8ba5cad5d95937b73b3930368fa160851b3798f724e1a47006bf6a2c5a02183c

Sharing

Copy URL Twitter E-mail

General

Target

8ba5cad5d95937b73b3930368fa160851b3798f724e1a47006bf6a2c5a02183c
Size

228KB
MD5

d6495dd9abdbd16e2f8e76247621d833
SHA1

6448a576c7f38ab4726d28f3d59248a146bfbe73
SHA256

8ba5cad5d95937b73b3930368fa160851b3798f724e1a47006bf6a2c5a02183c
SHA512

8e54d020c81571be53ef3ae8d4178945f1e45734d2fea38165f1c6db87394f8da8275dbb11909fcacd637957a407f4bf9289b669852187f806b5fc29273027ff
SSDEEP

3072:KLzK7sgrOxui+oajcs6Zc0umao/+oFOaE4wJmUMYdQFwY2Eh9xo0z:KLzKlIajn6cmD2oFOaHUMAQ9h9xo0z

Score

N/A

Malware Config

Signatures

Files

8ba5cad5d95937b73b3930368fa160851b3798f724e1a47006bf6a2c5a02183c
.exe windows x86

e12ecaba3fa8f52ff2e881f49c284c92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultUILanguage
GetProcAddress
IsBadCodePtr
IsValidCodePage
GetVersion
GetCurrentThreadId
GetTickCount
GetLastError
GetCurrentProcessId
MultiByteToWideChar
lstrlenW
lstrlenA
WideCharToMultiByte
Thread32Next
ResumeThread
SuspendThread
OpenThread
Thread32First
MulDiv
GetCommandLineA
GetUserDefaultLangID
LoadLibraryA
InterlockedDecrement
GetFileSize
SetEvent
IsBadReadPtr
GetModuleHandleA
GetSystemInfo
LocalFree
GetStartupInfoA
Sleep
GetUserDefaultLCID

user32

GetInputState
GetCursor
IsCharAlphaNumericA
GetActiveWindow
IsCharUpperA
IsCharAlphaA
GetDesktopWindow
CharUpperA
CharLowerA
GetWindowRect
PostMessageA
GetSystemMetrics
IsWindow
GetCapture
GetForegroundWindow
PostThreadMessageA
IsCharLowerA
IsMenu
GetFocus

advapi32

RegSetValueExA

ole32

CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
OleRun

oleaut32

SysStringByteLen
GetErrorInfo
SysAllocString
VariantClear
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysStringLen

msvcp60

?_Incref@facet@locale@std@@QAEXXZ
??1?$ctype@D@std@@UAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Iscloc@locale@std@@QBE_NXZ
??0?$ctype@D@std@@QAE@PBF_NI@Z
??_7bad_cast@std@@6B@
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
?do_tolower@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_tolower@?$ctype@D@std@@MBEDD@Z
?do_toupper@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_toupper@?$ctype@D@std@@MBEDD@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??0locale@std@@QAE@PBDH@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
??1locale@std@@QAE@XZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Xran@std@@YAXXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPADD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z

msvcrt

strcpy
_strdup
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
??0exception@@QAE@ABQBD@Z
atoi
wcslen
strncat
strcat
_strnicmp
_stricmp
strstr
strchr
strncpy
_itoa
free
sprintf
malloc
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memcmp
strlen
__CxxFrameHandler
_except_handler3
rand
srand
memset
??2@YAPAXI@Z
memcpy
wcscmp
pow
_ftol

ws2_32

htons
setsockopt
getsockopt
gethostbyname
WSAStartup
socket
connect
send
recv
WSACleanup
closesocket

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e12ecaba3fa8f52ff2e881f49c284c92

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcp60

msvcrt

ws2_32

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 1KB - Virtual size: 4KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 1KB - Virtual size: 4KB