6404105eb297262cc99ab98fae70b2845e52df6eab2c67655083cf06a0047f14

Sharing

Copy URL Twitter E-mail

General

Target

6404105eb297262cc99ab98fae70b2845e52df6eab2c67655083cf06a0047f14
Size

96KB
MD5

e8db2e7b61f73add3fe8d7d7483d8230
SHA1

e867f63b43f54fa0288ad6761479d217a43f9304
SHA256

6404105eb297262cc99ab98fae70b2845e52df6eab2c67655083cf06a0047f14
SHA512

20c08bc274e17a10401e66eb30060dfd5c0c0af30e067af819c16af69aa2e2b3620d88b5b31c52b9888a7c233fd006c9435e0456c4e85fd3dc603fa3d72238ad
SSDEEP

1536:nipxVHRjHUbL5VDneAWu1gRjzYX+Hp+rKZVlGUBWcunnfCAq/Dta:neVHRD65VaAORjzYsJBWpnfCAq/Dta

Score

N/A

Malware Config

Signatures

Files

6404105eb297262cc99ab98fae70b2845e52df6eab2c67655083cf06a0047f14
.exe windows x86

b194a2c10ac456270a2a2b1417ba289b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atoi
strcat
strcpy
strcmp
strrchr
_except_handler3
malloc
ceil
rand
strstr
??3@YAXPAX@Z
__CxxFrameHandler
memset
strlen
??2@YAPAXI@Z
memcmp
free
srand
memcpy
memmove
time
printf
exit
strchr
strncat
clock
_beginthreadex
calloc
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_ftol
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_strnicmp
_controlfp

kernel32

ReleaseMutex
RaiseException
GetStartupInfoA
GetModuleHandleA
lstrcmpiA
Process32First
Process32Next
LocalSize
CreateMutexA
CopyFileA
SetFileAttributesA
SetErrorMode
OpenEventA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
WaitForMultipleObjects
PeekNamedPipe
TerminateProcess
DisconnectNamedPipe
CreatePipe
GetSystemDirectoryA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
OutputDebugStringA
WinExec
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
SetEvent
InterlockedExchange
CancelIo
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrlenA
CreateProcessA
lstrcatA
GetLogicalDriveStringsA
FindClose
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
GetCurrentProcess
FreeLibrary
OpenProcess
CreateThread
GetTickCount
TerminateThread

user32

IsWindow
CloseWindow
CreateWindowExA
PostMessageA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
CloseDesktop
EnumWindows
GetWindowTextA
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
GetCursorInfo
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
CharNextA
wsprintfA
SetClipboardData
CloseClipboard
mouse_event
SetCursorPos
WindowFromPoint
SetCapture
MapVirtualKeyA
SystemParametersInfoA
SendMessageA
BlockInput
DestroyCursor
LoadCursorA
SetThreadDesktop

gdi32

CreateDIBSection
GetDIBits
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC

shell32

SHGetSpecialFolderPathA

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

mfc42

ord860
ord537
ord6648
ord2764
ord4129
ord540
ord800
ord6877
ord939
ord2818
ord4278
ord6663
ord858
ord535
ord922
ord924
ord926

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICCompressorFree
ICSeqCompressFrameEnd
ICClose
ICSeqCompressFrame

Sections

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b194a2c10ac456270a2a2b1417ba289b

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

shell32

msvcp60

mfc42

avicap32

msvfw32

Sections

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 72KB - Virtual size: 74KB

.rsrc Size: 4KB - Virtual size: 912B

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 72KB - Virtual size: 74KB

.rsrc
Size: 4KB - Virtual size: 912B