8db6fcebfbeb369c2189f716e295820bcaba38a769d84ea476ce7dbb614bf56d

Sharing

Copy URL Twitter E-mail

General

Target

8db6fcebfbeb369c2189f716e295820bcaba38a769d84ea476ce7dbb614bf56d
Size

836KB
MD5

64fb810dd22463d8457ceaa1b16f4135
SHA1

809dab2a9f3fdaa9ddcbf214ea17d8642a33c132
SHA256

8db6fcebfbeb369c2189f716e295820bcaba38a769d84ea476ce7dbb614bf56d
SHA512

1b13896f524c72d1d7bbc92e73475e6620205505349980599d52f73ce1475226afccb453a3ea96010839197eabc9d852f41c037495226523d325748115f90c8f
SSDEEP

24576:sR0NQIQavaNzVUN73skS9AlPsRZ729KSCE:UVUN73skqUm7kf

Score

N/A

Malware Config

Signatures

Files

8db6fcebfbeb369c2189f716e295820bcaba38a769d84ea476ce7dbb614bf56d
.dll windows x86

3abee14148040e7fbf08aa9c7bf5348f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
SetFileAttributesA
GetFileAttributesA
FindNextFileA
MoveFileA
LoadLibraryA
SetErrorMode
FreeLibrary
GetProcAddress
RemoveDirectoryA
GetTickCount
ReleaseSemaphore
WaitForMultipleObjects
CreateSemaphoreA
Sleep
GetCurrentThreadId
CreateThread
GetExitCodeThread
TerminateThread
GetDriveTypeA
FindFirstFileA
CreateDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
GetDiskFreeSpaceA
FindClose
ResetEvent
SetEvent
CreateEventA
ReleaseMutex
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
GetVersion
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetThreadPriority
SetThreadPriority
ResumeThread
SuspendThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
GetTempPathA
CreateFileA
GetFileSize
GetLastError
GetVersionExA
DisableThreadLibraryCalls
CreateMutexA

user32

GetMessageA
PostMessageA
PostThreadMessageA
KillTimer
SetTimer
DispatchMessageA
PeekMessageA
GetSystemMetrics
CharPrevA
CharNextA

advapi32

RegOpenKeyA
RegSetValueA
RegCreateKeyA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?_Xran@_String_base@std@@QBEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

strtol
_vsnprintf
strrchr
_strnicmp
_timezone
localtime
time
_tzset
_mbctype
strtok
fwrite
fread
ftell
fseek
malloc
realloc
calloc
abort
fprintf
_iob
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
?terminate@@YAXXZ
_open
_creat
_close
_CIpow
strchr
isupper
tolower
fgets
isspace
strncpy
sprintf
_snprintf
_stricmp
sscanf
floor
strstr
memmove
fopen
fclose
??_V@YAXPAX@Z
free
toupper
_purecall
__CxxFrameHandler
strncmp
atol
atoi
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
??0exception@@QAE@XZ
getenv
_sopen
_lseek
_tell
_read
_write
_unlink
??1exception@@UAE@XZ
_strdup
_strcmpi
_getcwd
_chdir
_putenv
_stat
_itoa
_findfirst
_findnext
_findclose
_errno
_fstat
_chsize
_endthreadex
_beginthreadex
_ftime

ole32

CoCreateGuid
CoInitializeEx
CoUninitialize

Exports

Exports

HXTCreateJobFactory
RMACreateRMJobFactory
SetDLLAccessPath

Sections

.text
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3abee14148040e7fbf08aa9c7bf5348f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcp71

msvcr71

ole32

Exports

Exports

Sections

.text Size: 668KB - Virtual size: 667KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 4KB - Virtual size: 928B

.rsrc Size: 4KB - Virtual size: 744B

.reloc Size: 48KB - Virtual size: 45KB

.text
Size: 668KB - Virtual size: 667KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 4KB - Virtual size: 928B

.rsrc
Size: 4KB - Virtual size: 744B

.reloc
Size: 48KB - Virtual size: 45KB