fc0d1f8a91cda54140ec69ca9952db6dfacea05d29efe5be51d5e598e9164ff6

Sharing

Copy URL

Twitter E-mail

General

Target

fc0d1f8a91cda54140ec69ca9952db6dfacea05d29efe5be51d5e598e9164ff6
Size

232KB
MD5

51ea6c9538dfd0a722c9a182d0d4d020
SHA1

93020221d9b4caf13f5faaf2c2a7b9e4cc50ad70
SHA256

fc0d1f8a91cda54140ec69ca9952db6dfacea05d29efe5be51d5e598e9164ff6
SHA512

ecda334ccc1a1d890710802444f567a7803f4f9dbc61f6ecd774132b0499c0c3cd6dc02c3d5139a465e2fd26972dbcc9502f7b9e45a3098683852cf09dff03fd
SSDEEP

3072:0R+Cp0DSr9uwQn0cghycyWqsy4dg+PpkjdvwV7PXt2eC1hfcrEIygmFJZ:lCpZNcXWwpvwP9Ybb

Score

N/A

Malware Config

Signatures

Files

fc0d1f8a91cda54140ec69ca9952db6dfacea05d29efe5be51d5e598e9164ff6
.exe windows x86

18840d8ab2fb2bed247427a259641960

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord927
ord940
ord942
ord2606
ord4273
ord539
ord5568
ord6655
ord4124
ord5706
ord537
ord538
ord858
ord2910
ord540
ord861
ord535
ord800
ord823
ord825

msvcrt

_acmdln
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
strstr
free
realloc
exit
malloc
sprintf
sscanf
wcschr
wcsstr
fflush
fclose
_wfopen
fseek
ftell
__getmainargs
fwrite
wcstol
memmove
wcscmp
_wtoi
wcscpy
__CxxFrameHandler
wcsrchr
swprintf
wcscat
strchr
_wcsnicmp
_strdup
memset
wcsncat
wcsncpy
memcmp
_snprintf
memcpy
_snwprintf
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
fread
_controlfp
time
wcslen
strncpy
strncat
_stricmp
strlen
gmtime
getenv
_ftol
memchr
_sys_nerr
strerror
_beginthreadex
fputc
fputs
qsort
fgets
strncmp
_isctype
__mb_cur_max
_pctype
strtol
tolower
strtoul
_errno
strrchr
_stati64
_iob
fopen
calloc
_wcsicmp
_wcsset

kernel32

LocalUnlock
WideCharToMultiByte
GetWindowsDirectoryW
CopyFileW
Sleep
WriteFile
CloseHandle
ReadFile
GetFileSize
CreateFileW
GetModuleFileNameW
MultiByteToWideChar
GetLastError
GetFileAttributesW
GetDriveTypeW
ExpandEnvironmentStringsA
FormatMessageA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForSingleObject
SleepEx
InitializeCriticalSection
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
LocalLock
LocalAlloc
SetFilePointer
GetCurrentProcessId
GetStartupInfoA
GetModuleHandleA
GetTickCount
DeviceIoControl
GetFileAttributesA
DeleteFileA
FormatMessageW
GetACP
GetVersionExW
CreateMutexW
FindFirstFileW
FindNextFileW
FindClose
MoveFileW
GetDiskFreeSpaceW
OpenProcess
TerminateProcess
ExitProcess
DeleteFileW
GetTempPathW
CreateDirectoryW
SetFileAttributesW
LocalFree

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW
SHGetSpecialFolderPathW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ole32

CoInitialize
CoCreateGuid
CoUninitialize

ws2_32

htons
bind
connect
setsockopt
getsockopt
WSASetLastError
ntohs
inet_ntoa
recv
send
socket
WSAGetLastError
closesocket
WSAStartup
WSACleanup
htonl
gethostbyname
gethostname
inet_addr
getservbyname
gethostbyaddr
getservbyport
__WSAFDIsSet
getsockname
select
getpeername
ioctlsocket

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18840d8ab2fb2bed247427a259641960

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

advapi32

shell32

version

ole32

ws2_32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 44KB - Virtual size: 46KB

.rsrc Size: 4KB - Virtual size: 1008B

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 44KB - Virtual size: 46KB

.rsrc
Size: 4KB - Virtual size: 1008B