cd54dc2f39a0c854f791c76b5feb688833d45ee44bd96581586137da0030807d

Sharing

Copy URL

Twitter E-mail

General

Target

cd54dc2f39a0c854f791c76b5feb688833d45ee44bd96581586137da0030807d
Size

150KB
MD5

0cbd3ad82ceacc83830613b4a4550861
SHA1

fe42f8cd9bead11401449e305a6cc086f07d4cf8
SHA256

cd54dc2f39a0c854f791c76b5feb688833d45ee44bd96581586137da0030807d
SHA512

d0c2eaccdd5f8e910474ddc58553fc1398256da57bd42ab745cf032b5053572090d13bf4a13928ccc8947758e371670682f69e93112e7de515cfef2b7bc53796
SSDEEP

3072:ltZm9LEK8Ydr/E6Vl/Bo2sAqNsNYh/cPODPjpe9VEtq2:89LEKFr/nBbsBWYlEOXpe9VR2

Score

N/A

Malware Config

Signatures

Files

cd54dc2f39a0c854f791c76b5feb688833d45ee44bd96581586137da0030807d
.exe windows x86

e891a671cafb112df085baed712100a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
DisconnectNamedPipe
TerminateProcess
GetStartupInfoA
CreatePipe
PeekNamedPipe
WaitForMultipleObjects
GlobalMemoryStatus
GetSystemInfo
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
ReleaseMutex
OpenEventA
SetErrorMode
ExitProcess
CreateMutexA
CopyFileA
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentThreadId
GetLastError
RaiseException
InterlockedExchange
GetModuleHandleA
GetCurrentProcess
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
GetFileAttributesA
CreateDirectoryA
DeleteFileA
GetPrivateProfileStringA
lstrcmpA
WideCharToMultiByte
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileSectionNamesA
GetProcAddress
lstrlenA
Sleep
CancelIo
lstrcpyA
ResetEvent
VirtualAlloc
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
GetModuleFileNameA
OutputDebugStringA
MultiByteToWideChar
ExitThread
OpenProcess
CloseHandle
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
LoadLibraryA
GetShortPathNameA

user32

TranslateMessage
GetMessageA
wsprintfA
DispatchMessageA
IsWindow
SetCursorPos
OpenClipboard
CharNextA
GetClipboardData
CloseClipboard
SystemParametersInfoA
DestroyCursor
LoadCursorA
ExitWindowsEx
WindowFromPoint
mouse_event
SetCapture
EmptyClipboard
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
GetCursorPos
GetCursorInfo
OpenWindowStationA
GetProcessWindowStation
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
EnumWindows
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
PostMessageA
CreateWindowExA
CloseWindow
SendMessageA
MapVirtualKeyA
SetClipboardData
keybd_event

gdi32

DeleteDC
DeleteObject
GetDIBits
CreateDIBSection
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt

advapi32

RegOpenKeyA
CloseServiceHandle
LsaFreeMemory
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
LookupAccountNameA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
LookupPrivilegeValueA
OpenProcessToken
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
StartServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
LookupAccountSidA
GetTokenInformation

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHGetFileInfoA

msvcrt

_acmdln
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_strcmpi
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
memset
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
memcpy
memmove
ceil
_ftol
strlen
strstr
memcmp
strchr
malloc
strcpy
strcmp
free
_except_handler3
strrchr
strcat
strncpy
atoi
rand
srand
time
printf
strncmp
_errno
wcscpy
exit
strncat
_beginthreadex

winmm

waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInGetNumDevs
waveInOpen
waveInClose

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

mfc42

ord860
ord2818
ord2764
ord4129
ord6648
ord537
ord926
ord924
ord922
ord535
ord858
ord6663
ord540
ord4278
ord939
ord6877
ord800

netapi32

NetUserAdd
NetLocalGroupAddMembers

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

avicap32

capCreateCaptureWindowA

msvfw32

ICSendMessage
ICSeqCompressFrameEnd
ICCompressorFree
ICSeqCompressFrame
ICSeqCompressFrameStart
ICOpen
ICClose

psapi

EnumProcessModules

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e891a671cafb112df085baed712100a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

winmm

msvcp60

mfc42

netapi32

wininet

avicap32

msvfw32

psapi

wtsapi32

Sections

.text Size: 89KB - Virtual size: 89KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 10KB - Virtual size: 15KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 34KB - Virtual size: 33KB