a9370160c65786ac426034ee3c93b4699093c17776b44c36cacf688845df41e3

Sharing

Copy URL Twitter E-mail

General

Target

a9370160c65786ac426034ee3c93b4699093c17776b44c36cacf688845df41e3
Size

220KB
MD5

41dad3b14dfda8355552e04527c8a98f
SHA1

92b3ace0dfbeea0d6f03cc9fb6a2aa76f51cacde
SHA256

a9370160c65786ac426034ee3c93b4699093c17776b44c36cacf688845df41e3
SHA512

ea7ca231843c3f34045403bee0c0ea84180d1503dcc6c997f145d5c0c0ea50c1ce184537af8cca99df10e95b4283c332f2cdce5c1150cd18ab7a9d35bd9dc9f3
SSDEEP

3072:/wc4XBcMxGC0hF/Y9LywSZ2D6YmxX7hNKQ+GBRyTDX:/hPF/Y9LuZ2D6YmxXdL+6RyTz

Score

N/A

Malware Config

Signatures

Files

a9370160c65786ac426034ee3c93b4699093c17776b44c36cacf688845df41e3
.exe windows x86

f4784a28242b3dc39716d60acc416a6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

MiniDumpReadDumpStream

ws2_32

socket
WSACleanup
setsockopt
connect
htons
gethostbyname
inet_addr
closesocket
recv
WSAStartup
send

minizip

zipClose
zipOpen
zipCloseFileInZip
zipWriteInFileInZip
zipOpenNewFileInZip

kernel32

CloseHandle
MapViewOfFile
CreateFileMappingW
CreateFileW
InterlockedDecrement
lstrlenA
GetLastError
CopyFileW
FindClose
FindNextFileW
FindFirstFileW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
OutputDebugStringW
SetErrorMode
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FileTimeToLocalFileTime
ReadFile
FileTimeToDosDateTime
MultiByteToWideChar
RaiseException
WideCharToMultiByte
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
ExitProcess
GetModuleHandleA
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
FlushInstructionCache
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

LoadStringW
wsprintfW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetTimer
GetWindow
MessageBeep
GetSystemMetrics
LoadImageW
LoadBitmapW
GetDlgItem
SetWindowTextW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxW
KillTimer
SetDlgItemTextW
EndDialog
GetActiveWindow
IsWindowEnabled
LoadCursorW
SetCursor
ShowCursor
GetParent
MapWindowPoints
SendMessageW
GetCursorPos
GetWindowRect
SystemParametersInfoW
SetWindowPos
ShowWindow
EndPaint
BeginPaint
GetDC
InflateRect
DrawTextW
ReleaseDC
GetClientRect
CallWindowProcW
GetWindowLongW
GetSysColor
DestroyWindow
DefWindowProcW
DialogBoxParamW
IsWindow
InvalidateRect

gdi32

CreateFontIndirectW
GetObjectW
ExtTextOutW
SetBkColor
SelectObject
GetStockObject
SetBkMode
CreateCompatibleDC
SetTextColor
SetWindowOrgEx
OffsetWindowOrgEx
GetWindowOrgEx
ExtSelectClipRgn
CreateRectRgnIndirect
BitBlt
Rectangle
DeleteObject

shell32

ShellExecuteW
SHCreateDirectoryExW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
VariantClear
SysFreeString
SysAllocString

atl71

ord23
ord65
ord61
ord43
ord64
ord44
ord66

comctl32

InitCommonControlsEx
_TrackMouseEvent

msvcp71

??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Nomemory@std@@YAXXZ
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AViterator@12@XZ
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

msvcr71

_strupr
free
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??3@YAXPAX@Z
_snwprintf
wcslen
wcscpy
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler
strlen
tolower
wcsftime
localtime
??_V@YAXPAX@Z
fclose
_atoi64
fread
_wfopen
sprintf
atoi
strncmp
memcpy
_wstat
_except_handler3
_purecall
fwrite
swprintf
time
wcsrchr
malloc
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
memset

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4784a28242b3dc39716d60acc416a6e

Headers

File Characteristics

Imports

dbghelp

ws2_32

minizip

kernel32

user32

gdi32

shell32

ole32

oleaut32

atl71

comctl32

msvcp71

msvcr71

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 140KB - Virtual size: 140KB