179b257002d81138b8e80b3d39c53f11cb86adf151939ada685ba5d58d6c1a3c

Sharing

Copy URL Twitter E-mail

General

Target

179b257002d81138b8e80b3d39c53f11cb86adf151939ada685ba5d58d6c1a3c
Size

231KB
MD5

a203a5956c5b0c8709152f85485950c4
SHA1

41dac6f37db163ded2bbbb0b206a2f9cb9550eb0
SHA256

179b257002d81138b8e80b3d39c53f11cb86adf151939ada685ba5d58d6c1a3c
SHA512

0e4b0276a475d77330345f43ad08f8b104a9582794afc741c7c0432fbc8058503b0d2b95644abf9e63f4779f4caba6d606de9e9a6d961499bb048b119aa6015b
SSDEEP

3072:Kg9ldixtz8ji0a6KT0MP3OY5hO9Yohoa2bkTssiMan0fIjj+sj2uJITG73IPBlIW:nlitz8j+0tz8Ylan0f0j25G741

Score

N/A

Malware Config

Signatures

Files

179b257002d81138b8e80b3d39c53f11cb86adf151939ada685ba5d58d6c1a3c
.exe windows x86

e29595a3468758abac35f7fe24812439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mbstowcs
wcscat
wcscpy
_controlfp
??1type_info@@UAE@XZ
_onexit
__dllonexit
wcstombs
_mbsicmp
_mbslwr
memmove
??8type_info@@QBEHABV0@@Z
__RTtypeid
_itoa
putc
fputc
vfprintf
fprintf
_iob
_strcmpi
printf
strtol
_dup2
freopen
sscanf
realloc
?terminate@@YAXXZ
_mbscmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
free
_CxxThrowException
malloc
fopen
fclose
_purecall
fputs
exit
getc
_stricmp
sprintf
wcslen
__CxxFrameHandler

msvcirt

?flush@@YAAAVostream@@AAV1@@Z
?cin@@3Vistream_withassign@@A
?get@istream@@QAEAAV1@PADHD@Z
??0ostrstream@@QAE@XZ
??6ostream@@QAEAAV0@K@Z
?str@ostrstream@@QAEPADXZ
??1ostrstream@@UAE@XZ
??_Dostrstream@@QAEXXZ
??0strstream@@QAE@XZ
?ends@@YAAAVostream@@AAV1@@Z
?str@strstream@@QAEPADXZ
??1strstream@@UAE@XZ
??1ios@@UAE@XZ
??_Dstrstream@@QAEXXZ
??6ostream@@QAEAAV0@J@Z
?cout@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z
?cerr@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
?fd@ifstream@@QBEHXZ
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@D@Z

kernel32

FindNextFileA
FindClose
CreateFileA
CloseHandle
GetFullPathNameA
FindFirstFileA
InterlockedIncrement
lstrlenA
WideCharToMultiByte
InterlockedDecrement
SetCurrentDirectoryA
GetCurrentDirectoryA
GetComputerNameA
GetLocalTime
LoadLibraryA
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString
SafeArrayPutElement
SafeArrayCreate

ole32

CoUninitialize
CoCreateInstance
CoInitialize

user32

LoadStringA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
GetUserNameA
RegQueryValueExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e29595a3468758abac35f7fe24812439

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

msvcirt

kernel32

oleaut32

ole32

user32

advapi32

version

Sections

.text Size: 211KB - Virtual size: 210KB

.data Size: 18KB - Virtual size: 18KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 211KB - Virtual size: 210KB

.data
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 1024B - Virtual size: 1024B