40b1e555817845ca79cd218602e53a7ad4af01cd4e8062cf542ebaee346b13a3

Sharing

Copy URL Twitter E-mail

General

Target

40b1e555817845ca79cd218602e53a7ad4af01cd4e8062cf542ebaee346b13a3
Size

148KB
MD5

01312829c8e9a12cd2f7a95524248715
SHA1

5f3003ec8b2d2d3f88f5bb1da45b80fe73b860f4
SHA256

40b1e555817845ca79cd218602e53a7ad4af01cd4e8062cf542ebaee346b13a3
SHA512

936fd764aa4d53dba88c0c5e2b1d134b00cbdbc2697d76bfbc8928620e70c7a360783ddb282a3092c183bcadcdaed0588abc32f016d0df68d65db7eed4776c1e
SSDEEP

3072:XaMEMFRGxN+baXUhs0ohoxZKpeX/KoUIcsCV16OFHV5A05uk:XaQGAB2I26OF1l

Score

N/A

Malware Config

Signatures

Files

40b1e555817845ca79cd218602e53a7ad4af01cd4e8062cf542ebaee346b13a3
.exe windows x86

b08f15b7789090e7766b94fb08bfa90a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrToIntW
StrCmpW
StrStrIW
StrStrW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdW

wlanapi

WlanOpenHandle
WlanCloseHandle
WlanRegisterNotification

bthprops.cpl

BluetoothGetRadioInfo
BluetoothFindFirstRadio
BluetoothFindRadioClose

ws2_32

sendto
WSACleanup
WSAStartup
inet_addr
socket
htons

mfc80u

ord266
ord764
ord293
ord577
ord762
ord3990
ord776
ord4100
ord2260
ord5414
ord2461
ord774
ord556
ord744
ord5091
ord5342
ord1443
ord265
ord1472
ord282
ord280
ord1479
ord4078
ord2261
ord283
ord6700
ord5524

msvcr80

_wcsicmp
wcsstr
malloc
??0exception@std@@QAE@XZ
swprintf_s
_invalid_parameter_noinfo
?terminate@@YAXXZ
??1exception@std@@UAE@XZ
wcschr
??0exception@std@@QAE@ABQBD@Z
_wcsupr
memmove_s
_snwprintf
??0exception@std@@QAE@ABV01@@Z
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
?what@exception@std@@UBEPBDXZ
__wgetmainargs
free
_exit
_XcptFilter
exit
__winitenv
_initterm
__CxxFrameHandler3
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
_purecall
_vsnwprintf_s
wcsnlen
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
_snwscanf
__p__fmode
_CxxThrowException
memset
memcpy
_cexit

kernel32

HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
GetVersionExW
GetModuleFileNameW
HeapAlloc
lstrlenW
FormatMessageW
GetProcessHeap
GetCurrentProcess
DeviceIoControl
InterlockedDecrement
InterlockedIncrement
CreateFileW
TerminateThread
ResumeThread
ResetEvent
InitializeCriticalSection
CreateThread
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OutputDebugStringW
GetSystemTime
SetEvent
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
ReleaseMutex
CloseHandle
CreateEventW
CreateMutexW
WaitForSingleObject

user32

UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterWindowMessageW
PostThreadMessageW
GetMessageW
wsprintfW
CharUpperW
DispatchMessageW

advapi32

CreateServiceW
OpenSCManagerW
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW
DeleteService
ControlService
OpenServiceW
StartServiceW
ChangeServiceConfig2W
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle

ole32

CoGetMalloc
IIDFromString

oleaut32

SysAllocString
SysStringLen
SysFreeString

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?open@?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXPB_WHH@Z
??_D?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A
?close@?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b08f15b7789090e7766b94fb08bfa90a

Headers

File Characteristics

Imports

shlwapi

setupapi

wlanapi

bthprops.cpl

ws2_32

mfc80u

msvcr80

kernel32

user32

advapi32

ole32

oleaut32

msvcp80

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 3KB