57e3cd8f99128d42df10bcaeedc067fb7d109f20a2595014cec2ab549217f807

Sharing

Copy URL Twitter E-mail

General

Target

57e3cd8f99128d42df10bcaeedc067fb7d109f20a2595014cec2ab549217f807
Size

749KB
MD5

14801498c7a1a46988ff05c40db4bda0
SHA1

d0acc80a0ae7b55f1a5471c3f2d9b8fc0d47bf52
SHA256

57e3cd8f99128d42df10bcaeedc067fb7d109f20a2595014cec2ab549217f807
SHA512

226618721e395670c214c3047244925d294794680ed7090c89083c6fb88c4cb3c3ce06c6f6f0b4aae9687fe56e918a483dc3a304e11735d837814d0094aa5403
SSDEEP

12288:m8gTsoKXCVzuPCLnUJBv0L/uZcuhfi4DMThXM/49mTF9ioH:mVTEXh0UJBcL/qcZQM1c/bTFAoH

Score

N/A

Malware Config

Signatures

Files

57e3cd8f99128d42df10bcaeedc067fb7d109f20a2595014cec2ab549217f807
.exe windows x86

77c655c0fb4f0ce816a2e013bb0cc054

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_crt_debugger_hook
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
vswprintf_s
wcsstr
wcsncpy_s
_beginthreadex
_wcsdup
_resetstkoflw
wcscpy_s
_setjmp3
longjmp
strncmp
_wsplitpath_s
_wcsnicmp
_CIsqrt
realloc
_vsnwprintf
_wtoi64
_wtoi
wcstod
_wcsicmp
_recalloc
wcstoul
wcsncmp
memmove
malloc
_CIpow
strtod
__iob_func
fprintf
strncpy
fread
abort
sprintf
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
wcsrchr
wcschr
memset
__CxxFrameHandler3
calloc
free
memmove_s
memcpy

msvcp90

?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?_Xlen@_String_base@std@@SAXXZ
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIPB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W0@Z
?_Copy_s@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPA_WIII@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IABV12@@Z
?_Xran@_String_base@std@@SAXXZ
?insert@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IPB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIABV12@II@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHIIABV12@@Z
?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

kernel32

GetProcessHeap
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualProtect
LoadLibraryA
FormatMessageA
LocalFree
GetSystemDirectoryW
LockFile
LockFileEx
UnlockFileEx
UnlockFile
GetFileInformationByHandle
SetEndOfFile
FindResourceW
LoadResource
SizeofResource
FreeLibrary
LoadLibraryExW
OutputDebugStringA
GetModuleFileNameW
SetLastError
LoadLibraryW
GetVersion
GetProcAddress
GetModuleHandleW
GetModuleHandleA
ExitProcess
GetCurrentThreadId
Sleep
CreateThread
WaitForSingleObject
SetEvent
CreateEventW
CompareStringW
FlushFileBuffers
GetDiskFreeSpaceExW
GlobalAlloc
GlobalFree
lstrcmpiW
MultiByteToWideChar
SystemTimeToFileTime
HeapCreate
HeapAlloc
HeapReAlloc
LocalAlloc
HeapFree
WriteFile
GetTempPathW
GetTempFileNameW
GlobalLock
GlobalUnlock
DeleteFileW
MoveFileW
SetFilePointer
ReadFile
CloseHandle
GetFileAttributesW
LeaveCriticalSection
EnterCriticalSection
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetUserDefaultLCID
LCMapStringW
GetLastError
RaiseException

user32

FindWindowW
LoadStringW
PostThreadMessageW
CharNextW
DispatchMessageW
GetMessageW
SetTimer
MessageBoxA

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegQueryValueExW
RegDeleteKeyW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateGuid
CreateStreamOnHGlobal
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterClassObject
CoCreateInstance
CoTaskMemFree
CLSIDFromString

gdi32

DeleteObject

oleaut32

VarUI4FromStr
SafeArrayDestroy
VarBstrCmp
VariantTimeToSystemTime
VariantChangeTypeEx
VariantCopy
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantClear

wininet

InternetGetConnectedState
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetErrorDlg
HttpQueryInfoW

Sections

.text
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 38KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

77c655c0fb4f0ce816a2e013bb0cc054

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

msvcp90

kernel32

user32

advapi32

ole32

gdi32

oleaut32

wininet

Sections

.text Size: 592KB - Virtual size: 592KB

.data Size: 38KB - Virtual size: 39KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 104KB - Virtual size: 104KB

.text
Size: 592KB - Virtual size: 592KB

.data
Size: 38KB - Virtual size: 39KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 104KB - Virtual size: 104KB