2fb282b7b009f57828606c5b074f34904c836bb7123da97c4f4e69c264822b1a

Sharing

Copy URL

Twitter E-mail

General

Target

2fb282b7b009f57828606c5b074f34904c836bb7123da97c4f4e69c264822b1a
Size

318KB
MD5

023c9ae7fb1283dd2fa78f075841d068
SHA1

e21a5145526552e6cc1f0f69e3f96641a229c8cd
SHA256

2fb282b7b009f57828606c5b074f34904c836bb7123da97c4f4e69c264822b1a
SHA512

ddfbe231d1baeeebcda11e3cfffb89e9740b0042c75bc03cef97765c6e2ab59ef09beb033aef2887687d2d52af7b9b591a0e4f2858b898ea5be45ebfbdeffdce
SSDEEP

1536:+EvAFWrGZXLlTKhaUaV7f5LBpm19igv9DOFybaFifSPMqanPa9WSuROO:5AGGZX5TiaR5mSgVDO4bh2Mq8

Score

N/A

Malware Config

Signatures

Files

2fb282b7b009f57828606c5b074f34904c836bb7123da97c4f4e69c264822b1a
.exe windows x86

78aa7cd5de7e8a9769f47550454025fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libdlnrapi30

?IsTimeout@Timer@@QAE_NXZ
??0CStr@@QAE@XZ
?ListCount@nrCJobList@@QAEHXZ
?Printf@CStr@@QAAHPBDZZ
?Data@CStr@@QAEPADXZ
??0gFileList@@QAE@XZ
?Add@gFileList@@UAEXPBD@Z
?nrMaz3@@YA_NPBDPADPAK@Z
??1gFileList@@UAE@XZ
?gGetLocalTime@@YAXPAUtag_GTIME@@@Z
?gIsFile@@YA_NPBD@Z
?BB_DisableDefaultLogger@@YAXXZ
?nrCreateSystemPath@@YAPAVnrSystemPath@@XZ
?nrGetHInstance@@YAPAUHINSTANCE__@@XZ
?StartTimer@Timer@@QAEXXZ
?FindFirst@g_FindFile@@QAE_NPAD@Z
?IsDir@g_FindFile@@QAE_NXZ
?FullFileName@g_FindFile@@QAEPBDXZ
?FindNext@g_FindFile@@QAE_NXZ
?nrDestroySystemPath@@YAXPAVnrSystemPath@@@Z
??0nrCClient@@QAE@XZ
??0nrCJobList@@QAE@XZ
??1nrCClient@@UAE@XZ
??1nrCJobList@@UAE@XZ
??0CStr@@QAE@ABV0@@Z
?gMalloc@@YAPAXI@Z
??1g_FindFile@@QAE@XZ
?gSplitPath@@YAXPBDPAD11@Z
??YCStr@@QAEAAV0@PBD@Z
??BCStr@@QAEPADXZ
??0CStr@@QAE@PBD@Z
??1CStr@@UAE@XZ
??0g_FindFile@@QAE@XZ
?gAppendSlash@@YAXPAD@Z

max32.task

?CreatePlugin@MaxPluginLoader@@SAPAVmaxClass@@XZ
?DestroyPlugin@MaxPluginLoader@@SAXPAVnrPlugin@@@Z

shlwapi

PathIsRelativeA
PathCanonicalizeA

msvcr80

qsort
bsearch
_mbsstr
_mbscmp
_mbsnbcmp
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
memcpy_s
fseek
??_V@YAXPAX@Z
_difftime64
_time64
fprintf
atoi
getenv
sprintf
printf
memcpy
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
fopen
_unlink
??0exception@std@@QAE@XZ
_vsnprintf
_splitpath
_getdcwd
_getdrive
setlocale
strstr
strncmp
ftell
atof
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_crt_debugger_hook
sscanf
strchr
memset
??_U@YAPAXI@Z
getc
fclose
_mbsicmp
signal
__iob_func
setvbuf
exit
memmove_s
strncpy

msvcp80

?_Xran@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
ConnectNamedPipe
Sleep
SetCurrentDirectoryA
DisconnectNamedPipe
GetCurrentProcessId
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CloseHandle
WaitForSingleObject
WriteFile
FlushFileBuffers
ReleaseMutex
MoveFileA
GetModuleFileNameA
GetTimeFormatA
GetDateFormatA
CreateNamedPipeA
CreateMutexA
LocalFree
GetExitCodeProcess
PeekNamedPipe
ReadFile
IsDebuggerPresent
CreateProcessA
GetLastError
FormatMessageA
GetTickCount
GetCurrentDirectoryA
GetConsoleOutputCP
SetConsoleOutputCP
FindResourceA
LoadResource
LockResource
GetCommandLineA
GetModuleHandleA
FindFirstFileA
FindClose

user32

LoadStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

StgOpenStorage
FreePropVariantArray

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�=
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78aa7cd5de7e8a9769f47550454025fd

Headers

File Characteristics

Imports

libdlnrapi30

max32.task

shlwapi

msvcr80

msvcp80

kernel32

user32

advapi32

ole32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 20KB - Virtual size: 19KB

� = Size: 235KB - Virtual size: 236KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 20KB - Virtual size: 19KB

�=
Size: 235KB - Virtual size: 236KB