f2c9e3c8df582a651195499b28154bb7e3c4059c8706341cf227cac22d4386e9

Sharing

Copy URL Twitter E-mail

General

Target

f2c9e3c8df582a651195499b28154bb7e3c4059c8706341cf227cac22d4386e9
Size

5.4MB
MD5

3dc1138c991a60eb2ccaf539bc020e2f
SHA1

4395f34f2b65a2ad05e035c762848945eeda8ae3
SHA256

f2c9e3c8df582a651195499b28154bb7e3c4059c8706341cf227cac22d4386e9
SHA512

aea77d663490743227e93433bd634cba0e722f55f5040ded982575ddaf72262c94230196936442e51443526b02603934c92d6e9af2352f12e1956c8d1d5cae9f
SSDEEP

98304:Of6NXDQAyF6bHsQrQCMah5bxz4+19L9TDGWK:Y/6gy3Hzn19L9TDg

Score

N/A

Malware Config

Signatures

Files

f2c9e3c8df582a651195499b28154bb7e3c4059c8706341cf227cac22d4386e9
.exe windows x86

052c9bcc1914cf07ac231c070dbe863b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

suanwangmfc

?GetItemOwnVal@CGridCtrl@@QAEHHH@Z

cadctrl

?Access_Get_QuerenliangBuwei@ManageFile@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAVCDatabase@@V23@1111@Z

iphlpapi

GetAdaptersInfo

ws2_32

WSACleanup

libxl

xlCreateBookW

hid

HidD_GetPreparsedData

setupapi

SetupDiEnumDeviceInterfaces

wininet

InternetReadFile

winmm

timeGetTime

mfc90u

ord3338

msvcr90

__setusermatherr

kernel32

LoadResource

user32

PtInRect

gdi32

BitBlt

comdlg32

GetSaveFileNameW

advapi32

RegSetValueExW

shell32

SHGetMalloc

comctl32

ImageList_GetIcon

shlwapi

PathFileExistsW

ole32

CoInitialize

oleaut32

VariantInit

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wsock32

connect

netapi32

Netbios

sw

DefDriverProc

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052c9bcc1914cf07ac231c070dbe863b

Headers

DLL Characteristics

File Characteristics

Imports

suanwangmfc

cadctrl

iphlpapi

ws2_32

libxl

hid

setupapi

wininet

winmm

mfc90u

msvcr90

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

msvcp90

wsock32

netapi32

sw

msvcrt

psapi

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.sedata Size: 760KB - Virtual size: 760KB

.idata Size: 2KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.sedata
Size: 760KB - Virtual size: 760KB

.idata
Size: 2KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB