d60ae78f3f31e41920f9a1ecfdf814089b6a4c0e24eba0ae08b5eb34416418f8

Sharing

Copy URL Twitter E-mail

General

Target

d60ae78f3f31e41920f9a1ecfdf814089b6a4c0e24eba0ae08b5eb34416418f8
Size

136KB
MD5

0a058508d4e87b7a10199e96e576a7b0
SHA1

0f12ba4988ca00078d071bede0e8b0c8398691fd
SHA256

d60ae78f3f31e41920f9a1ecfdf814089b6a4c0e24eba0ae08b5eb34416418f8
SHA512

ca1aa3323b8269c01f5743efe71e67b3ac9abac80b4b7f058503fdab165c062183984919c7c1fd86d4f01369548a5483298a7a8ee7a96550c527eed636621998
SSDEEP

3072:+GieI7t4lMZE6q9PZrXDW6OlXkImuTAm7GUTJnJm0:+SI7EBG6OJkILTApUTJnJz

Score

N/A

Malware Config

Signatures

Files

d60ae78f3f31e41920f9a1ecfdf814089b6a4c0e24eba0ae08b5eb34416418f8
.exe windows x86

c714dcacc671cc3d709ecb931a35ce19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord4621
ord4419
ord3592
ord567
ord324
ord2294
ord2290
ord2350
ord4229
ord6912
ord551
ord6330
ord4155
ord4704
ord4847
ord2813
ord6759
ord1258
ord823
ord3494
ord2507
ord355
ord2859
ord781
ord6771
ord2520
ord3470
ord1172
ord5571
ord2132
ord434
ord3703
ord4270
ord2634
ord3087
ord3747
ord5142
ord2371
ord6433
ord755
ord470
ord665
ord353
ord6195
ord1683
ord5284
ord2046
ord4425
ord3695
ord771
ord497
ord1008
ord4254
ord6172
ord5977
ord4709
ord4433
ord5710
ord2877
ord4028
ord5155
ord5154
ord4942
ord4352
ord4371
ord4848
ord5283
ord4829
ord3694
ord2047
ord2644
ord1662
ord3605
ord656
ord4199
ord2567
ord4390
ord3569
ord3716
ord609
ord795
ord6211
ord5949
ord1144
ord2810
ord5647
ord3122
ord3611
ord798
ord1989
ord6388
ord5188
ord533
ord350
ord922
ord768
ord489
ord4253
ord4970
ord6237
ord4736
ord5156
ord4899
ord4219
ord2406
ord5783
ord640
ord2559
ord5781
ord1633
ord323
ord2855
ord5785
ord5871
ord3870
ord816
ord562
ord1634
ord1143
ord3614
ord3621
ord3566
ord5285
ord5303
ord4692
ord4074
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2640
ord4435
ord4831
ord3793
ord5276
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1767
ord4073
ord6048
ord4992
ord4370
ord5261
ord6733
ord2546
ord4480
ord6371
ord5215
ord861
ord536
ord5706
ord941
ord800
ord825
ord296
ord3397
ord5286
ord1768
ord6051
ord3577
ord4392
ord2570
ord4213
ord2015
ord2403
ord3948
ord5208
ord1197
ord1165
ord1196
ord2910
ord5568
ord925
ord858
ord942
ord940
ord6868
ord348
ord2506
ord6504
ord616
ord641
ord663
ord4124
ord535
ord2717
ord561
ord540
ord815
ord3733
ord4418
ord4616
ord4075
ord3074
ord3820
ord3826
ord3825
ord3396
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2362
ord2977
ord538
ord617
ord3658
ord2876
ord5214
ord1569

msvcrt

__CxxFrameHandler
wcscmp
_wcsnicmp
_wcsicmp
_wcslwr
wcscat
_itow
wcslen
wcsrchr
_ftime
wcscpy
swscanf
time
swprintf
free
malloc
_controlfp
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
calloc
ceil
_ftol
sprintf
_stricmp
_ltow
localtime
_purecall
wcsncpy
wcsstr
_timezone
mktime
_wopen
difftime
_close
_write
_lseek
rand
srand
_read
_wcsdup
_wcsnset
_CxxThrowException
memmove
_strupr
strncpy
atoi
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
wcschr
wcsftime

kernel32

GetDateFormatW
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualQuery
VirtualProtect
GetModuleHandleA
CreateFileW
GetFileSize
lstrlenW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GetVolumeInformationW
GetComputerNameW
TlsAlloc
TlsSetValue
GetModuleHandleW
GetCurrentProcessId
OpenMutexW
TlsGetValue
CreateMutexW
SuspendThread
SetThreadContext
GetCurrentThread
DuplicateHandle
CreateEventW
CreateThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
TlsFree
DeleteCriticalSection
InitializeCriticalSection
CreateWaitableTimerW
SetPriorityClass
GetCurrentProcess
SetProcessWorkingSetSize
SetWaitableTimer
WaitForMultipleObjects
CloseHandle
LoadLibraryW
GetUserDefaultLangID
PulseEvent
FreeLibrary
GetModuleFileNameW
MultiByteToWideChar
lstrlenA
CreateDirectoryW
GetLastError
GetVersionExW
DeleteFileW
FileTimeToSystemTime
GetFileTime
GetTempFileNameW
GetFileAttributesW
GetProcAddress
LoadLibraryExW
ReadFile
WriteFile
GetLocalTime
GetTickCount
GetStartupInfoW

user32

IsIconic
LoadIconW
GetSystemMetrics
GetClientRect
SendMessageW
EnableWindow
MessageBoxW
LoadStringW
GetParent
DrawIcon
LoadBitmapW
CopyRect
DrawTextW
GetSysColor
PostMessageW
BringWindowToTop

gdi32

CreateFontIndirectW
GetObjectW
CreateCompatibleDC
BitBlt
GetStockObject
PatBlt

advapi32

CloseServiceHandle
GetFileSecurityW
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
GetUserNameW
LookupAccountNameW
OpenSCManagerW
SetFileSecurityW
SetSecurityDescriptorDacl
AddAccessAllowedAce
GetAce
AddAce
InitializeAcl
GetLengthSid

shell32

ShellExecuteW

ole32

CoUninitialize
CoInitialize

imagehlp

ImagehlpApiVersion

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data_1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c714dcacc671cc3d709ecb931a35ce19

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

imagehlp

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 4KB - Virtual size: 10KB

.data_1 Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 4KB - Virtual size: 10KB

.data_1
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB