84684fb4af3a5d0d2b545a349ca1e0d2e6d98c3d1101f00c583caa1c6743ef0a

Sharing

Copy URL

Twitter E-mail

General

Target

84684fb4af3a5d0d2b545a349ca1e0d2e6d98c3d1101f00c583caa1c6743ef0a
Size

596KB
MD5

060e1b6f31b6cdec27a6781f74afd817
SHA1

6b81a1ebc95d7bacd316583412fd01c15a52dc4b
SHA256

84684fb4af3a5d0d2b545a349ca1e0d2e6d98c3d1101f00c583caa1c6743ef0a
SHA512

761fcc303ff3386447cf32e58afba432959e5228e6722fb5ea7a6e42cb55d79f2ac1554f66cd5cb2ff61c41986e032995d463e2142d933af3932ea93496ff63b
SSDEEP

12288:7DYzYK7Q21AmY/AE+zUalJJF8HIQjqyPOIQriA4:/ZSz1AmsA/UHHI+cIQmt

Score

N/A

Malware Config

Signatures

Files

84684fb4af3a5d0d2b545a349ca1e0d2e6d98c3d1101f00c583caa1c6743ef0a
.exe windows x86

be5f482e54939465bfa535cd6786394e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strupr
_beginthreadex
memcpy
calloc
_CIacos
printf
_CIpow
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_access
putchar
wcscpy
strncat
strcat
vsprintf
exit
fopen
fwrite
fclose
strrchr
_except_handler3
free
strcmp
strcpy
malloc
memcmp
__CxxFrameHandler
??2@YAPAXI@Z
??1type_info@@UAE@XZ
_CxxThrowException
atoi
wcstombs
memset
strlen
_ftol
memmove
wcslen
??3@YAXPAX@Z
rand
mbstowcs

kernel32

WideCharToMultiByte
LocalFree
GetStartupInfoA
GetModuleHandleA
GetExitCodeThread
TerminateThread
CreateThread
lstrlenA
MultiByteToWideChar
GetLastError
InterlockedDecrement
SetEvent
WaitForSingleObject
LoadLibraryA
GetProcAddress
CloseHandle
Sleep
CreateEventA

user32

IsWindow
SendMessageA
CreateWindowExA
PostThreadMessageA
GetMessageA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

ws2_32

WSAStartup
setsockopt
connect
getsockname
gethostname
send
select
closesocket
recv
ntohs
socket
gethostbyname
htons
WSACleanup

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
SysFreeString
SysAllocString
GetErrorInfo

msvfw32

ICSendMessage

winmm

waveInPrepareHeader
waveInUnprepareHeader
waveInClose
waveOutPrepareHeader
waveOutWrite
waveInOpen
waveInReset
waveInStart
waveOutUnprepareHeader
waveOutOpen
waveInAddBuffer
waveOutClose

Sections

#C>WqB3;
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

n]KZm`*v
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lUg^H!@C
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be5f482e54939465bfa535cd6786394e

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

ws2_32

msvcp60

ole32

oleaut32

msvfw32

winmm

Sections

#C>WqB3; Size: 28KB - Virtual size: 24KB

n]KZm`*v Size: 244KB - Virtual size: 240KB

lUg^H!@C Size: 8KB - Virtual size: 8KB

.rsrc Size: 312KB - Virtual size: 312KB

#C>WqB3;
Size: 28KB - Virtual size: 24KB

n]KZm`*v
Size: 244KB - Virtual size: 240KB

lUg^H!@C
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 312KB - Virtual size: 312KB