452d54264c09571c628766c88f93fc866ada155798f7af23e903545767849cd1

Sharing

Copy URL Twitter E-mail

General

Target

452d54264c09571c628766c88f93fc866ada155798f7af23e903545767849cd1
Size

223KB
MD5

15e3cb6604fd63e6f4c2482ea3142166
SHA1

4bd445fd2a26115e0168b279d5d94d504fd9cd7a
SHA256

452d54264c09571c628766c88f93fc866ada155798f7af23e903545767849cd1
SHA512

28c60e1ef2ff1590c622d0562917f85cab78e07f2734f8fea75d1ff871778b5a941ebab25c45f9500206e9d51b8121cc378abdf59d24eb9f2f71e80f4cc347ef
SSDEEP

6144:vbahUOtQd+NosqQGHtOa7tcy/VfMCq2WKh:TUfqQSN0CqKh

Score

N/A

Malware Config

Signatures

Files

452d54264c09571c628766c88f93fc866ada155798f7af23e903545767849cd1
.exe windows x86

d0d7d116e4cdd01df441a8604d9fdf64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
OpenProcess
GetExitCodeProcess
CloseHandle
FormatMessageW
HeapAlloc
GetProcessHeap
GetFileAttributesW
CreateDirectoryW
DeleteFileW
SetEvent
CreateEventW
CreateThread
CreateWaitableTimerW
SetWaitableTimer
WaitForMultipleObjects
CancelWaitableTimer
GetModuleFileNameW
GetCurrentThreadId
GetModuleHandleW
RaiseException
GetCommandLineW
Sleep
GetLastError
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InitializeCriticalSection
LeaveCriticalSection
InterlockedDecrement
lstrlenW
InterlockedIncrement
WaitForSingleObject
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange

user32

MsgWaitForMultipleObjects
PeekMessageW
UnregisterClassA
DispatchMessageW
GetMessageW
PostThreadMessageW
TranslateMessage
CharUpperBuffW
CharUpperW
CharNextW
SetTimer

advapi32

RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW

shell32

SHGetFolderPathW

ole32

CoCreateInstance
CoDisconnectObject
CLSIDFromString
CoInitializeEx
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoInitialize

oleaut32

UnRegisterTypeLi
RegisterTypeLi
VarBstrCat
SysAllocStringLen
SafeArrayLock
SafeArrayCreate
SafeArrayRedim
VarBstrCmp
VariantInit
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
SafeArrayUnlock
VariantClear
SafeArrayDestroy
SafeArrayCopy
SafeArrayGetVartype
SysAllocStringByteLen
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
SysAllocString
VariantChangeType

msvcr80

__CxxFrameHandler3
_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
_CxxThrowException
__dllonexit
_unlock
?terminate@@YAXXZ
??3@YAXPAX@Z
??2@YAPAXI@Z
free
??_U@YAPAXI@Z
_purecall
??_V@YAXPAX@Z
_wtol
??0exception@std@@QAE@ABV01@@Z
memcpy_s
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
memmove_s
vswprintf_s
_recalloc
calloc
swprintf_s
_resetstkoflw
wcsstr
malloc
_wtoi
_wtoi64
wcsftime
_localtime64_s
_time64
wcscat_s
wcscpy_s
wcsncpy_s
memset

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d0d7d116e4cdd01df441a8604d9fdf64

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msvcr80

msvcp80

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 6KB - Virtual size: 7KB

.rsrc Size: 20KB - Virtual size: 19KB

.1rdata Size: 60KB - Virtual size: 60KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 20KB - Virtual size: 19KB

.1rdata
Size: 60KB - Virtual size: 60KB