b4bc52e681027c275a5f3464a0d2e13c1228f5c5c1b80362da7fb9506575ac19

Sharing

Copy URL Twitter E-mail

General

Target

b4bc52e681027c275a5f3464a0d2e13c1228f5c5c1b80362da7fb9506575ac19
Size

308KB
MD5

22ba40002e6efb042a31b3a837ac71b0
SHA1

12d4628c56dae2d53f78b45e61dfc3f0a15d8c3a
SHA256

b4bc52e681027c275a5f3464a0d2e13c1228f5c5c1b80362da7fb9506575ac19
SHA512

683372f2ffa107f0bb695bf60024fe21f38830f6dca5b610ab625e9b1c730f2f88663b19ce97a92090dab75ec2ab00574a0b5f6743f721517fb5b7adf8546d63
SSDEEP

3072:GyRKn776UT2i0on37Ycm/UuC0/TT+IFqOHCzD80asdzIQyOZ:VR4Pdznscm/UuxT+IFquCPxaslIQyC

Score

N/A

Malware Config

Signatures

Files

b4bc52e681027c275a5f3464a0d2e13c1228f5c5c1b80362da7fb9506575ac19
.exe windows x86

1b7ef0ec0c82961bd6163f0b66e4fd00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord11

mfc71

ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4262
ord354
ord605
ord578
ord1489
ord876
ord2902
ord6118
ord299
ord2933
ord1482
ord1084
ord764
ord631
ord2322
ord2748
ord2288
ord2280
ord386
ord310
ord2657
ord2430
ord3648
ord3466
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord4019
ord1557
ord5915
ord3945
ord1402
ord5148
ord5205
ord2173
ord1306
ord4277
ord4265
ord742
ord635
ord562
ord553
ord395
ord751
ord5859
ord4299
ord5165
ord762
ord591
ord587
ord3397
ord4104
ord2086
ord1545
ord4232
ord5214
ord2991
ord4261
ord3164
ord572
ord1931
ord1483
ord4098
ord2089
ord1547
ord4234
ord3171
ord304
ord1883
ord1794
ord1892
ord630
ord781
ord3088
ord2747
ord2021
ord385
ord6236
ord784
ord4469
ord4467
ord3683
ord757
ord3182
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord4307
ord5566
ord2838
ord4481
ord3333
ord566
ord6090
ord593
ord5225
ord5119
ord334
ord959
ord547
ord4031
ord5975
ord1054
ord1122
ord1126
ord3830
ord3645
ord3450
ord4566
ord2614
ord2621
ord6238
ord2016
ord2051
ord5156
ord5592
ord1379
ord5412
ord2742
ord5495
ord4257
ord4852
ord4739
ord1922
ord4222
ord3040
ord2768
ord5934
ord6043
ord4482
ord4264
ord368
ord616
ord4705
ord3647
ord3465
ord732
ord5174
ord908
ord782
ord4100
ord2094
ord3244
ord1955
ord2371
ord1283
ord1063
ord2095
ord1591
ord4240
ord3317
ord741
ord1554
ord3195
ord620
ord2092
ord1641
ord1571
ord4238
ord2958
ord3230
ord658
ord5866
ord3879
ord3740
ord4444
ord4443
ord4790
ord4204
ord4781
ord4388
ord4980
ord4171
ord4178
ord4776
ord4386
ord4401
ord4399
ord4381
ord4384
ord4379
ord4863
ord4860
ord3974
ord5914
ord5151
ord5204
ord3344
ord1360
ord1556
ord4273
ord651
ord416
ord393
ord2419
ord2420
ord2421
ord2418
ord2417
ord4125
ord4935
ord2469
ord2866
ord2164
ord5873
ord6067
ord3997
ord5529
ord2370
ord1565
ord5522
ord3085
ord4587
ord266
ord265
ord911
ord6144
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4580
ord4890
ord4735
ord4212
ord5182
ord297
ord3441
ord3641
ord5213
ord1207

msvcr71

??0exception@@QAE@ABV0@@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_c_exit
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
__security_error_handler
memset
_except_handler3
_purecall
ftell
fread
fwrite
_close
_creat
fseek
_errno
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_localtime64
_vsnprintf
_time64
_setmbcp
free
strstr
_amsg_exit
_acmdln
_CxxThrowException
_controlfp
sprintf
fopen
fprintf
fclose
__CxxFrameHandler
exit
_cexit
_ismbblead
_XcptFilter
_exit

kernel32

GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetVersionExA
GetFileAttributesA
FindResourceA
DeleteFileA
GetSystemTime
DeleteCriticalSection
ExitProcess
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetLastError
CopyFileA
CreateDirectoryA
Sleep
LockResource
SizeofResource
InitializeCriticalSection
LoadResource

user32

GetDlgItem
GetCursorPos
InvalidateRect
GetClientRect
LoadMenuA
GetSubMenu
UpdateWindow
SendMessageA
EnableWindow

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17

msvcp71

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

winmm

mmioDescend
mmioRead
mmioAscend
mmioOpenA
mmioClose
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo

bugtrap

BT_SetAppName
BT_SetSupportEMail
BT_SetSupportServer
BT_SetSupportURL
BT_InstallSehFilter
BT_SetFlags

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b7ef0ec0c82961bd6163f0b66e4fd00

Headers

File Characteristics

Imports

dsound

mfc71

msvcr71

kernel32

user32

shell32

comctl32

msvcp71

winmm

bugtrap

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 96KB - Virtual size: 95KB

.rsrc Size: 112KB - Virtual size: 112KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 112KB - Virtual size: 112KB