b76025ac59887cc00b77f2ae85c4f6108e78f5cf65e7df39108ddec922cdbf66

Sharing

Copy URL

Twitter E-mail

General

Target

b76025ac59887cc00b77f2ae85c4f6108e78f5cf65e7df39108ddec922cdbf66
Size

72KB
MD5

b45b2e7fcc7facaa1b333dd922f2ff8a
SHA1

8281a2d726d363012a2e7c40fd8350562c87206b
SHA256

b76025ac59887cc00b77f2ae85c4f6108e78f5cf65e7df39108ddec922cdbf66
SHA512

5649292663c714e6eca5748f94fe89b5db93843c3d491a2d5a5bd77fe7e527c6fed1e362c115e88431ca9ea620c043f8b7eae7b303dd3c1961bf55001b120fdc
SSDEEP

768:JKRBAYkYhnJNaOpXN1Ifo293xeRQQv2ZZaHOFuyAfgd6iTIu59ycOlOYFexEBuzP:6AYkIOQpOFutfcycOlOYcx2uzAtSO8L

Score

N/A

Malware Config

Signatures

Files

b76025ac59887cc00b77f2ae85c4f6108e78f5cf65e7df39108ddec922cdbf66
.exe windows x86

450d971b05323fc6f893f071071b4d8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
GetLocaleInfoA
GetWindowsDirectoryA
TerminateThread
CreateThread
GetFileSize
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GlobalMemoryStatusEx
GetCurrentProcess
CreateFileA
CloseHandle
GetTickCount
WriteFile
SetErrorMode
DeleteFileA
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
WinExec
Sleep
GetSystemTimeAsFileTime

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetFolderPathA

msvcp80

?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIABV12@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

ws2_32

select
__WSAFDIsSet
ntohl
connect
gethostname
gethostbyaddr
inet_addr
gethostbyname
ioctlsocket
htonl
htons
bind
listen
closesocket
getpeername
ntohs
inet_ntoa
send
recv
WSACleanup
WSAStartup
accept
socket
WSAIoctl

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
FtpGetFileA
InternetConnectA
InternetOpenA

msvcr80

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
strcmp
atoi
memset
strstr
_snprintf
free
malloc
strlen
vsprintf
toupper
rand
srand
sprintf
memcpy
memmove_s
_purecall
fclose
feof
ferror
fread
fopen
strtoul
sscanf
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

450d971b05323fc6f893f071071b4d8c

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcp80

ws2_32

iphlpapi

wininet

msvcr80

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 428B

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 428B