cedd23574e076b6f84eeaedfe8a7ed4a6c2f8fb29eef21798eeb0905d891c587

Sharing

Copy URL Twitter E-mail

General

Target

cedd23574e076b6f84eeaedfe8a7ed4a6c2f8fb29eef21798eeb0905d891c587
Size

73KB
MD5

d6b17fccc1d56b087c1625fc26161385
SHA1

d6e469661ae5681c034a41635bea6d49c15af508
SHA256

cedd23574e076b6f84eeaedfe8a7ed4a6c2f8fb29eef21798eeb0905d891c587
SHA512

19df2a620635e18effa1a07fcc0d58fe3ad37029576031e9c6a968d8a2492d2c895ebf84a3ebc70080199059741765cee5c6c48499a562c7b9c592ecd93c9978
SSDEEP

1536:lokngtb8Dlqfe7HRUFgDD/FQZCDB1uiJcXfrSlhMeoxoTLldi:1kb8H7H+O1Qdi0frTeuoTLl

Score

N/A

Malware Config

Signatures

Files

cedd23574e076b6f84eeaedfe8a7ed4a6c2f8fb29eef21798eeb0905d891c587
.exe windows x86

d46df5949fc07c4bc44926f5c30a37c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
lstrcatA
LocalAlloc
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
ExitProcess
OpenProcess
CreateProcessA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
CreateMutexA
SetErrorMode
LocalFree
CreateToolhelp32Snapshot
GetCurrentProcess
Module32Next
ReadProcessMemory
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetProcAddress
LoadLibraryA
TerminateProcess
FreeLibrary
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
SetEvent
GetStartupInfoA
CreateEventA
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
ReleaseMutex
DeleteCriticalSection
OutputDebugStringA
TerminateThread
GetTickCount
ExitThread
WriteFile
Sleep
GetStdHandle
CreateThread
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
ReadFile
CloseHandle
GetFileSize
Process32Next
GetLastError

user32

TranslateMessage
RegisterClassA
CreateWindowExA
DefWindowProcA
GetMessageA
DispatchMessageA
wsprintfA

advapi32

RegOpenKeyExA
StartServiceA
OpenServiceA
ControlService
DeleteService
OpenSCManagerA
CreateServiceA
LockServiceDatabase
QueryServiceLockStatusA
ChangeServiceConfig2A
UnlockServiceDatabase
CloseServiceHandle
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
AdjustTokenPrivileges
RegSetValueExA
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA

ws2_32

closesocket
htonl
send
select
__WSAFDIsSet
recv
inet_ntoa
connect
inet_addr
socket
gethostbyname
WSACleanup
WSAStartup
ioctlsocket
ntohl
getsockname
htons

wininet

InternetErrorDlg
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

mpr

WNetAddConnection2A
WNetCancelConnection2A

msvcrt

calloc
exit
sprintf
wcscpy
wcslen
strncat
mbstowcs
rand
srand
_vsnprintf
_purecall
strcmp
strcpy
strstr
strcat
atoi
_strupr
toupper
memcmp
time
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
ceil
_ftol
floor
free
malloc
memset
memcpy
strlen
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
_stricmp
_strcmpi
_snprintf

msvcp60

?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0Init@ios_base@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0_Winit@std@@QAE@XZ

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d46df5949fc07c4bc44926f5c30a37c2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

psapi

mpr

msvcrt

msvcp60

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 24KB - Virtual size: 23KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 24KB - Virtual size: 23KB