acaaff4812dddab872ef8839bbb532ccbb4b6c42ebc5e2beb4871b317e8aa62e

Sharing

Copy URL Twitter E-mail

General

Target

acaaff4812dddab872ef8839bbb532ccbb4b6c42ebc5e2beb4871b317e8aa62e
Size

280KB
MD5

6a1eb2c7cd660b4cb5e9ed3b85bc8cb6
SHA1

5db6371658c87102efa8cfe8c97d5f53c9502101
SHA256

acaaff4812dddab872ef8839bbb532ccbb4b6c42ebc5e2beb4871b317e8aa62e
SHA512

7b461ab7f45b5a1a43ca624b07d3c4cc68b716bae7328ffa2c84c1db864eda3664802b4030be26d4f215fc3af077f323082e167ad9ca400f98e61dce77b2e982
SSDEEP

6144:GQOjxz0AB9NjSfALXqo1jmUZxL6xQGQs3c:MAA/hSILXqs76hc

Score

N/A

Malware Config

Signatures

Files

acaaff4812dddab872ef8839bbb532ccbb4b6c42ebc5e2beb4871b317e8aa62e
.exe windows x86

c4c5105b4855aafa7e8f57c99defb0b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FindClose
LocalFree
GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetModuleHandleA
OutputDebugStringA
Module32Next
CloseHandle
CreateToolhelp32Snapshot
Module32First
GetSystemInfo
FindNextFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
FindFirstFileA
FreeLibrary
WritePrivateProfileStructA
GetPrivateProfileStringA

advapi32

SetEntriesInAclA
SetNamedSecurityInfoA
FreeSid
AllocateAndInitializeSid

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetSpecialFolderPathA
ShellExecuteA

msvcp80

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@0ABV12@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z

msvcr80

_XcptFilter
_CxxThrowException
memset
_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
mbstowcs
_mbsnbcpy
_mbsnbcat
_mbsnbcmp
_snprintf
??3@YAXPAX@Z
strcpy_s
_vsnprintf_s
_snprintf_s
_mbschr
_mbsnbcpy_s
strcat_s
_mbsrchr
_invalid_parameter_noinfo
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
__CxxFrameHandler3
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c4c5105b4855aafa7e8f57c99defb0b3

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcp80

msvcr80

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 52KB - Virtual size: 49KB

.tc Size: 200KB - Virtual size: 200KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 52KB - Virtual size: 49KB

.tc
Size: 200KB - Virtual size: 200KB