b346f4672831a458520dd92123bff96166daf3fadcd63e85469f05ab3f4d2fb8

Sharing

Copy URL Twitter E-mail

General

Target

b346f4672831a458520dd92123bff96166daf3fadcd63e85469f05ab3f4d2fb8
Size

97KB
MD5

69d428a5024687d48a1fc7182cdedc35
SHA1

10559ed83446569db28b1eb1a19d2ce5d7489337
SHA256

b346f4672831a458520dd92123bff96166daf3fadcd63e85469f05ab3f4d2fb8
SHA512

366fcf0726da72e2065765d2c10e84fb777d015b8e1110f0eebb28ed1d2cb31b649ef8ad3a0c0e0ecfb56e8b4a25ed1ec4f98f87bead12e0f327bf81de2c25b2
SSDEEP

1536:lzzmTt77iDuS5Vr+D1ZgRGW2mKKqLoygg8saMs8cccc4ce+ucOBEUkkUEkUEU3m9:lzzGN7kXnr+D1ZghmzmILS/YSHcKs

Score

N/A

Malware Config

Signatures

Files

b346f4672831a458520dd92123bff96166daf3fadcd63e85469f05ab3f4d2fb8
.exe windows x86

781e928cfe586c5f9bd5cfe51eb21543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscmp
wcsncat
_endthreadex
wcscat
wcslen
wcscpy
??2@YAPAXI@Z
??3@YAXPAX@Z
_wtoi
_controlfp
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_CxxThrowException
_purecall
wcsncpy
wcsstr
wcsncmp
_beginthreadex
__CxxFrameHandler
wcschr
malloc
free
_except_handler3

msvcp60

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

atl

ord42
ord30
ord58
ord48
ord40
ord47
ord32
ord43
ord45
ord20
ord17
ord23
ord21
ord16
ord44

advapi32

RegCreateKeyExW
RegSetValueExW
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

kernel32

ExpandEnvironmentStringsW
CreateDirectoryW
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
GetWindowsDirectoryW
GetStartupInfoW
LocalFree
GetSystemDirectoryW
GetFileAttributesW
GetFileType
RemoveDirectoryW
FindClose
FindNextFileW
SetFileAttributesW
FindFirstFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetModuleHandleW
GetExitCodeProcess
CreateProcessW
VirtualFree
VirtualAlloc
HeapFree
WideCharToMultiByte
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SetEvent
CloseHandle
WaitForSingleObject
UnmapViewOfFile
GetCurrentProcessId
MapViewOfFile
GetLastError
CreateFileMappingW
MultiByteToWideChar
lstrlenW
GetStringTypeExW
GetThreadLocale
lstrcmpW
lstrcmpiW
DebugBreak
OutputDebugStringW
lstrlenA
SetLastError
GetCurrentThreadId
CreateEventW
WriteFile
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
GetComputerNameW
Sleep
GetModuleFileNameW
MoveFileExW
DeleteFileW
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

SetFocus
SetForegroundWindow
GetWindowThreadProcessId
EnumWindows
LoadStringW
CharNextW
CharUpperW
wvsprintfW
MessageBoxW
ShowScrollBar
SetWindowLongW
CreateWindowExW
DefWindowProcW
GetDesktopWindow
DispatchMessageW
GetParent
GetMessageW
SetWindowPos
CallWindowProcW
SendMessageW
LoadIconW
MsgWaitForMultipleObjects
PeekMessageW
ShowWindow
GetWindowLongW
PostThreadMessageW
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
TranslateMessage
MapWindowPoints
DestroyWindow
PostQuitMessage

comctl32

ord17

ole32

CoCreateInstance
CoResumeClassObjects
OleInitialize
OleRun
OleUninitialize
CoSuspendClassObjects

shell32

SHGetSpecialFolderPathW

shlwapi

PathRemoveFileSpecW
StrStrIW
SHDeleteValueW

oleaut32

VariantClear
SysAllocString
DispCallFunc
LoadRegTypeLi
SysStringLen
GetErrorInfo
SysFreeString

netapi32

DsGetDcNameW
NetApiBufferFree

activeds

ord9
ord3

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

781e928cfe586c5f9bd5cfe51eb21543

Headers

File Characteristics

Imports

msvcrt

msvcp60

atl

advapi32

kernel32

user32

comctl32

ole32

shell32

shlwapi

oleaut32

netapi32

activeds

Sections

.text Size: 44KB - Virtual size: 44KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 49KB - Virtual size: 52KB

.text
Size: 44KB - Virtual size: 44KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 49KB - Virtual size: 52KB