bb412fb7bfc7054a13d64fc116f5f38c5a0db761c0403a5552bf45ea0e5ffdf4

Sharing

Copy URL Twitter E-mail

General

Target

bb412fb7bfc7054a13d64fc116f5f38c5a0db761c0403a5552bf45ea0e5ffdf4
Size

46KB
MD5

75d264f51e0b36e8b265e91bce698780
SHA1

bd4c8447bc887106ef91668ccd6251408fa6ee5b
SHA256

bb412fb7bfc7054a13d64fc116f5f38c5a0db761c0403a5552bf45ea0e5ffdf4
SHA512

bf0b094fcfaad74c51631f43ad37cb5852f81ba18ceddecb08d530398d6aa308f9f52ed9553acdfdfc7c8f2b912e6b6c6bddb3d80529e29b581fbd57d490e760
SSDEEP

768:gxL74UtwyEJk5nl1Vlu/7WHdfYErChmtRWg:g7ZEm5l1juiHKErChmy

Score

N/A

Malware Config

Signatures

Files

bb412fb7bfc7054a13d64fc116f5f38c5a0db761c0403a5552bf45ea0e5ffdf4
.exe windows x86

4943c279fa3c7653a0ed00a7ffd74b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rtl60.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@@LStrSetLength$qqrv
@System@@LStrPos$qqrv
@System@@LStrCmp$qqrv
@System@@LStrCat3$qqrv
@System@@LStrCat$qqrv
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrAsg$qqrpvpxv
@System@@LStrClr$qqrpv
@System@@HandleFinally$qqrv
@System@TObject@$bdtr$qqrv
@System@TObject@$bctr$qqrv
@System@ParamStr$qqri
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Sysutils@FileExists$qqrx17System@AnsiString
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Activex@initialization$qqrv
@Activex@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Classes@TStringList@$bdtr$qqrv
@Classes@TStrings@$bdtr$qqrv
@Classes@TPersistent@$bdtr$qqrv
@Classes@TStringList@
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv
@Inifiles@TIniFile@$bdtr$qqrv
@Inifiles@TCustomIniFile@$bctr$qqrx17System@AnsiString
@Inifiles@TIniFile@
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Registry@TRegistry@ValueExists$qqrx17System@AnsiString
@Registry@TRegistry@ReadString$qqrx17System@AnsiString
@Registry@TRegistry@WriteString$qqrx17System@AnsiStringt1
@Registry@TRegistry@DeleteValue$qqrx17System@AnsiString
@Registry@TRegistry@OpenKey$qqrx17System@AnsiStringo
@Registry@TRegistry@SetRootKey$qqrui
@Registry@TRegistry@CloseKey$qqrv
@Registry@TRegistry@$bdtr$qqrv
@Registry@TRegistry@$bctr$qqrui
@Registry@TRegistry@
@Strutils@initialization$qqrv
@Strutils@Finalization$qqrv
@Strutils@AnsiReplaceStr$qqrx17System@AnsiStringt1t1

advapi32

GetUserNameA

kernel32

CreateMutexA
DeleteFileA
GetComputerNameA
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
Sleep
WinExec

wsock32

WSACleanup
WSAStartup
gethostbyname
gethostname

user32

GetAsyncKeyState
GetForegroundWindow
GetWindowTextA

cc3260mt

@$bdele$qpv
@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
____ExceptionHandler
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_clock
_ctime
_exit
_memcpy
_memset
_sprintf
_time
_vsnprintf

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4943c279fa3c7653a0ed00a7ffd74b0c

Headers

File Characteristics

Imports

rtl60.bpl

advapi32

kernel32

wsock32

user32

cc3260mt

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 24KB

.data Size: 11KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 23KB - Virtual size: 24KB

.data
Size: 11KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB