ec30daa9f9ca482a6299d87ea534c99a4cdd3c7d34cbe6c2834f1f32c1652f3d

Sharing

Copy URL

Twitter E-mail

General

Target

ec30daa9f9ca482a6299d87ea534c99a4cdd3c7d34cbe6c2834f1f32c1652f3d
Size

720KB
MD5

101ef8e3666ce9969dd3fee2ea0b3b8c
SHA1

ba626bff51b8004d48a708e5d48a9d6bcc0b2e05
SHA256

ec30daa9f9ca482a6299d87ea534c99a4cdd3c7d34cbe6c2834f1f32c1652f3d
SHA512

ffb7f22bf2ade00f3cccdb49043b7edd4dbd9e2197bc05897607a47f5cdb9bafafff2632fa734dad4c911a6da1bceec52fdacde9830b80fe65ba335be5cc751c
SSDEEP

6144:o77A5XLehopTi/jZ5SedvrBQRVOhSzI9tTCCjrwzxLd6k:o77AxEopkNA09kn98rELd6k

Score

N/A

Malware Config

Signatures

Files

ec30daa9f9ca482a6299d87ea534c99a4cdd3c7d34cbe6c2834f1f32c1652f3d
.exe windows x86

2ac75c540a2da9371876f06bfdda5074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbmanagerexus

?GetInt@CResultSet@@QAE?BHH@Z
??0CResultSet@@QAE@XZ
?ExcuteQuery@CSQLite@@QAE?AVCResultSet@@PBG@Z
??4CResultSet@@QAEAAV0@ABV0@@Z
??1CResultSet@@QAE@XZ
?Next@CResultSet@@QAE_NXZ
?GetString@CResultSet@@QAEPBGH@Z
?Close@CResultSet@@QAE_NXZ
?Open@CSQLite@@QAE_NPBG@Z
?UpdateQuery@CSQLite@@QAE_NPBG@Z
??0CSQLite@@QAE@XZ
?Close@CSQLite@@QAEXXZ
??1CSQLite@@QAE@XZ

multilangdllexu

?_mkstr_dialog@CMultiLangEx@@SAXPAUHWND__@@VCString@@PAU_PROPSHEETPAGEW@@@Z
?_tnstr_end@CMultiLangEx@@SAXXZ
?_tnstr_start@CMultiLangEx@@SAXVCString@@@Z
?_tnstr_getstring@CMultiLangEx@@SA?AVCString@@PBG0I@Z

common

?SetEffectMode@CEffectiveDialog@@QAEXHW4_effect_dialog@@@Z
?OnOK@CTNBaseDialog@@UAEXXZ
?MoveText@XButton@@QAEXHH@Z
?OnPaint@CEffectiveDialog@@IAEXXZ
?SetText@XStatic@@QAEXVCString@@@Z
??0XStatic@@QAE@XZ
?PreTranslateMessage@XDialog@@UAEHPAUtagMSG@@@Z
?SetFont@XStatic@@QAEXHHHPAG@Z
?OnTimer@CEffectiveDialog@@IAEXI@Z
?SetCenterTextFlag@XButton@@QAEX_N@Z
?OnMax@CTNBaseDialog@@UAEXXZ
?OnClose@CTNBaseDialog@@UAEXXZ
?OnMin@CTNBaseDialog@@UAEXXZ
?OnCancel@CTNBaseDialog@@UAEXXZ
?DoModal@CEffectiveDialog@@UAEHXZ
??1XButton@@UAE@XZ
??1CTNBaseDialog@@UAE@XZ
??0XButton@@QAE@XZ
??0CTNBaseDialog@@QAE@IPAVCWnd@@@Z
?messageMap@CTNBaseDialog@@1UAFX_MSGMAP@@B
?DisableMaxBtn@CTNBaseDialog@@QAEXXZ
?DisableMinBtn@CTNBaseDialog@@QAEXXZ
?SetTitle@XDialog@@QAEXPAGHHH0VCPoint@@K@Z
?SetDlgSize@XDialog@@IAEXHH@Z
?OnInitDialog@CTNBaseDialog@@UAEHXZ
?SetMaskBtn@CEffectiveDialog@@IAEXPAVXButton@@_N@Z
?SetTransparent@XButton@@QAEXXZ
?SetTextClr@XButton@@QAEXKKKK@Z
?SetFont@XButton@@QAEXHHHPAG@Z
?SetText@XButton@@QAEXPAG@Z
?SetBitmap@XButton@@QAE_NI_NH@Z
?MoveDlgSize@XDialog@@QAEXHHHH@Z
?OnDestroy@XDialog@@IAEXXZ
??1XStatic@@UAE@XZ

logwriterexdll

?logTrace_End@CLogWriterEx@@SAXXZ

msgtool

TNMessageBox

devicemanagerexu

??0CFindDevice@@QAE@XZ
?SetMatchedModemString@CFindDevice@@QAEXVCString@@0@Z
??1CFindDevice@@UAE@XZ
?GetAtPort@CFindDevice@@QAEHH@Z
?GetAtDeviceName@CFindDevice@@QAE?AVCString@@H@Z
?GetModems@CFindDevice@@QAEHXZ

mfc42u

ord640
ord2397
ord1634
ord5781
ord1633
ord323
ord858
ord4847
ord5276
ord1143
ord4370
ord2506
ord641
ord324
ord2362
ord4229
ord5871
ord4470
ord2816
ord3806
ord1165
ord2810
ord4704
ord3614
ord6195
ord942
ord941
ord538
ord2854
ord2606
ord537
ord2756
ord6874
ord4197
ord823
ord1172
ord940
ord2644
ord1662
ord860
ord922
ord927
ord925
ord6921
ord6919
ord4272
ord4124
ord2755
ord4199
ord801
ord6051
ord1768
ord5286
ord3397
ord4418
ord3716
ord795
ord567
ord4667
ord4269
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord755
ord4074
ord4692
ord5303
ord5285
ord5710
ord4616
ord3733
ord561
ord815
ord2613
ord1131
ord6865
ord715
ord686
ord2717
ord384
ord415
ord2637
ord1761
ord4155
ord2858
ord2371
ord2857
ord2088
ord2634
ord3281
ord5977
ord1081
ord5601
ord5593
ord4215
ord2576
ord3649
ord2430
ord6266
ord1637
ord6896
ord1105
ord6451
ord3688
ord3693
ord765
ord4270
ord5674
ord6168
ord5869
ord5785
ord283
ord5732
ord3792
ord4128
ord4292
ord5784
ord5783
ord2403
ord2015
ord4213
ord2570
ord4392
ord3577
ord616
ord3568
ord3312
ord1569
ord5949
ord2355
ord3871
ord2855
ord2567
ord4390
ord3569
ord6735
ord609
ord6511
ord6661
ord3605
ord656
ord541
ord2859
ord5568
ord2910
ord668
ord2762
ord356
ord5706
ord5679
ord1155
ord1137
ord6868
ord2574
ord4396
ord3635
ord693
ord4238
ord2745
ord6688
ord2966
ord5142
ord4688
ord2108
ord2746
ord816
ord562
ord6115
ord3737
ord818
ord5446
ord6390
ord5436
ord6379
ord773
ord501
ord2081
ord6597
ord3087
ord4294
ord861
ord6211
ord535
ord6871
ord2078
ord6330
ord2294
ord2406
ord3658
ord3621
ord540
ord825
ord800
ord3592
ord4419
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord4992
ord5261
ord3566
ord2291
ord470
ord5298
ord2290

msvcrt

_controlfp
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_wsplitpath
_wcsupr
wcsstr
memcpy
wcstok
wcslen
iswdigit
_ftol
_wcsicmp
wcscmp
clock
wcscpy
swprintf
wcscat
_wtoi
memset
_itow
_EH_prolog
__CxxFrameHandler

kernel32

CreateFileW
GetOverlappedResult
WriteFile
lstrlenW
ReadFile
ClearCommError
MultiByteToWideChar
GetVersion
GetModuleHandleW
GetCurrentProcess
GetEnvironmentVariableW
GetPrivateProfileIntW
GlobalFree
GlobalAlloc
GetVersionExA
GetStartupInfoW
SetCommTimeouts
SetCommMask
GetCommState
BuildCommDCBW
GetPrivateProfileStringW
Sleep
GetModuleFileNameW
WideCharToMultiByte
GetProcAddress
CloseHandle
GetLastError
CreateMutexW
WritePrivateProfileStringW
WaitForSingleObject
PurgeComm
SetCommState
CreateEventW

user32

wsprintfW
PostMessageW
IsWindow
GetSysColor
PeekMessageW
GetParent
TranslateMessage
GetFocus
LoadCursorW
DispatchMessageW
CreatePopupMenu
EnableMenuItem
GetCursorPos
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuW
LoadIconW
ClientToScreen
SetCursor
SetCapture
ReleaseCapture
GetMessageW
SetParent
FindWindowW
SetForegroundWindow
IsWindowVisible
RedrawWindow
SendMessageW
GetDC
ReleaseDC
SetTimer
LoadImageW
KillTimer
EnableWindow
LoadBitmapW
FillRect
GetClientRect
GetWindowRect
InvalidateRect
ScreenToClient

gdi32

GetObjectW
CreateBitmap
CreatePen
Rectangle
SetPixel
CreateCompatibleBitmap
StretchBlt
CreateFontW
GetTextExtentPoint32W
SelectObject
DeleteObject
CreateCompatibleDC
BitBlt
CreateSolidBrush

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

Shell_NotifyIconW

comctl32

ImageList_SetBkColor
ImageList_AddMasked

rasapi32

RasDeleteEntryW
RasEnumConnectionsW
RasHangUpW
RasGetErrorStringW
RasSetEntryPropertiesW
RasValidateEntryNameW
RasDialW
RasGetEntryDialParamsW
RasGetEntryPropertiesW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2ac75c540a2da9371876f06bfdda5074

Headers

File Characteristics

Imports

dbmanagerexus

multilangdllexu

common

logwriterexdll

msgtool

devicemanagerexu

mfc42u

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

rasapi32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 424KB - Virtual size: 422KB

.trdata Size: 72KB - Virtual size: 72KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 424KB - Virtual size: 422KB

.trdata
Size: 72KB - Virtual size: 72KB