fc108fe453442813e5f627a731e09b938f756d85bd983ce73bb6211350810144

Sharing

Copy URL Twitter E-mail

General

Target

fc108fe453442813e5f627a731e09b938f756d85bd983ce73bb6211350810144
Size

912KB
MD5

1fa69e20404617f2c68582696e3cfde0
SHA1

39bb177600d986dcacdb17b2685fd41fc988cd4e
SHA256

fc108fe453442813e5f627a731e09b938f756d85bd983ce73bb6211350810144
SHA512

d56d302d295753666868b7e0a470fcaa729cefaff9e7faf3ca255059a5058583f6b6a49f13cdb4c16a0e950ed81e2487a4d62a97df440409037be043c73d788e
SSDEEP

24576:C01j64/ijcl4O2oqasZXKYa+6z2E7TXGgfA8yBgfJ:1e4MgqasZa2cbTzfOY

Score

N/A

Malware Config

Signatures

Files

fc108fe453442813e5f627a731e09b938f756d85bd983ce73bb6211350810144
.dll windows x86

b15873fc3cb4bac15e8029cd109b5b5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

kernel32

QueryPerformanceFrequency
CreateDirectoryA
DisableThreadLibraryCalls
DeleteFileA
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
LocalFree
FormatMessageA
WriteFile
ReadFile
CreateFileA
CloseHandle
WaitForSingleObject
SetEvent
ResetEvent
GetLastError
CreateThread
CreateEventA
GetTickCount
GetFullPathNameA
QueryPerformanceCounter
HeapCompact
GetProcessHeap
LoadLibraryA
FreeLibrary
GetTempFileNameA
GetTempPathA
PulseEvent
WaitForMultipleObjects
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
ResumeThread
SuspendThread
ExitThread
TerminateThread
SetThreadPriority
SetFilePointer
GetFileSize
GetSystemInfo
GetVersionExA
SetFileAttributesA
SetEndOfFile

user32

MessageBoxA
GetDesktopWindow
LoadStringA

ole32

CoInitialize
CoUninitialize

msvcp71

?_Id_cnt@id@locale@std@@0HA
?length@?$char_traits@D@std@@SAIPBD@Z
?_Xlen@_String_base@std@@QBEXXZ
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
?_Xran@_String_base@std@@QBEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?widen@?$basic_ios@GU?$char_traits@G@std@@@std@@QBEGD@Z
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@@Z
?id@?$ctype@G@std@@2V0locale@2@A
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Ipfx@?$basic_istream@GU?$char_traits@G@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?snextc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?sgetc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?sbumpc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEGG@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

ws2_32

WSASetLastError
ntohs
gethostname
WSAStartup
socket
ioctlsocket
setsockopt
WSACleanup
getsockname
closesocket
inet_addr
ntohl
gethostbyname
htonl
htons
WSAGetLastError
WSAEventSelect
send
recv
connect
sendto
recvfrom
bind

msvcr71

_onexit
_initterm
_adjust_fdiv
_stat
__CppXcptFilter
_stricmp
_strupr
__dllonexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
atol
_splitpath
time
free
malloc
_beginthread
_endthread
_strnicmp
pow
_beginthreadex
exit
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fread
fseek
ftell
fwrite
_findfirst
_findnext
_findclose
strncat
fopen
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_purecall
memcpy
memset
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
__CxxFrameHandler
_CxxThrowException
memmove
realloc
atan
??0exception@@QAE@XZ
??_V@YAXPAX@Z
strcmp
strlen
strncpy
fabs
sqrt
_isnan
_vsnprintf
vsprintf
atof
isdigit
strcpy
sscanf
cos
sin
rand
floor
atan2
acos
fmod
sprintf
strrchr
exp
atoi
toupper
tolower
clock
strstr
srand
_mbscmp
_mbsicmp
_mbsinc
remove
strchr
memcmp
fclose
fprintf

Exports

Exports

CreateServer
DeleteServer
SetMasterDatabase

Sections

.text
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b15873fc3cb4bac15e8029cd109b5b5f

Headers

File Characteristics

Imports

winmm

kernel32

user32

ole32

msvcp71

ws2_32

msvcr71

Exports

Exports

Sections

.text Size: 488KB - Virtual size: 487KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 40KB - Virtual size: 59KB

.rsrc Size: 4KB - Virtual size: 928B

.reloc Size: 32KB - Virtual size: 29KB

.text Size: 244KB - Virtual size: 244KB

.text
Size: 488KB - Virtual size: 487KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 40KB - Virtual size: 59KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 32KB - Virtual size: 29KB

.text
Size: 244KB - Virtual size: 244KB