5012e4a66f78f2bbc54934f61412adcab08e8254dff6a6dc91271a4b17d86858

Sharing

Copy URL

Twitter E-mail

General

Target

5012e4a66f78f2bbc54934f61412adcab08e8254dff6a6dc91271a4b17d86858
Size

93KB
MD5

0d9b6f368bac07816b8c8d6c24bdc230
SHA1

5a6e64f13e368d85313d8e73fc77d9131ed58e81
SHA256

5012e4a66f78f2bbc54934f61412adcab08e8254dff6a6dc91271a4b17d86858
SHA512

8572c4791f21c6cc1748a52c8a34ab1477cabf2d404c64607d2d05aa2097f2dedebc968bc76a8e1cca88d25cf23992961707e7f3b099f00bfdf66a49002e8272
SSDEEP

1536:t6/R1OKu9OTN8wWdjR+G5Mo2JIUyS5gOw6lf4qTmvdS7EoTUT1ewx+AJ1fr93/za:kHOKu9OTNqAoMIO1wfqSvdufUxF793/2

Score

N/A

Malware Config

Signatures

Files

5012e4a66f78f2bbc54934f61412adcab08e8254dff6a6dc91271a4b17d86858
.exe windows x86

9130d8ce71d6180e1c5a22c1b6d522b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc80u

ord581
ord1162
ord1087
ord315
ord765
ord6700
ord6751
ord314
ord764
ord774
ord1479
ord293
ord282
ord6172
ord776
ord4074
ord5558
ord3383
ord757
ord566
ord1472
ord1178
ord747
ord559
ord577
ord3168
ord1197
ord283
ord1200

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
wprintf
wcscpy_s
malloc
memset
free
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3

kernel32

LoadLibraryW
SetCurrentDirectoryW
GetCurrentDirectoryW
WriteFile
ReadFile
GetTickCount
GetShortPathNameW
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleW
GetCommandLineW
TerminateThread
GetProcAddress
CreateThread
CloseHandle
CreateFileW
LocalAlloc
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
WideCharToMultiByte
GetExitCodeThread
GetLastError
LocalFree

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9130d8ce71d6180e1c5a22c1b6d522b1

Headers

File Characteristics

Imports

mfc80u

msvcr80

kernel32

advapi32

ole32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 70KB - Virtual size: 72KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 70KB - Virtual size: 72KB