MicLogSetting[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

MicLogSetting.exe
Size

25KB
MD5

4fb9a8de5d98d2d01ae825fab991b5b4
SHA1

0d18a81c982a5b98a5653352b1b842040c3e28d5
SHA256

be12f2f67a65ec21dd3512f0942b68e6bd504348cb2fd151d017d46881d71dab
SHA512

a9879dd3a5bef24f2cf0fe724e001af233bc1c2020d5acffa4987fcee437caec67c970fd3a4e5a229f707d52e49242b1676214397773837d94ee7756a70e069f
SSDEEP

384:0sqLKW3w5VMihvBVEKzLa89tE1u4sHE4sMHMHTC6sHE8dueTXMxyln:0VKW38BtE1Dsx6spd

Score

N/A

Malware Config

Signatures

Files

MicLogSetting.exe
.exe windows x86

beae0ffc5ff6e62969f1682bc99176c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord757
ord605
ord657
ord764
ord2011
ord1049
ord3635
ord4206
ord265
ord266
ord1176
ord1079
ord1894
ord1388
ord6262
ord1924
ord1475
ord4093
ord2082
ord1561
ord5911
ord1611
ord1608
ord3940
ord1393
ord4231
ord5148
ord1899
ord5067
ord6271
ord4179
ord5210
ord3397
ord4716
ord4276
ord1591
ord5956
ord920
ord925
ord929
ord927
ord931
ord2404
ord2388
ord2407
ord2402
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord2531
ord4961
ord1353
ord5171
ord1955
ord5196
ord2856
ord2985
ord4480
ord3223
ord572
ord5178
ord4884
ord1662
ord1661
ord5908
ord1392
ord4238
ord5199
ord4256
ord3176
ord354
ord1785
ord4743
ord709
ord501
ord2651
ord6232
ord3249
ord4574
ord4729
ord5327
ord6293
ord5316
ord6282
ord4320
ord2009
ord1007
ord5096
ord566
ord577
ord2895
ord3927
ord776
ord870
ord2311
ord774
ord3990
ord5524
ord283
ord5231
ord5229
ord2384
ord2394
ord2392
ord2390
ord2386
ord2409
ord2397
ord1647
ord1646
ord1590
ord1058
ord1542
ord293
ord1883
ord4101
ord2261
ord896
ord3400
ord4026
ord5562
ord5209
ord5226
ord4562
ord3942
ord2239
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord3800
ord5579
ord2054
ord6274
ord3795
ord6272
ord4008
ord4032
ord3677
ord3339
ord4535
ord1198

msvcr71

_controlfp
?terminate@@YAXXZ
__security_error_handler
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
free
_except_handler3
__CxxFrameHandler
wcslen
memset
realloc
memmove

kernel32

GetTempPathW
GetModuleFileNameW
WritePrivateProfileStringW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoW
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW

user32

UnregisterClassW
GetSystemMetrics
GetWindowTextW
SetWindowTextW
LoadIconW
EnableWindow
GetClientRect
IsIconic
DrawIcon
UnregisterClassA
SendMessageW

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW

oleaut32

SysFreeString

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

beae0ffc5ff6e62969f1682bc99176c8

Headers

File Characteristics

Imports

mfc71u

msvcr71

kernel32

user32

shell32

oleaut32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 448B

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 448B

.rsrc
Size: 3KB - Virtual size: 3KB