cb7ac072eba679b76ecf94a602d52e34f8aabaad3020307c1d582aff984b8d1a

Sharing

Copy URL Twitter E-mail

General

Target

cb7ac072eba679b76ecf94a602d52e34f8aabaad3020307c1d582aff984b8d1a
Size

31KB
MD5

da4a2dfcb15d487cd50630380351d069
SHA1

feeedc225431dbec1f93758c972a8997660520a7
SHA256

cb7ac072eba679b76ecf94a602d52e34f8aabaad3020307c1d582aff984b8d1a
SHA512

e8aa650164f5163df46f07e007a0ac0ded270faba5dab7dd15642b683fdc53c4ba0a9e7ed3c4eead83e4e5d67f0dbe5d5a99e4f26b9e9cad04b8e95fa083eb76
SSDEEP

768:NjuXYXao1ruvBkjGpaX/I8ORXymgxkysG35R3t3CTprSSc7Loug8JPET:NIYqo1SZeVWrSSO5gFT

Score

N/A

Malware Config

Signatures

Files

cb7ac072eba679b76ecf94a602d52e34f8aabaad3020307c1d582aff984b8d1a
.exe windows x86

7d428fca80f931e580f84eb2795eab56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

sendto
ioctlsocket
recv
gethostbyname
closesocket
select
send
htons
socket
connect
WSAStartup
WSACleanup
inet_addr

shlwapi

PathRemoveFileSpecA

urlmon

URLDownloadToFileA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

user32

GetForegroundWindow
keybd_event
BlockInput
wsprintfA
ShowWindow

kernel32

GetStartupInfoA
GetLocaleInfoA
GetVersionExA
CreateThread
LoadLibraryA
GetLastError
CopyFileA
ExitProcess
GetLogicalDriveStringsA
CreateDirectoryA
FindFirstFileA
FindClose
SetErrorMode
CreateMutexA
ReleaseMutex
ExitThread
ExpandEnvironmentStringsA
CreateFileA
WriteFile
GetProcAddress
CreateProcessA
GetTempPathA
lstrcmpiA
GetModuleHandleA
Process32Next
Process32First
CreateToolhelp32Snapshot
CloseHandle
ReadProcessMemory
OpenProcess
Module32Next
DeleteFileA
Sleep
TerminateProcess
SetFileAttributesA
Module32First
GetModuleFileNameA
GetTickCount
GetCurrentProcess
GetFileAttributesA

advapi32

RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
GetUserNameA

msvcrt

malloc
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
free
printf
fread
??2@YAPAXI@Z
time
atoi
strtok
strchr
strncmp
strstr
__CxxFrameHandler
fprintf
fopen
getchar
sprintf
rand
srand
_itoa
_strupr
toupper
_snprintf
fclose
strncpy
memmove

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d428fca80f931e580f84eb2795eab56

Headers

File Characteristics

Imports

msvcp60

ws2_32

shlwapi

urlmon

shell32

user32

kernel32

advapi32

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 11KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 11KB