1b660e03213e257d1abb51488e1d9d9d6f8ec5597ca51181d639973705f30cd4

Sharing

Copy URL

Twitter E-mail

General

Target

1b660e03213e257d1abb51488e1d9d9d6f8ec5597ca51181d639973705f30cd4
Size

147KB
MD5

0919eeb8809dee78f87a2aa1be955c50
SHA1

92ad0a49b7a3bb7d70a2f0e235c9cc49d056a8c2
SHA256

1b660e03213e257d1abb51488e1d9d9d6f8ec5597ca51181d639973705f30cd4
SHA512

0835f4cdbedf5816e1cf4655286f8656e0a83440dc4ec3d950f45b517fedd00e076fe9f3b66fedafbb6dda39daa714a015d8c2e2a18b0cdf311f47951afe242b
SSDEEP

3072:g1go8aPHgZrmHLMZjLpr7AHWOor5u971s:EgojKVLpwW1r5uc

Score

N/A

Malware Config

Signatures

Files

1b660e03213e257d1abb51488e1d9d9d6f8ec5597ca51181d639973705f30cd4
.exe windows x86

af5f8553a571ed620b33ac81dc948916

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr70

wcsncpy
isdigit
wcstol
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
strchr
vswprintf
strncmp
memmove
strlen
strcpy
_rotl
strcmp
wcsncmp
wcsrchr
wcscat
sprintf
putchar
wcschr
wcscpy
wcscmp
memcmp
realloc
_vsnwprintf
vwprintf
_iob
fflush
fprintf
wcslen
_purecall
__CxxFrameHandler
printf
free
malloc
_wcsicmp
tolower
swprintf
exit
wprintf
memset
_c_exit
_exit
_XcptFilter
_cexit
__p___winitenv
memcpy
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp

kernel32

SetEnvironmentVariableA
GetTempFileNameW
GetTempFileNameA
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetModuleHandleW
OpenEventW
OpenEventA
CreateEventW
CreateEventA
CreateMutexW
CreateMutexA
FatalAppExitW
FatalAppExitA
OutputDebugStringW
OutputDebugStringA
GetVersionExW
GetVersionExA
FindFirstFileW
FindFirstFileA
SetEnvironmentVariableW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
CreateSemaphoreW
CreateSemaphoreA
GetVolumeInformationW
GetVolumeInformationA
GetDriveTypeW
GetDriveTypeA
DeleteFileW
MoveFileExW
DeleteFileA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
CreateFileW
CreateFileA
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetComputerNameA
GetComputerNameW
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
CreateProcessA
CreateProcessW
GetCPInfo
GetFullPathNameA
GetFullPathNameW
EnumResourceLanguagesW
GetModuleHandleA
ExitProcess
LocalFree
LocalAlloc
GetDateFormatA
GetDateFormatW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetTempPathA
GetTempPathW
GetEnvironmentVariableA
GetEnvironmentVariableW
lstrcatW
lstrcpyW
OpenProcess
GetCurrentProcessId
WriteFile
GetStdHandle
VirtualAlloc
VirtualQuery
GetProcessAffinityMask
GetCurrentProcess
SetEvent
ResetEvent
LeaveCriticalSection
EnterCriticalSection
SetEndOfFile
GetSystemInfo
VirtualFree
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedExchange
LoadLibraryA
RemoveDirectoryW
SetLastError
GetLastError
GetFileSize
RaiseException
FindClose
CloseHandle
InterlockedIncrement
FreeLibrary
SetFilePointer
ReadFile
GetProcAddress
SetFileTime
GetFileTime
InterlockedDecrement
MapViewOfFile
UnmapViewOfFile
GetTickCount
GetSystemTime
CompareStringA
GetModuleFileNameA
MultiByteToWideChar
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetWindowsDirectoryW
FindNextFileA
FindNextFileW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
lstrlenW
LoadLibraryExA
LoadLibraryExW
FormatMessageA
FormatMessageW
SearchPathA
SearchPathW
GetModuleFileNameW

mscoree

GetCompileInfo
MetaDataGetDispenser
StrongNameTokenFromPublicKey
StrongNameErrorInfo
StrongNameFreeBuffer
CorBindToRuntimeEx

ole32

CoInitializeEx
CoTaskMemFree
StringFromIID
IIDFromString
CoUninitialize

user32

LoadStringW
wsprintfA
MsgWaitForMultipleObjects
TranslateMessage
CharPrevW
MessageBoxW
MessageBoxA
PeekMessageA
PeekMessageW
DispatchMessageA
PostMessageA
PostMessageW
GetClassNameA
GetClassNameW
LoadStringA
DispatchMessageW
GetUserObjectInformationW
GetProcessWindowStation

advapi32

LookupAccountNameW
RegCloseKey
LookupAccountNameA
LookupAccountSidW
LookupAccountSidA
CryptAcquireContextA
RegQueryValueExW
RegEnumValueW
RegEnumValueA
RegReplaceKeyW
RegReplaceKeyA
RegRestoreKeyW
RegRestoreKeyA
RegUnLoadKeyW
RegUnLoadKeyA
RegLoadKeyW
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueW
RegQueryValueA
RegCreateKeyExW
RegCreateKeyExA
RegSetValueExW
RegSetValueExA
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyExW
RegOpenKeyExA
SetFileSecurityW
SetFileSecurityA
RegisterEventSourceA
ReportEventW
DeregisterEventSource
GetUserNameW
GetUserNameA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumKeyExW
RegEnumKeyExA
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptReleaseContext

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af5f8553a571ed620b33ac81dc948916

Headers

File Characteristics

Imports

msvcr70

kernel32

mscoree

ole32

user32

advapi32

Sections

.text Size: 132KB - Virtual size: 128KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 132KB - Virtual size: 128KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 7KB