cc516333501f4835267e0ba0eab5a06677de0d67e27fbd4a74833d1b45cf732c

Sharing

Copy URL Twitter E-mail

General

Target

cc516333501f4835267e0ba0eab5a06677de0d67e27fbd4a74833d1b45cf732c
Size

219KB
MD5

002f15801741e89b1cd44a572e48c068
SHA1

80a59a047bfe7cb50cd1feb1be23a4c7419d3fb5
SHA256

cc516333501f4835267e0ba0eab5a06677de0d67e27fbd4a74833d1b45cf732c
SHA512

295095daa5467c1f5472633d4d0cfb1695e30707adc46cca25637ab3552a1425ee89c14dbc78d5521a9a5b92c728901cc708fccd5c6a125a5bd3d3096bcf091a
SSDEEP

3072:W/rLxSDbnnKKbFjZlQaUW/u0aXqlG0RI2zXI9VSzpFZbxK6q8PPsESp8jcou3kwy:yLxu9NXQhvX3IXzOwp3i8XCWcou3kwDG

Score

N/A

Malware Config

Signatures

Files

cc516333501f4835267e0ba0eab5a06677de0d67e27fbd4a74833d1b45cf732c
.exe windows x86

765b27a2255bf799d03bd1125fe32334

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

qwutil

ord2916
ord2920

mfc71

ord4482
ord4264
ord368
ord616
ord4705
ord764
ord762
ord1198
ord3210
ord1934
ord3204
ord1280
ord2367
ord2372
ord605
ord313
ord1123
ord2022
ord391
ord3648
ord3466
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord1557
ord5915
ord1620
ord1617
ord3945
ord1402
ord4244
ord5148
ord1908
ord5073
ord6275
ord4185
ord5205
ord2173
ord1306
ord3403
ord4722
ord4277
ord1600
ord5960
ord923
ord928
ord932
ord930
ord934
ord2410
ord2394
ord2413
ord2408
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord1964
ord1656
ord1655
ord1599
ord5200
ord2862
ord4486
ord4265
ord395
ord635
ord5165
ord5368
ord4035
ord4472
ord4471
ord3647
ord3465
ord732
ord5174
ord2660
ord1084
ord1091
ord3740
ord4444
ord4388
ord4980
ord4171
ord3949
ord4776
ord4386
ord4401
ord4399
ord4381
ord4384
ord4379
ord4863
ord4860
ord3974
ord5914
ord3946
ord5151
ord5204
ord4282
ord3344
ord1360
ord1556
ord4273
ord578
ord5420
ord2419
ord2420
ord2418
ord2417
ord1781
ord1880
ord1892
ord629
ord1207
ord5323
ord265
ord2903
ord5089
ord781
ord310
ord384
ord1731
ord3105
ord2630
ord6090
ord6236
ord784
ord393
ord5522
ord3085
ord4587
ord1412
ord2623
ord508
ord2176
ord1308
ord2497
ord4473
ord4469
ord4467
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord4481
ord4261
ord3333
ord566
ord757
ord593
ord5225
ord5119
ord334
ord959
ord547
ord4031
ord5975
ord1054
ord5235
ord5233
ord2390
ord2400
ord2398
ord2396
ord2392
ord2415
ord2403
ord2421
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord2537
ord6043
ord5934
ord2768
ord3040
ord4222
ord1922
ord4739
ord4852
ord4257
ord5495
ord2742
ord5412
ord1379
ord5592
ord5156
ord2051
ord2016
ord6238
ord2621
ord2614
ord4566
ord3450
ord3645
ord4178
ord1439

msvcr71

_controlfp
?terminate@@YAXXZ
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
memset
strchr
abs
_snprintf
__CxxFrameHandler
free
_setmbcp
_except_handler3

kernel32

MulDiv
lstrcpynA
GlobalLock
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA

user32

UpdateWindow
EnableWindow
SendMessageA
CopyRect
IsCharAlphaNumericA
wsprintfA
GetDesktopWindow
ReleaseDC
GetDC

gdi32

GetDeviceCaps
CreateFontIndirectA
ResetDCA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

Exports

Exports

??4CParsedURL@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 192KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

765b27a2255bf799d03bd1125fe32334

Headers

File Characteristics

Imports

qwutil

mfc71

msvcr71

kernel32

user32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 372B

.rsrc Size: 8KB - Virtual size: 7KB

.vmp0 Size: 192KB - Virtual size: 1.3MB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 372B

.rsrc
Size: 8KB - Virtual size: 7KB

.vmp0
Size: 192KB - Virtual size: 1.3MB