fcf371f23026a82d4080a016688573c172d0236bf0e65edcc78dfae9e51a36a0

Sharing

Copy URL Twitter E-mail

General

Target

fcf371f23026a82d4080a016688573c172d0236bf0e65edcc78dfae9e51a36a0
Size

60KB
MD5

7de613baf4e20b2ff5c13b5f5f7e7f03
SHA1

d7b8b5bb0c5fbe268913169f9c5e242e503f719a
SHA256

fcf371f23026a82d4080a016688573c172d0236bf0e65edcc78dfae9e51a36a0
SHA512

d2e0b0e4e7f93487c8b6e4035ad5ad950ff46de3a0e16ddba8f23d884a6d0a96d41c8066b338f40997c5f79131a1f1bf40437f568a706c32b2c16a51dbf979fd
SSDEEP

768:RihtR0YahEkslE2Zzv/b6+NSPBUsdzHmJ0cvNspgX3b2UDwji:R56Bz/bBGUV3vNU

Score

N/A

Malware Config

Signatures

Files

fcf371f23026a82d4080a016688573c172d0236bf0e65edcc78dfae9e51a36a0
.exe windows x86

155d550125e6ce863ccf3a776f7f01cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
GetVolumeInformationA
GetProcAddress
LoadLibraryA
SetFileAttributesA
MultiByteToWideChar
lstrlenA
WriteFile
GetTempPathA
lstrcmpA
WaitForSingleObject
ResetEvent
GetTickCount
CreateEventA
WideCharToMultiByte
lstrlenW
ReadFile
DeleteFileA
GetCurrentThreadId
GetModuleFileNameA
ExpandEnvironmentStringsA
CreateProcessA
Sleep
FreeLibrary
GetCurrentProcessId
GetLastError
CreateMutexA
GetStartupInfoA
GetModuleHandleA
CloseHandle
FindFirstFileA
FindNextFileA
lstrcmpiA
FindClose

user32

GetForegroundWindow
SetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueExA

shlwapi

PathFileExistsA
StrPBrkA
StrStrA
SHDeleteKeyA

ole32

CoCreateInstance
CoInitialize
CLSIDFromProgID

iphlpapi

GetAdaptersInfo

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

oleaut32

SysAllocStringLen
SysStringLen
VariantClear
SysAllocString
SysFreeString

msvcrt

fgets
_wcsupr
_strdup
_stricmp
_strupr
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
wcscpy
_beginthread
wcsstr
swprintf
sprintf
memset
strcat
strcmp
strncat
strncpy
strlen
strcpy
free
strstr
malloc
sscanf
memcpy
atoi
strchr
fclose
??2@YAPAXI@Z
fopen
__CxxFrameHandler
fprintf
wcslen
time
strtok
exit
fwrite
fputs
rand
fread
ftell
fseek
wcsrchr

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

155d550125e6ce863ccf3a776f7f01cd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

ole32

iphlpapi

msvcp60

oleaut32

msvcrt

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 5KB