b980aa4337e5231ebd116e7007599ba815bf46f3562ebd2c357ce2380a54d84b

Sharing

Copy URL

Twitter E-mail

General

Target

b980aa4337e5231ebd116e7007599ba815bf46f3562ebd2c357ce2380a54d84b
Size

296KB
MD5

0c3ba567fb18bf4e0c4e86df4a431440
SHA1

946e37dc4e5b51bf2163816633b7e74c4fbe6624
SHA256

b980aa4337e5231ebd116e7007599ba815bf46f3562ebd2c357ce2380a54d84b
SHA512

d441cb7efc0dbc8106bb705631ea8845f1b5ab9bf33356c45ea4f880b19842167b179f5a535dc235fbf3fd099d73083ce56cff7c691474f1cba935cff155c612
SSDEEP

6144:RmRM7upyTM5nSOEt5zpaiRhcuGE07v6+uMHWzIH:mMtQ3wNxRhTKj6oHZ

Score

N/A

Malware Config

Signatures

Files

b980aa4337e5231ebd116e7007599ba815bf46f3562ebd2c357ce2380a54d84b
.exe windows x86

8509c3583816bceb9cf63e34e0a73c01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr71

wcsncpy
wcsrchr
wcstoul
wcscat
strncmp
_vsnwprintf
realloc
memmove
strlen
strchr
wcsncmp
vswprintf
printf
free
malloc
_wcsicmp
tolower
memset
wcscmp
wcscpy
exit
swprintf
wcslen
__CxxFrameHandler
wprintf
_except_handler3
_c_exit
_exit
_XcptFilter
_cexit
__p___winitenv
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
__dllonexit
_onexit
_controlfp
memcpy

kernel32

CreateMutexA
FatalAppExitW
FatalAppExitA
OutputDebugStringW
OutputDebugStringA
FindFirstFileW
FindFirstFileA
FindClose
GetDateFormatW
GetDateFormatA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
CreateSemaphoreW
CreateSemaphoreA
GetVolumeInformationW
GetVolumeInformationA
GetDriveTypeW
GetDriveTypeA
DeleteFileW
MoveFileExW
DeleteFileA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
CreateFileW
CreateFileA
GetFileType
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
RaiseException
GetPrivateProfileIntA
SearchPathW
GetSystemTimeAsFileTime
FormatMessageW
FormatMessageA
LoadLibraryExW
LoadLibraryExA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
GetDiskFreeSpaceExW
GetDiskFreeSpaceExA
FindResourceW
FindResourceA
SetLastError
GetTempFileNameW
GetTempFileNameA
GetFullPathNameW
GetFullPathNameA
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetCurrentDirectoryA
EnumResourceLanguagesW
GetCPInfo
WideCharToMultiByte
GetComputerNameW
GetComputerNameA
GetVersionExW
GetVersionExA
GetModuleFileNameW
GetModuleFileNameA
lstrlenW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCommandLineW
FindNextFileW
FindNextFileA
GetWindowsDirectoryW
GetWindowsDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
WaitForSingleObject
CloseHandle
ExitProcess
LocalFree
LocalAlloc
CreateMutexW
CreateEventA
CreateEventW
OpenEventA
OpenEventW
GetModuleHandleW
GetFileAttributesA
GetFileAttributesW
LoadLibraryA
SetFileAttributesA
SetFileAttributesW
GetEnvironmentVariableA
GetEnvironmentVariableW
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
CreateProcessA
CreateProcessW
lstrcatW
lstrcpyW
FreeLibrary
GetProcAddress
OpenProcess
GetSystemInfo
WriteFile
GetStdHandle
VirtualAlloc
VirtualQuery
GetProcessAffinityMask
GetCurrentProcess
SearchPathA
GetLastError
MultiByteToWideChar
GetSystemDirectoryA
GetSystemDirectoryW

mscoree

CorBindToRuntimeEx
GetRequestedRuntimeVersion
GetRealProcAddress
GetCORSystemDirectory

user32

GetUserObjectInformationW
LoadStringW
LoadStringA
GetMessageW
GetMessageA
IsDialogMessageW
IsDialogMessageA
SetWindowLongA
GetWindowLongA
TranslateAcceleratorW
GetProcessWindowStation
DefWindowProcW
DefWindowProcA
GetClassNameW
GetClassNameA
PostMessageW
PostMessageA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
GetWindowTextW
GetWindowTextA
SystemParametersInfoA
CallWindowProcA
GetWindowLongW
SetWindowLongW
CharPrevW
SendDlgItemMessageW
GetDlgItem
SetDlgItemTextW
SendMessageA
SendMessageW
LoadMenuA
LoadMenuW
GetClassInfoA
GetClassInfoW
RegisterClassA
RegisterClassW
CreateWindowExA
CreateWindowExW
LoadAcceleratorsA
LoadAcceleratorsW
LoadImageA
LoadImageW
MessageBoxA
MessageBoxW
CreateDialogParamA
CreateDialogParamW
DialogBoxParamA
DialogBoxParamW
LoadIconA
LoadIconW
LoadCursorA
LoadCursorW
SetWindowTextA
SetWindowTextW
SetDlgItemTextA
TranslateAcceleratorA

advapi32

RegSetValueExA
RegisterEventSourceA
ReportEventW
DeregisterEventSource
LookupAccountNameW
LookupAccountNameA
LookupAccountSidW
LookupAccountSidA
CryptAcquireContextA
RegQueryValueExW
RegReplaceKeyW
RegReplaceKeyA
RegRestoreKeyW
RegRestoreKeyA
RegUnLoadKeyW
RegUnLoadKeyA
RegLoadKeyW
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueW
RegQueryValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegDeleteKeyW
RegDeleteKeyA
SetFileSecurityW
SetFileSecurityA
LookupPrivilegeValueW
LookupPrivilegeValueA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegEnumValueW
RegEnumValueA
GetUserNameW
GetUserNameA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegEnumKeyExA

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

vxj�J�
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8509c3583816bceb9cf63e34e0a73c01

Headers

File Characteristics

Imports

msvcr71

kernel32

mscoree

user32

advapi32

Sections

.text Size: 60KB - Virtual size: 56KB

.data Size: 4KB - Virtual size: 856B

.rsrc Size: 4KB - Virtual size: 1KB

vxj�J� Size: 224KB - Virtual size: 224KB

.text
Size: 60KB - Virtual size: 56KB

.data
Size: 4KB - Virtual size: 856B

.rsrc
Size: 4KB - Virtual size: 1KB

vxj�J�
Size: 224KB - Virtual size: 224KB