErrorIcon@CNeroError@@UBE?AW4NeroErrorID@@XZ
?Fatal@CNeroError@@UBEHXZ
??1CNeroErrorList@@UAE@XZ
??1CErrorClone@@UAE@XZ
?GetNext@CNeroErrorList@@QBE?AVErrorListPos@@ABV2@@Z
?GetError@CNeroErrorList@@QBEHAAVCErrorClone@@ABVErrorListPos@@@Z
??0CErrorClone@@QAE@XZ
?GetFirst@CNeroErrorList@@QBE?AVErrorListPos@@XZ
?CopyErrorsTo@CNeroErrorList@@QBEXAAV1@PAVErrorListPos@@1@Z
?ERRMyList@@YAAAVCNeroErrorList@@XZ
??0CNeroErrorList@@QAE@XZ
?ClearErrors@CNeroErrorList@@QAEXXZ
?GetNeroErrorList@@YAAAVCNeroErrorList@@K@Z
?MyNeroThread@@YAAAVCAbstractThread@@XZ
?CreateNeroSemaphore@@YAPAVCAbstractSemaphore@@J@Z
?CreateNeroThread@@YAPAVCAbstractThread@@XZ
?IsMessageTranslationEnabled@CNeroError@@UBEHXZ
?GetThreadName@CNeroError@@UBEPBDXZ
?GetDescriptionLine@CNeroError@@UBEHHPADH@Z

msvcp71

?_Nomemory@std@@YAXXZ
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?is@?$ctype@G@std@@QBE_NFG@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?clear@ios_base@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@G@std@@2V0locale@2@A
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ

msvcr71

??0bad_cast@@QAE@PBD@Z
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
_except_handler3
__security_error_handler
??1type_info@@UAE@XZ
_callnewh
sprintf
strftime
isalnum
toupper
realloc
memcmp
malloc
free
strchr
strcpy
_snprintf
strncpy
strncmp
??_V@YAXPAX@Z
memmove
strlen
_purecall
??3@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
memcpy
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
_strdup
_CxxThrowException
memset

Exports

Exports

OpenGenerator

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

447ad8c58b1ee01ad8c31b54d8a8cb8d

Headers

File Characteristics

Imports

kernel32

newtrf

neroerr

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 112KB