57fe1cd8ecd2ae5d4958a23d095d70eb7d12962a75c4a96b06a06fce5b374142

Sharing

Copy URL

Twitter E-mail

General

Target

57fe1cd8ecd2ae5d4958a23d095d70eb7d12962a75c4a96b06a06fce5b374142
Size

2.4MB
MD5

09d7366768dbd47e18b36207d7c7c50c
SHA1

8ad6942197b45293fa6ec4e6d051fc8ed7a6cc95
SHA256

57fe1cd8ecd2ae5d4958a23d095d70eb7d12962a75c4a96b06a06fce5b374142
SHA512

4fb3b9f9b25e07c36ab657453a22e2711cb849412cc112209ce0b2aeda6c7d77f32bde5bab5945ce78fc1b261ca1007ff35c5b6160621851c96afe5441bec9e4
SSDEEP

49152:rU3U+ZYmxjpv7x4GFM/+b8dTMNh9Wr73h7NXSWEqNJO5hYTVMCRisKEOe4:riU2YmxjpDx4Zo8dYNh9q73h7NXYkRit

Score

N/A

Malware Config

Signatures

Files

57fe1cd8ecd2ae5d4958a23d095d70eb7d12962a75c4a96b06a06fce5b374142
.dll windows x86

e80a69b510452a1169b3ee8c87b1b98d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
FileTimeToSystemTime
FileTimeToLocalFileTime
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
WriteFile
FlushFileBuffers
IsProcessorFeaturePresent
GetSystemInfo
GetTimeZoneInformation
CompareStringA
GetACP
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
GetCurrentProcess
ReadProcessMemory
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetLastError
GetSystemTime
SystemTimeToFileTime
GetVersionExA
GetSystemDefaultLCID
GetModuleHandleA
SetLastError
FreeLibrary
LoadLibraryA
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
GetTickCount
FindClose
lstrlenA
CreateFileA
lstrcmpiA
GetPrivateProfileStringA
GetFileSize
SetFilePointer
ReadFile
GetModuleFileNameA
CloseHandle
InterlockedCompareExchange
Sleep
GetCurrentThread
GetThreadSelectorEntry

user32

DestroyWindow
GetDesktopWindow
RegisterClassA
DefWindowProcA
MessageBoxA
wsprintfA
ReleaseDC
GetDC
CreateWindowExA

gdi32

SetTextAlign
SetBkMode
PatBlt
GetBitmapBits
ExtTextOutA
GetTextExtentPointA
GetCharABCWidthsA
GetTextMetricsA
SetTextColor
SetBkColor
CreateBitmap
CreateCompatibleDC
DeleteDC
SelectObject
GetFontData
DeleteObject
GetDeviceCaps

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderLocation
SHGetMalloc

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Xlen@_String_base@std@@SAXXZ
?_Xran@_String_base@std@@SAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

_CxxThrowException
memcpy
strlen
memset
_setjmp3
labs
memmove
abort
fprintf
__iob_func
longjmp
__CxxFrameHandler3
memcmp
strncmp
strcmp
atol
strtol
atoi
strtoul
strncpy
strchr
strcpy
_purecall
atan
__RTDynamicCast
sprintf
wcslen
wcscat
sqrt
wcscmp
strstr
wcsstr
ceil
floor
wcsrchr
towupper
wcsncmp
wcsncpy
qsort
sscanf
_vswprintf
_time64
rand
srand
_wsplitpath
_wfullpath
wcschr
exit
_waccess
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
bsearch
isdigit
_invalid_parameter_noinfo
memmove_s
asin
realloc
isxdigit
isalnum
memcpy_s
isalpha
strcat
strtok
strrchr
isspace
_errno
__CxxLongjmpUnwind
strncat
tan
strpbrk
??0exception@std@@QAE@ABQBDH@Z
fabs
vsprintf
strtod
printf
_localtime64
wcstok
strspn
strcspn
_gmtime64
_mktime64
clearerr
ferror
feof
fread
fwrite
fputs
fgets
ftell
fseek
fflush
fclose
_get_osfhandle
_fileno
_open_osfhandle
isupper
toupper
tolower
wcsncat
fopen
rewind
fputc
fgetc
ungetc
remove
modf
fmod
pow
log
_tzset
__timezone
getenv
__tzname
_stricmp
__CxxFrameHandler
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
free
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_wcsnicmp
_wcsicmp
wcscpy
_fdopen

Exports

Exports

CTCleanup
CTGetVersion
CTInit

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 516KB - Virtual size: 515KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e80a69b510452a1169b3ee8c87b1b98d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 516KB - Virtual size: 515KB

.data Size: 88KB - Virtual size: 136KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 116KB - Virtual size: 113KB

.text Size: 228KB - Virtual size: 228KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 516KB - Virtual size: 515KB

.data
Size: 88KB - Virtual size: 136KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 116KB - Virtual size: 113KB

.text
Size: 228KB - Virtual size: 228KB