c2a52b2edc058e88f3f8ab373b2ae838dcfd4102a5f244f5842b57f2b6f5a326

Sharing

Copy URL Twitter E-mail

General

Target

c2a52b2edc058e88f3f8ab373b2ae838dcfd4102a5f244f5842b57f2b6f5a326
Size

869KB
MD5

0d9e56ea54406586461469bc7880d7b4
SHA1

dae66e3df4c5e3823cc6e79fbf788d4be9acfdde
SHA256

c2a52b2edc058e88f3f8ab373b2ae838dcfd4102a5f244f5842b57f2b6f5a326
SHA512

bfdae49657bbff2e98adba8f261885bc64578e5dcf31e4b77d17978e2191d2d9763ea1a3a105aa36b325967918e0cf61fd6dc7d74aac527bb817a98f305cf195
SSDEEP

24576:kAh9oyVbkdjiFzMx+djDkFbUp+VcX2cT637f6AbF2BfVo:kA3K3+JcbUH2g63L6ZV

Score

N/A

Malware Config

Signatures

Files

c2a52b2edc058e88f3f8ab373b2ae838dcfd4102a5f244f5842b57f2b6f5a326
.exe windows x86

8bfdb68949a5416e635f76a057cd14fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

iswalnum
_tzname
__mb_cur_max_dll
_getw
_spawnlpe
_mbsnbcpy
system
_wcslwr
fabs
printf
__doserrno
frexp
_ismbbgraph
strlen
_aexit_rtn_dll
ispunct
_snprintf

ole32

CoAddRefServerProcess
CoFreeUnusedLibrariesEx
HPALETTE_UserMarshal
OleLoad
PropVariantChangeType
STGMEDIUM_UserMarshal
FreePropVariantArray
CoGetMarshalSizeMax
STGMEDIUM_UserSize
HMETAFILE_UserMarshal
SetDocumentBitStg
OleUninitialize
CoWaitForMultipleHandles
UpdateDCOMSettings
GetHGlobalFromILockBytes
CoRegisterClassObject
OleCreateLinkToFile
OleCreateEx

msvcrt

getwchar
_outp
?terminate@@YAXXZ
getenv
_osplatform
swprintf
_fpreset
_CxxThrowException
_findnext64
_mbsncmp
ldexp
__getmainargs
free
_wutime64
_dup2
__set_app_type
_tolower
exit
_ui64toa
_wpopen
__p__commode

mfcsubs

?AfxA2WHelper@@YGPAGPAGPBDH@Z
??N@YG_NPBGABVCString@@@Z
?MakeReverse@CString@@QAEXXZ
?FormatMessageW@CString@@QAAXPBGZZ
?InsertAt@CStringArray@@QAEXHPAV1@@Z
?GetData@CStringArray@@QBEPBVCString@@XZ
?CompareNoCase@CString@@QBEHPBG@Z
?SetSize@CStringArray@@QAEXHH@Z
?AllocBeforeWrite@CString@@IAEXH@Z
?GetStartPosition@CMapStringToPtr@@QBEPAU__POSITION@@XZ

kernel32

LocalAlloc
GetNamedPipeHandleStateW
GetTimeZoneInformation
SetLocaleInfoA
GetStartupInfoA
IsValidCodePage
EnumDateFormatsExA
GetProfileIntW
LoadLibraryA
GetSystemTimeAsFileTime

Sections

.text
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bfdb68949a5416e635f76a057cd14fa

Headers

File Characteristics

Imports

crtdll

ole32

msvcrt

mfcsubs

kernel32

Sections

.text Size: 379KB - Virtual size: 379KB

.rdata Size: 89KB - Virtual size: 88KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 190KB - Virtual size: 190KB

.reloc Size: 28KB - Virtual size: 29KB

.text
Size: 379KB - Virtual size: 379KB

.rdata
Size: 89KB - Virtual size: 88KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 190KB - Virtual size: 190KB

.reloc
Size: 28KB - Virtual size: 29KB