db57ab9203d126052d3361c677d185d8f8e243911af30f01f0e0c74277e106bd

Sharing

Copy URL Twitter E-mail

General

Target

db57ab9203d126052d3361c677d185d8f8e243911af30f01f0e0c74277e106bd
Size

210KB
MD5

07a40534bfceb90cd7db660428d127a3
SHA1

9ca54157180fcd4f851678929adafe0cda3351bb
SHA256

db57ab9203d126052d3361c677d185d8f8e243911af30f01f0e0c74277e106bd
SHA512

d9ca27584df3c08818b54e95ace040b21739fac9271e21771a34a0bb77db4a64f95ae349216838594990c7ca84d4af4a1c26208746439d241dcbf65f467580b4
SSDEEP

6144:CYIeQgH61eLeA6+hHtIA/kOCHimqM6bqv5uZLMmZW:CMHgWhkA/dCCmJ6WvBmZW

Score

N/A

Malware Config

Signatures

Files

db57ab9203d126052d3361c677d185d8f8e243911af30f01f0e0c74277e106bd
.exe windows x86

b15031d0d26f68be287fd385704a2474

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WaitForSingleObject
Sleep
GetModuleHandleW
lstrcpynW
MoveFileW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpyW
GetStartupInfoA
GetModuleHandleA
VirtualFreeEx
CreateProcessW
GetCurrentProcess
DuplicateHandle
lstrcmpA
ReadProcessMemory
GetExitCodeThread
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
FindResourceExW
LoadResource
LockResource
SizeofResource
lstrlenA
lstrcpyA
FormatMessageW
LocalAlloc
LocalFree
FindFirstFileW
FindNextFileW
FindClose
SetFileAttributesW
GetFileSize
WriteFile
ReadFile
lstrlenW
lstrcatW
lstrcmpW
GetComputerNameW
GetModuleFileNameW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
CloseHandle
OpenProcess
GetLastError
CreateFileW

user32

IsCharAlphaW
wsprintfW
wsprintfA

shlwapi

StrCmpW
StrStrW
StrNCatW
StrChrW
StrCmpIW
StrCpyNW

shfolder

SHGetFolderPathW

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcrt

_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
free
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
__getmainargs
atoi
printf
memcpy
strlen
_CxxThrowException
memset
??2@YAPAXI@Z
__CxxFrameHandler
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_controlfp
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit

advapi32

RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegEnumValueW
RegEnumKeyExW

wininet

HttpOpenRequestW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetConnectW
HttpSendRequestW

psapi

GetModuleFileNameExW
GetModuleBaseNameW
EnumProcessModules
EnumProcesses

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b15031d0d26f68be287fd385704a2474

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shfolder

msvcp60

msvcrt

advapi32

wininet

psapi

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 116KB - Virtual size: 116KB