Antivirus 10[.]2[.]6 For Windows XP[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Antivirus 10.2.6 For Windows XP.exe
Size

677.7MB
MD5

452fcd111fa74787ca88d39acef88c1e
SHA1

b6c631cb57cc5f544dab67fc460c4471cf5e86f6
SHA256

800bb670d68050dc4bf5cdacd9fd8a081fcd307953a1a93b4875a40ffb3e37fc
SHA512

f51068aaa0fd99f4474d7689914fe5309fa693c03aa7c1b9dd1e164a782b44bba61934cb02c011e34db0a1d76e86f0783181bb31ab5640d7e78231458f41bf2c
SSDEEP

12582912:I6/LdP9/6rzgH/Oj422+35T5K0zv/PmxABqXVb6ryAlx9AWOYQc:I6/hPRLH/Oj4V+3Zdb74Xx6rDZAVHc

Score

N/A

Malware Config

Signatures

Files

Antivirus 10.2.6 For Windows XP.exe
.exe windows x86

fd0fbf05c59c8b697b6ed67304f39436

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesW
FreeLibrary
TerminateProcess
WaitForMultipleObjects
SetFilePointer
SetEndOfFile
WaitForSingleObject
OpenProcess
CreateProcessW
GetExitCodeProcess
SetInformationJobObject
QueryInformationJobObject
GetCurrentProcess
AssignProcessToJobObject
CreateJobObjectW
GetSystemDirectoryW
ResumeThread
IsProcessInJob
GetCurrentThread
MoveFileExW
WideCharToMultiByte
GetSystemTimeAsFileTime
GetTickCount
FindFirstFileW
FindClose
FindNextFileW
GetFileInformationByHandle
SetFileAttributesA
GetStringTypeExW
GetUserDefaultLCID
LoadLibraryA
LCMapStringW
Sleep
CreateMutexW
LocalAlloc
GetVersionExW
LocalFree
GetOEMCP
GetACP
IsValidCodePage
ReadFile
GetFullPathNameW
WriteFile
PeekNamedPipe
GetFileAttributesA
CreateFileA
GetFileType
SetHandleInformation
GetStdHandle
CreatePipe
DuplicateHandle
SearchPathA
CreateProcessA
GetSystemDefaultLCID
FreeEnvironmentStringsW
GetSystemDefaultLangID
GetVersion
SetEvent
ResetEvent
GetEnvironmentStringsW
CreateDirectoryW
RemoveDirectoryW
UnmapViewOfFile
FileTimeToSystemTime
DeleteFileW
GetFileSize
CopyFileW
CreateFileMappingW
MapViewOfFile
FlushFileBuffers
SetConsoleCtrlHandler
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
QueryPerformanceFrequency
GetFileAttributesW
GetThreadTimes
QueryPerformanceCounter
SetLastError
LoadLibraryExW
LeaveCriticalSection
InitializeCriticalSection
GetCurrentDirectoryW
LockResource
LoadResource
FindResourceW
ReleaseSemaphore
CreateSemaphoreW
ReleaseMutex
GetStartupInfoW
VirtualFree
VirtualAlloc
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatusEx
IsDebuggerPresent
CreateToolhelp32Snapshot
GetSystemInfo
Module32FirstW
Module32NextW
GetComputerNameExW
HeapCreate
HeapFree
HeapWalk
HeapAlloc
HeapDestroy
GetSystemDirectoryA
FormatMessageA
HeapSize
HeapReAlloc
GlobalMemoryStatus
FlushConsoleInputBuffer
GetSystemTime
SystemTimeToFileTime
SleepEx
VerifyVersionInfoA
GetModuleHandleA
VerSetConditionMask
WaitForSingleObjectEx
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileExW
SetConsoleMode
ReadConsoleInputA
GetTimeZoneInformation
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
IsValidLocale
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
GetProcessHeap
GetModuleHandleExW
ExitProcess
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetStdHandle
GetCommandLineA
CreateFileW
RtlUnwind
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
CompareStringW
EncodePointer
GetModuleHandleW
GetProcAddress
CreateThread
LoadLibraryW
CloseHandle
OutputDebugStringW
FormatMessageW
GetPrivateProfileStringW
MultiByteToWideChar
CreateEventW
GetTempPathW
GetModuleFileNameW
GetPrivateProfileIntW
ExpandEnvironmentStringsW
lstrlenW
GetCommandLineW
WritePrivateProfileStringW
SetFileApisToANSI
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
SetErrorMode
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
GetStringTypeW
LoadLibraryExA
VirtualProtect
VirtualQuery

user32

DispatchMessageW
InvalidateRect
PostQuitMessage
MessageBoxW
MsgWaitForMultipleObjects
PeekMessageW
EnableWindow
GetDlgItem
LoadIconW
SetDlgItemTextW
ShowWindow
CharUpperBuffW
CharLowerBuffW
WaitForInputIdle
LoadStringW
EndDialog
GetSysColor
DialogBoxParamW
CreateDialogParamW
GetWindowRect
DestroyWindow
SetWindowPos
SendMessageW
GetSystemMetrics
SetWindowTextW

gdi32

CreateSolidBrush
SetBkColor

crypt32

CertFindExtension
CertOpenStore
CertFindCertificateInStore
CryptMsgGetParam
CertCloseStore
CryptQueryObject
CryptMsgOpenToDecode
CertVerifyTimeValidity
CryptMsgUpdate
CryptMsgClose
CertGetIssuerCertificateFromStore
CryptDecodeObjectEx
CryptDecodeObject
CertFreeCertificateContext
CertCreateCertificateContext

dhcpcsvc

DhcpCApiCleanup

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd0fbf05c59c8b697b6ed67304f39436

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

crypt32

dhcpcsvc

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 667KB - Virtual size: 666KB

.data Size: 69KB - Virtual size: 93KB

.didat Size: 512B - Virtual size: 404B

.trc Size: 20KB - Virtual size: 19KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 174KB - Virtual size: 173KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 667KB - Virtual size: 666KB

.data
Size: 69KB - Virtual size: 93KB

.didat
Size: 512B - Virtual size: 404B

.trc
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 174KB - Virtual size: 173KB