1ec6e8367c7706de0e00b083253d2869c2854f1dbcee6c1762764c2eb214dc5e

Sharing

Copy URL Twitter E-mail

General

Target

1ec6e8367c7706de0e00b083253d2869c2854f1dbcee6c1762764c2eb214dc5e
Size

284KB
MD5

246da34b21ed3f8c326573c2bfdfb237
SHA1

17b19b2a8d05f96a75db3344b7cfb2dd244fde7b
SHA256

1ec6e8367c7706de0e00b083253d2869c2854f1dbcee6c1762764c2eb214dc5e
SHA512

d3d8bd8a3ba5b5b40b940b4c72cd32b159f42b0a3bb43295fe0211926e95df365b022532bf96dfea77c92ae5b9125debdd2861454114ff01a4f683c5f6ed6f4c
SSDEEP

6144:6X1nx44WTm9u2JEm7hcrqmxg0izySbw/6/JNUDuV/c5Mv3q:M1x44WSQ2mm7hFmxgZzM6/Jiu9a

Score

N/A

Malware Config

Signatures

Files

1ec6e8367c7706de0e00b083253d2869c2854f1dbcee6c1762764c2eb214dc5e
.exe windows x86

4c78e09cec28c25489374bbf86887fab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcscpy
_strupr
_beginthreadex
memcpy
calloc
_CIacos
printf
_CIpow
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
atoi
_controlfp
putchar
rand
strstr
strncat
strcat
vsprintf
exit
fopen
fwrite
fclose
strrchr
_except_handler3
free
strcmp
strcpy
malloc
memcmp
_access
wcstombs
wcslen
mbstowcs
__set_app_type
__CxxFrameHandler
??2@YAPAXI@Z
memmove
_ftol
strlen
memset
??1type_info@@UAE@XZ
_CxxThrowException
??3@YAXPAX@Z

kernel32

SetEvent
InterlockedExchange
LocalAlloc
FreeLibrary
LocalFree
lstrlenW
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
GetExitCodeThread
TerminateThread
lstrlenA
MultiByteToWideChar
GetLastError
CreateThread
InterlockedDecrement
lstrcatA
RaiseException
WaitForSingleObject
CloseHandle
Sleep
LoadLibraryA
GetProcAddress

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantChangeType
GetErrorInfo
VariantInit
VariantClear
CreateErrorInfo
SetErrorInfo
SysAllocString
SysFreeString

msvfw32

ICSendMessage

winmm

waveInUnprepareHeader
waveInClose
waveInOpen
waveInReset
waveInPrepareHeader
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveInAddBuffer
waveInStart

Exports

Exports

Baidu
OnlineGame
SogouInput
Tencent
WinRAR
excel

Sections

PAGE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c78e09cec28c25489374bbf86887fab

Headers

File Characteristics

Imports

msvcrt

kernel32

msvcp60

ole32

oleaut32

msvfw32

winmm

Exports

Exports

Sections

PAGE Size: 33KB - Virtual size: 33KB

.data Size: 248KB - Virtual size: 248KB

.rsrc Size: 1024B - Virtual size: 976B

PAGE
Size: 33KB - Virtual size: 33KB

.data
Size: 248KB - Virtual size: 248KB

.rsrc
Size: 1024B - Virtual size: 976B