a7125c5cf28b254cd377f09fbe54bfc3dff7aca1d96dea05e7152aede27d9ecc

Sharing

Copy URL Twitter E-mail

General

Target

a7125c5cf28b254cd377f09fbe54bfc3dff7aca1d96dea05e7152aede27d9ecc
Size

231KB
MD5

df0a7ca45fd0ad6e34f587da6de46f16
SHA1

f8731e38a1c04a4fc222808fc0edb9023854e45c
SHA256

a7125c5cf28b254cd377f09fbe54bfc3dff7aca1d96dea05e7152aede27d9ecc
SHA512

81a86ea419bfe1e6d0bd124e364fae5f7af0ae6f53469bcc23ee2750d5ed407b808919b86c6023c7da0fadb8a010d68f141e02616c137836438d6cd11612cb78
SSDEEP

3072:qIuUJ192mmzukvadA9hE4kRqsyHB37Vt5xLtfFWfRTFIXPj5J7//S7SW8QA4:Luk1Qmq/vapjqsG7BUfR5Sj5J7/0UQ

Score

N/A

Malware Config

Signatures

Files

a7125c5cf28b254cd377f09fbe54bfc3dff7aca1d96dea05e7152aede27d9ecc
.exe windows x86

2c051916c09ac2e02b802e6ce8ee2e57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProcAddress
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
GlobalFree
ResetEvent
SetEvent
GetVersionExW
WaitForSingleObject
GetComputerNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReleaseMutex
GetCurrentProcess
GetStartupInfoW
CreateMutexW

mfc42u

ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord663
ord800
ord815
ord2606
ord348
ord540
ord561
ord2520
ord6303
ord3579
ord543
ord803
ord825
ord5568
ord2910
ord4155
ord4162
ord521
ord1196
ord2809
ord861
ord2613
ord2717
ord1899
ord4253
ord5155
ord5154
ord4899
ord4736
ord4942
ord4352
ord5261
ord4371
ord4848
ord4992
ord4704
ord2506
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5283
ord3793
ord4829
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord768
ord795
ord656
ord3658
ord823
ord1165
ord3621
ord3131
ord2855
ord3614
ord1634
ord6190
ord2859
ord2371
ord6051
ord1768
ord5286
ord4831
ord3397
ord3716
ord567
ord3826
ord4390
ord3569
ord609
ord3605
ord1662
ord2644
ord641
ord2574
ord4396
ord3365
ord3635
ord693
ord489
ord2362
ord2350
ord2294
ord4970
ord5156
ord6195
ord6330
ord3285
ord3871
ord4042
ord6898
ord3087
ord2810
ord2811
ord3806
ord922
ord858
ord4124
ord6451
ord2756
ord6279
ord6278
ord5677
ord6211
ord6193
ord6375
ord535
ord2235
ord3296
ord3281
ord1105
ord4312
ord640
ord2397
ord1633
ord2519
ord482
ord323
ord1900
ord1683
ord5284
ord4433
ord2046
ord4425
ord771
ord4254
ord1143
ord1008
ord496
ord4709
ord773
ord4266
ord1083
ord3697
ord501
ord3728
ord810
ord6004
ord1197
ord4219
ord4500
ord2857
ord686
ord384
ord4120
ord5977
ord3282
ord2089
ord4270
ord755
ord470
ord3566
ord5781
ord4459
ord3825
ord2971
ord3076
ord2980
ord2567
ord3257
ord3254
ord3142
ord2977
ord5710
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord2406
ord1569

msvcrt

__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
?terminate@@YAXXZ
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_wcsicmp
wcslen
__CxxFrameHandler

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

CreateCompatibleDC
CreateBitmap
GetStockObject
EndDoc
SelectObject
StartPage
StartDocW
GetTextMetricsW
GetTextExtentPoint32W
GetDeviceCaps
BitBlt
GetPixel
EndPage
CreateFontIndirectW
GetObjectW

user32

LoadBitmapW
SetClassLongW
LoadIconW
wsprintfW
PeekMessageW
TranslateMessage
DispatchMessageW
SetForegroundWindow
FindWindowW
TabbedTextOutW
PostMessageW
SendMessageW
GetWindowRect
RedrawWindow
GetParent
EnableWindow
IsWindow

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum
WNetGetLastErrorW

comctl32

ImageList_SetBkColor

llsrpc

LlsFreeMemory
LlsClose
LlsProductEnumW
LlsConnectEnterpriseW
LlsEnterpriseServerFindW

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 164KB - Virtual size: 428KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2c051916c09ac2e02b802e6ce8ee2e57

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mfc42u

msvcrt

advapi32

gdi32

user32

mpr

comctl32

llsrpc

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 35KB - Virtual size: 34KB

.vmp0 Size: 164KB - Virtual size: 428KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 35KB - Virtual size: 34KB

.vmp0
Size: 164KB - Virtual size: 428KB