c6a5eae07f852e2cade63b025e568251e02f291a198c78501f354f1a41ea9c15

Sharing

Copy URL Twitter E-mail

General

Target

c6a5eae07f852e2cade63b025e568251e02f291a198c78501f354f1a41ea9c15
Size

972KB
MD5

a212ae638e3f295018478ae839dbd754
SHA1

68b677edf667a6f8232118b0bfe6a9856f30ea71
SHA256

c6a5eae07f852e2cade63b025e568251e02f291a198c78501f354f1a41ea9c15
SHA512

711eac30733509d9de31c446f71f82136ee4965b5990de5fc5525a42260d0f293c92ad27e07c9801c72bb75b40cf31e8d08a65783620dd3f21e02fbfe0dff836
SSDEEP

24576:NE5s/p0jQ6j12ObWN8B9e1CGu7+j0jRdTVfDKFdu9j6wTrff:NpAKBj0tdBKFdu9j6wTTf

Score

N/A

Malware Config

Signatures

Files

c6a5eae07f852e2cade63b025e568251e02f291a198c78501f354f1a41ea9c15
.exe windows x86

e4275b244021c7e5590c98235b1cdfdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

user32

MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
DestroyWindow
UnregisterClassW
RegisterClassW
CreateWindowExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
KillTimer
GetQueueStatus
CallNextHookEx
PostMessageW
PeekMessageW
CharNextExA
MessageBoxA
SetTimer

kernel32

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
SetErrorMode
GetLogicalDrives
GetFileTime
DeviceIoControl
GetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
MoveFileW
CopyFileW
DeleteFileW
GetFullPathNameW
SetEndOfFile
CreateFileW
LoadLibraryW
GetProcAddress
GetCurrentDirectoryW
WriteFile
ReadFile
SetFilePointerEx
GetFileAttributesExW
FindFirstFileW
FindClose
GetFileInformationByHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileType
GetModuleHandleW
GetModuleFileNameW
TlsGetValue
GetCurrentProcess
DuplicateHandle
CreateEventW
SetEvent
WaitForMultipleObjects
GetThreadPriority
ResumeThread
TlsSetValue
SetThreadPriority
TerminateThread
GetCurrentThread
TlsAlloc
Sleep
GetSystemInfo
TlsFree
GetCurrentThreadId
GetVersionExW
FormatMessageW
LocalFree
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
CloseHandle
GetCurrentProcessId
GetUserDefaultLCID
CompareStringW
WideCharToMultiByte
GetLastError
ResetEvent
FindNextFileW
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
IsBadReadPtr
MultiByteToWideChar
WinExec
GetModuleHandleA

msvcp80

?uncaught_exception@std@@YA_NXZ

msvcr80

__p__fmode
__set_app_type
?terminate@@YAXXZ
_vsnprintf_s
__p__commode
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_adjust_fdiv
_controlfp_s
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_invoke_watson
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
_wchmod
_open_osfhandle
_getdrive
_wgetdcwd
_filelengthi64
_get_osfhandle
_gmtime64_s
_localtime64_s
_mktime64
_beginthread
_beginthreadex
_endthreadex
_getpid
fwrite
_write
fgets
fread
feof
_fseeki64
_read
fclose
_close
_errno
_fileno
__iob_func
fprintf
fflush
exit
getenv_s
rand
??0exception@std@@QAE@ABQBDH@Z
strcpy_s
_clearfp
_control87
_tzset
_get_tzname
isspace
isdigit
isalpha
isupper
strchr
_waccess
_lseeki64
_ftelli64
_purecall
memchr
memmove
??_V@YAXPAX@Z
memset
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
realloc
free
malloc
_CxxThrowException
??3@YAXPAX@Z
strncmp
__CxxFrameHandler3

ws2_32

WSAAsyncSelect

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegFlushKey
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
OpenProcessToken
GetTokenInformation
RegDeleteKeyW

Sections

.text
Size: 576KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 380KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4275b244021c7e5590c98235b1cdfdb

Headers

File Characteristics

Imports

ole32

user32

kernel32

msvcp80

msvcr80

ws2_32

advapi32

Sections

.text Size: 576KB - Virtual size: 572KB

.rdata Size: 380KB - Virtual size: 378KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 428B

.text
Size: 576KB - Virtual size: 572KB

.rdata
Size: 380KB - Virtual size: 378KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 428B