4fecffc7ddd4121560049f59112897d2b526ed708797bf0b0036dcc8fced2a62

Sharing

Copy URL Twitter E-mail

General

Target

4fecffc7ddd4121560049f59112897d2b526ed708797bf0b0036dcc8fced2a62
Size

137KB
MD5

0fab0c486c3f38414ebcf6e45d82ced0
SHA1

ff4de7bd0d9c4ee9b74e4de578bdb026b436ae71
SHA256

4fecffc7ddd4121560049f59112897d2b526ed708797bf0b0036dcc8fced2a62
SHA512

daf24701e15ad180db8f77269675f55b02954f6360f61c4d8f2ee0ef332d45a0ce2dab960fb8602ce7b1fbb9bf3626854616930367869b0c40619900c5e0c849
SSDEEP

3072:OpaagOtazDX67tHc/9SCBZH32Ho+woufXp5/I:AoOtyDX67t8VdZH3OoouB5/

Score

N/A

Malware Config

Signatures

Files

4fecffc7ddd4121560049f59112897d2b526ed708797bf0b0036dcc8fced2a62
.exe windows x86

1431a1348c2ae90966e55ed9d072f7bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
FreeLibrary
LoadLibraryA
SetLastError
lstrlenA
FindClose
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
GetLastError
RaiseException
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LeaveCriticalSection
EnterCriticalSection
GetVersionExA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCreateKeyExW
RegOpenKeyExA
RegCloseKey

ole32

CLSIDFromString
CoCreateInstance
StringFromCLSID
CoTaskMemFree
OleUninitialize
OleInitialize

oleaut32

VariantClear
VariantInit
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

msvcp71

?_Nomemory@std@@YAXXZ

msvcr71

_controlfp
memcmp
free
_CxxThrowException
memset
_except_handler3
memcpy
__CxxFrameHandler
wcsstr
wcsrchr
_wcslwr
wcslen
malloc
memmove
??3@YAXPAX@Z
??_V@YAXPAX@Z
exit
_spawnv
strcpy
strlen
_wspawnv
__p___wargv
__p___argc
wcsncpy
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1431a1348c2ae90966e55ed9d072f7bc

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

msvcp71

msvcr71

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 488B

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 488B

.rsrc
Size: 100KB - Virtual size: 100KB