d5f4a524eb6212666b8de0d08efb0940206f291797e95bbe13ccd21993f0457a

Sharing

Copy URL

Twitter E-mail

General

Target

d5f4a524eb6212666b8de0d08efb0940206f291797e95bbe13ccd21993f0457a
Size

168KB
MD5

0020bbdc063a115aa38a4fdde0d82680
SHA1

a9a8f32cda44f21a099d773d4a6f8c9641be71b9
SHA256

d5f4a524eb6212666b8de0d08efb0940206f291797e95bbe13ccd21993f0457a
SHA512

de1abad6c9182e6e9cc6ac478808eac461dd2225d45c325cf2667f3070be3a9d72822924165b2887c0dff7cf498deb606610c4a01dc87fbce90db76ecb1c5cb0
SSDEEP

3072:rOn/D/7t1Avx33JA1nqcigON1QUi1As35mA:8Dh1AZSsczahi1AY5L

Score

N/A

Malware Config

Signatures

Files

d5f4a524eb6212666b8de0d08efb0940206f291797e95bbe13ccd21993f0457a
.exe windows x86

43cddec3caae9204fa4e529c8c8cf829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

msvcrt

??3@YAXPAX@Z
_strnicmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
calloc
_beginthreadex
clock
realloc
strchr
strncat
exit
printf
time
srand
rand
atoi
strncpy
strrchr
_except_handler3
malloc
free
??2@YAPAXI@Z
_CxxThrowException
__CxxFrameHandler
strstr
_ftol
ceil
memmove
_strcmpi

kernel32

InterlockedExchange
CancelIo
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrlenA
CreateProcessA
lstrcatA
GetLogicalDriveStringsA
SetEvent
LocalAlloc
RemoveDirectoryA
CloseHandle
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
SetLastError
GetCurrentProcess
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
FreeLibrary
OpenProcess
CreateThread
GetTickCount
TerminateThread
lstrcpyA
OutputDebugStringA
GetModuleFileNameA
HeapFree
HeapAlloc
GetProcessHeap
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetSystemDirectoryA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
ReleaseMutex
OpenEventA
SetErrorMode
SetFileAttributesA
CopyFileA
CreateMutexA
LocalSize
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcmpiA
GetModuleHandleA
GetStartupInfoA
CreateEventA
LoadLibraryA
GetProcAddress
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
WinExec
InitializeCriticalSection
FindClose

user32

PostMessageA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
CharNextA
wsprintfA
LoadCursorA
DestroyCursor
BlockInput
SystemParametersInfoA
SendMessageA
MapVirtualKeyA
SetCapture
WindowFromPoint
SetCursorPos
mouse_event
CloseClipboard
SetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorInfo
SetThreadDesktop
CloseDesktop
EnumWindows
GetWindowTextA
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
MessageBoxA
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
GetCursorPos
GetClipboardData

gdi32

SelectObject
CreateDIBSection
CreateCompatibleDC
BitBlt
GetDIBits
DeleteObject
CreateCompatibleBitmap
DeleteDC

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
FreeSid
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenEventLogA
ClearEventLogA
CloseEventLog
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
SetEntriesInAclA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
RegCreateKeyA
RegSetValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
DeleteService
RegOpenKeyExA
RegQueryValueA
RegCloseKey
GetTokenInformation
LookupAccountSidA
CreateServiceA
StartServiceCtrlDispatcherA

ws2_32

WSAGetLastError
inet_ntoa
htonl
sendto
inet_addr
send
gethostname
recv
closesocket
ntohs
socket
gethostbyname
htons
connect
getsockname
select
setsockopt
WSACleanup
WSAStartup

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

mfc42

ord535
ord858
ord6663
ord537
ord860
ord4278
ord2818
ord939
ord6877
ord800
ord540
ord6648
ord2764
ord4129
ord926
ord924
ord922

wininet

InternetOpenUrlA

avicap32

capGetDriverDescriptionA

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43cddec3caae9204fa4e529c8c8cf829

Headers

File Characteristics

Imports

shlwapi

msvcrt

kernel32

user32

gdi32

advapi32

ws2_32

msvcp60

mfc42

wininet

avicap32

wtsapi32

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 16KB

.idata Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 16KB

.idata
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 8KB - Virtual size: 6KB