0a1de07f97a00209b67d845cf6ea18b95aaeb9757bdd5b46854bfc406512ef41

Sharing

Copy URL Twitter E-mail

General

Target

0a1de07f97a00209b67d845cf6ea18b95aaeb9757bdd5b46854bfc406512ef41
Size

356KB
MD5

820ddf7f35bdafa3a31a6ee664cf2160
SHA1

8be764a549e185a1c6a3ae25c7f1c6091c9cd03f
SHA256

0a1de07f97a00209b67d845cf6ea18b95aaeb9757bdd5b46854bfc406512ef41
SHA512

5a8f7adeb3bc0a6c52733c2633ed56bd7a5bd90912cb84489917d51843c469ff973230a2356fa6152bd1e8a6f67a769ec61af2dc0af46b3ca8b620442835609f
SSDEEP

6144:cWLDakLRu1P9BWVXN0U1CeJMZZWXMquXVsmFSpUfpOwuZTgl03CwT+:cqDaIRu1P9BWVXKfeKZWiXvFSpUfpOwN

Score

N/A

Malware Config

Signatures

Files

0a1de07f97a00209b67d845cf6ea18b95aaeb9757bdd5b46854bfc406512ef41
.exe windows x86

a9f9f94319f0359b1b90a9efb66e35db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_onexit
__dllonexit
_controlfp
?terminate@@YAXXZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
wcsncmp
fprintf
_strupr
_stricmp
??2@YAPAXI@Z
fclose
wcstombs
fwrite
fopen
wcsstr
mbstowcs
_wcsicmp
??3@YAXPAX@Z
strstr
rand
sprintf
strncmp
strchr
_errno
bsearch
_time64
strrchr
isdigit
srand
strncpy
strtol
atoi
strncat
strtoul
memset
memcpy
memmove
malloc
free
sscanf
ferror
fread
printf
_localtime64
ftell
fseek
_vsnprintf
fgets
_CxxThrowException

ws2_32

closesocket
send
WSAStartup
shutdown
socket
recv
WSAGetLastError
getaddrinfo
connect
gethostname
ioctlsocket
gethostbyname
listen
bind
setsockopt
accept
select

advapi32

RegDeleteValueA
LookupPrivilegeValueA
GetUserNameW
SetEntriesInAclA
OpenProcessToken
RegCloseKey
OpenSCManagerA
StartServiceA
CloseServiceHandle
OpenServiceA
RegOpenKeyA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
AllocateAndInitializeSid
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorA
AdjustTokenPrivileges
RegSetValueExW
GetSecurityInfo

wininet

HttpQueryInfoA
InternetConnectA
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
InternetGetCookieA

kernel32

SetEvent
WaitForSingleObject
Process32First
SetUnhandledExceptionFilter
FreeLibrary
GetLastError
lstrlenW
QueryPerformanceCounter
QueryPerformanceFrequency
GetStartupInfoA
GetSystemDirectoryW
InterlockedDecrement
lstrcpyA
CloseHandle
ConnectNamedPipe
GetExitCodeThread
GlobalFree
TerminateThread
GlobalAlloc
WriteFile
CreateFileA
VirtualAlloc
VirtualFree
LocalFree
CreateMutexA
ExitThread
Sleep
lstrcpynA
CreateThread
OutputDebugStringA
CreateEventA
CreateProcessA
ReadFile
DisconnectNamedPipe
FlushFileBuffers
FindFirstFileA
GetProcAddress
CreateNamedPipeA
ResetEvent
LoadLibraryA
GetTempFileNameA
Process32Next
FindNextFileA
CreateToolhelp32Snapshot
GetVersionExA
GetCurrentProcessId
DeleteFileA
lstrlenA
GetCurrentProcess
GetTickCount
OpenProcess
CopyFileW
ReleaseMutex
GetModuleFileNameW

user32

GetClassNameA
wsprintfA
RegisterWindowMessageA
EnumWindows
wsprintfW
SendMessageTimeoutA
EnumChildWindows
wvsprintfA
GetWindowThreadProcessId

shell32

SHGetFolderPathW
SHGetFolderPathA

ole32

CoInitialize
CoInitializeEx
CoInitializeSecurity
OleInitialize
CoCreateInstance
CoUninitialize

oleaut32

CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VariantClear
SysFreeString
VariantInit
SysAllocString

Exports

Exports

?StartFacebook@@YAPAXPAD00@Z
?StartThreadFacebook@@YAPAXPAUSTART_FACEBOOK@@@Z
?StartTwitter@@YAPAXPAD00@Z
_UnhandledExceptionFilter@4

Sections

.text
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9f9f94319f0359b1b90a9efb66e35db

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ws2_32

advapi32

wininet

kernel32

user32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 233KB - Virtual size: 233KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 11KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 233KB - Virtual size: 233KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 11KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 12KB