eca91338e9f2305b85785bf407c7dd993ef1786a706948c1d515dd45576e5736

Sharing

Copy URL Twitter E-mail

General

Target

eca91338e9f2305b85785bf407c7dd993ef1786a706948c1d515dd45576e5736
Size

752KB
MD5

137166b2342a632702d918515dd5c850
SHA1

0340c21f549e3d4797781fb9243b207bdc85a605
SHA256

eca91338e9f2305b85785bf407c7dd993ef1786a706948c1d515dd45576e5736
SHA512

596fa3668dd2b224046e92e5326e41c354c7ac4c5b6d55a3736f2c7a402f8c9c1a95cfadc28e1488cd600aa6d7db6145ac8e23403bf78d1ba030e26aec91b303
SSDEEP

12288:0k0R7zX6vefYNyz0hq4PV48lOrbzUjurv6RDrvGpmnkKelO5FCQwrSOt41Eh:0k0R/fYNyz0hpV4brHUjkyrv+mIO5FXg

Score

N/A

Malware Config

Signatures

Files

eca91338e9f2305b85785bf407c7dd993ef1786a706948c1d515dd45576e5736
.exe windows x86

ac1779e7600b0aa76982f7ac0c676540

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetDescriptionA
ImmIsIME

mfc42

ord674
ord4457
ord1233
ord5252
ord4427
ord4499
ord1862
ord3619
ord1641
ord4220
ord2584
ord3654
ord3626
ord2438
ord2414
ord816
ord5789
ord562
ord640
ord2450
ord3920
ord2971
ord1640
ord323
ord5785
ord2380
ord5875
ord4083
ord2863
ord3571
ord5787
ord283
ord812
ord5862
ord2763
ord559
ord4129
ord858
ord5710
ord5572
ord4274
ord2725
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord5307
ord5714
ord4622
ord4424
ord3738
ord815
ord561
ord6215
ord2092
ord5484
ord6117
ord1134
ord5265
ord4376
ord4853
ord4998
ord366
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord1146
ord1168
ord4234
ord924
ord6354
ord5500
ord5289
ord4698
ord539
ord4413
ord2727
ord6467
ord2730
ord2729
ord1105
ord5054
ord6199
ord2379
ord4793
ord4123
ord6605
ord2864
ord6378
ord6197
ord6380
ord4337
ord4224
ord686
ord6270
ord1644
ord2096
ord384
ord446
ord743
ord926
ord4278
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4003
ord4226
ord290
ord2622
ord614
ord1799
ord6383
ord5440
ord6394
ord5450
ord2233
ord1265
ord3258
ord2764
ord533
ord5194
ord2393
ord5465
ord798
ord1997
ord1601
ord6143
ord6883
ord5861
ord4277
ord4837
ord3798
ord1665
ord2649
ord5282
ord4353
ord6374
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord537
ord4202
ord939
ord2614
ord940
ord4299
ord1768
ord941
ord2915
ord5683
ord535
ord5856
ord1175
ord354
ord350
ord860
ord5186
ord3127
ord1576
ord1200
ord665
ord5442
ord1979
ord3318
ord5773
ord3663
ord3616
ord5651
ord540
ord2818
ord823
ord800
ord825
ord2514

msvcrt

free
strncpy
_CIfmod
floor
_ftol
_CIpow
fread
malloc
_vsnprintf
mktime
localtime
printf
toupper
wcsncpy
_getcwd
??1type_info@@UAE@XZ
_setmbcp
_snwprintf
wcslen
_stricmp
_itoa
_mbsinc
fwrite
strtok
_snprintf
atoi
strstr
fgets
fprintf
_mkdir
wcsrchr
_mbsnbcpy
__CxxFrameHandler
vsprintf
strlen
strcpy
strcmp
ftell
fseek
sprintf
abs
ceil
sqrt
memset
memcpy
atof
fabs
_findclose
_findnext
_findfirst
_chdir
time
srand
_mbsicmp
fopen
atan2
atan
acos
asin
tan
_iob
fputs
strchr
_strdup
exit
strcat
_strlwr
isupper
tolower
fclose
rand
strrchr
sin
cos
_mbscmp
_purecall
_mbsrchr
fmod
pow
log
difftime
log10
exp
frexp
ldexp
strpbrk
_pctype
_isctype
__mb_cur_max
memcmp
memchr
strerror
_errno
tmpfile
fscanf
ungetc
getc
fflush
system
remove
rename
tmpnam
getenv
clock
strftime
gmtime
setlocale
strtoul
longjmp
_setjmp3
strcoll
strtod
strncat
strcspn
realloc
strncmp
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
sscanf
_XcptFilter

kernel32

DeleteCriticalSection
ResumeThread
CreateThread
ExitThread
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileAttributesA
GetCurrentDirectoryA
CreateMutexA
ReleaseMutex
ResetEvent
GetStartupInfoA
SetThreadPriority
WaitForSingleObject
GetModuleHandleA
CreateEventA
SetEvent
GetModuleFileNameW
GetPrivateProfileIntA
OutputDebugStringA
SetCurrentDirectoryA
GetProcAddress
SetUnhandledExceptionFilter
MultiByteToWideChar
MulDiv
InitializeCriticalSection
DeleteFileA
CreateProcessA
CloseHandle
FindFirstFileA
FindClose
GetTickCount
FreeLibrary
GlobalFree
GlobalReAlloc
CopyFileA
SetFileAttributesA
GetShortPathNameA
SetErrorMode
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
HeapAlloc
GetProcessHeap
HeapFree
GetPrivateProfileIntW
TerminateProcess
CreateProcessW
DuplicateHandle
SearchPathW
GetCurrentProcess
CreateEventW
VirtualAllocEx
GetModuleFileNameA
GetPrivateProfileStringA
QueryPerformanceFrequency
Sleep
QueryPerformanceCounter
LoadLibraryA

user32

GetAsyncKeyState
GetKeyboardLayout
PtInRect
ShowWindow
EmptyClipboard
SetClipboardData
OpenClipboard
PostMessageA
SetTimer
GetClipboardData
CloseClipboard
GetKeyState
LoadBitmapA
GetFocus
GetClientRect
ScreenToClient
GetCursorPos
SetCursorPos
GetDesktopWindow
SetRect
SendMessageA
SetCursor
CreatePopupMenu
FindWindowA
IsIconic
FlashWindow
IsWindow
IsWindowVisible
SetActiveWindow
mouse_event
ReleaseCapture
KillTimer
PostThreadMessageA
GetWindowRect
DestroyCursor
SetForegroundWindow
SetCapture
LoadCursorFromFileA
GetSystemMenu
DeleteMenu
PostQuitMessage
GetKeyNameTextA
GetMessageA
TranslateMessage
DispatchMessageA
EnableWindow
MessageBoxA
LoadIconA
UpdateWindow
OffsetRect
DestroyIcon
AppendMenuA
GetMenuItemID
GetMenuItemCount
GetMenuItemInfoA
GetSubMenu
DrawFrameControl
DrawIconEx
CopyRect
DrawEdge
InflateRect
GetSystemMetrics
SystemParametersInfoA
GetSysColor
MapVirtualKeyExA
IsCharLowerA
MapVirtualKeyA
LoadCursorA

gdi32

DeleteDC
CombineRgn
ExtCreateRegion
CreateFontIndirectA
GetTextExtentPoint32A
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
PatBlt
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
CreateFontA
GetTextColor
Rectangle
CreateDIBSection

shell32

SHFileOperationA
ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_GetIcon

ole32

CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromString

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

msvcp60

?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Lockit@std@@QAE@XZ
?_Fpz@std@@3_JB
??1_Lockit@std@@QAE@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??1locale@std@@QAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1ios_base@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

winmm

timeGetTime

ddraw

DirectDrawCreate

dsetup

ord11

zlib1

crc32
inflateInit2_
inflateEnd
inflate

wsock32

inet_addr
gethostname
gethostbyname

oleaut32

SysFreeString

Sections

.text
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac1779e7600b0aa76982f7ac0c676540

Headers

File Characteristics

Imports

imm32

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

ole32

version

msvcp60

winmm

ddraw

dsetup

zlib1

wsock32

oleaut32

Sections

.text Size: 516KB - Virtual size: 515KB

.rdata Size: 64KB - Virtual size: 62KB

.data Size: 28KB - Virtual size: 686KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 516KB - Virtual size: 515KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 28KB - Virtual size: 686KB

.rsrc
Size: 140KB - Virtual size: 140KB