391832c7669e54af31fbf1773a02839c77fc94b57a17f57826098982c843d974

Sharing

Copy URL Twitter E-mail

General

Target

391832c7669e54af31fbf1773a02839c77fc94b57a17f57826098982c843d974
Size

40KB
MD5

12639495b6623f6dade9af01b7f95e40
SHA1

30cce487bd74fb24764340982d291aa47806d591
SHA256

391832c7669e54af31fbf1773a02839c77fc94b57a17f57826098982c843d974
SHA512

4f840594fb06329e4d48e7fa38f7a756052d1cde3f49331ab4d64558259e50e8ba148922ed940e526a6505aa7e16d6acc876c14e82c9d3e9caf6aba94f16623c
SSDEEP

384:qqPElI/BJyeX773ROmJRZNszQTZxZ6O+eNar5BQQteapQzaqybeQs8+x0ayP7kDy:tPElIP7TRJUzcMeEr5v6+9Tw6MXJUPEK

Score

N/A

Malware Config

Signatures

Files

391832c7669e54af31fbf1773a02839c77fc94b57a17f57826098982c843d974
.exe windows x86

81be1ba3779b6ded3c4a424253d33e1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

fopen
fseek
__CxxFrameHandler
sprintf
wcslen
rename
fclose
free
malloc
memchr
fwrite
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

LoadResource
GetVersionExA
FreeLibrary
GetStartupInfoA
DeleteFileA
MultiByteToWideChar
GetSystemDirectoryA
CopyFileA
LoadLibraryA
FindResourceA
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetCurrentProcess

user32

GetSystemMetrics
ExitWindowsEx

advapi32

LookupPrivilegeValueA
OpenProcessToken
GetUserNameA
AdjustTokenPrivileges

shell32

ShellExecuteA

msvcp60

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xlen@std@@YAXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81be1ba3779b6ded3c4a424253d33e1f

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

msvcp60

version

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 640B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 640B