d89943df1437d522f5d84df5321e95e4191ee7b00176b349691fa170e4cf5746

Sharing

Copy URL Twitter E-mail

General

Target

d89943df1437d522f5d84df5321e95e4191ee7b00176b349691fa170e4cf5746
Size

932KB
MD5

dfe7a49e5b5e053482f9cad42f232cbd
SHA1

9a3e580e3d69f83aaeca88417c434a046306c138
SHA256

d89943df1437d522f5d84df5321e95e4191ee7b00176b349691fa170e4cf5746
SHA512

edcf3e58d4a4c3a2878c3e4c7dc89bf68aa59e39b5836517daa2451c9cf26428e2e0f2c9dade779aac63d0d5bd2e8bbfdff37482f163ebea1556297b37502353
SSDEEP

12288:G+3jlDEdJQCx5PtJuMdqjsfwq0db4ieChXcolXXuMPaxpPS6:GsWV/aq0pXcolXXumKU6

Score

1^/10

Malware Config

Signatures

Files

d89943df1437d522f5d84df5321e95e4191ee7b00176b349691fa170e4cf5746
.exe windows x86

8d58ff6b70d394c211fcca9b7809dfbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord5915
ord1402
ord4261
ord3295
ord530
ord722
ord266
ord265
ord1063
ord6005
ord1185
ord5714
ord762
ord1482
ord1253
ord3255
ord3210
ord1934
ord3287
ord1280
ord3163
ord3204
ord3161
ord1279
ord5637
ord2902
ord4100
ord2094
ord3244
ord1955
ord2371
ord2367
ord2372
ord5642
ord602
ord347
ord297
ord1929
ord781
ord2938
ord907
ord911
ord3997
ord5641
ord4001
ord4123
ord2075
ord1564
ord502
ord5331
ord6297
ord5320
ord6286
ord5731
ord5529
ord3934
ord416
ord304
ord2272
ord4081
ord5710
ord298
ord651
ord1191
ord1187
ord1440
ord631
ord2751
ord3931
ord2288
ord2280
ord386
ord789
ord725
ord5410
ord1203
ord807
ord795
ord2092
ord1641
ord1571
ord4238
ord5214
ord2958
ord3230
ord572
ord658
ord5866
ord3879
ord1489
ord299
ord2933
ord6118
ord462
ord461
ord3182
ord1794
ord2882
ord5873
ord629
ord1439
ord5323
ord6288
ord2903
ord2746
ord2748
ord5089
ord384
ord5563
ord2468
ord493
ord1296
ord1625
ord496
ord495
ord4104
ord4109
ord2164
ord2034
ord508
ord803
ord1980
ord1449
ord5095
ord2292
ord3875
ord5346
ord1656
ord4951
ord4648
ord1903
ord1545
ord4232
ord2991
ord3164
ord587
ord753
ord4115
ord6144
ord5833
ord589
ord5613
ord330
ord326
ord3761
ord4035
ord1931
ord1483
ord4098
ord2089
ord1547
ord4234
ord3171
ord591
ord746
ord4692
ord2368
ord1007
ord558
ord2654
ord1880
ord1793
ord1791
ord2910
ord3098
ord3907
ord4541
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord741
ord5403
ord2248
ord1084
ord1128
ord1144
ord5975
ord593
ord5119
ord334
ord1054
ord3830
ord1126
ord2095
ord1591
ord4240
ord3317
ord4125
ord4749
ord709
ord501
ord3558
ord2898
ord2896
ord5155
ord5978
ord1400
ord1999
ord4909
ord4902
ord5499
ord1919
ord6224
ord2127
ord978
ord1414
ord5980
ord4121
ord534
ord1182
ord5547
ord5551
ord620
ord1554
ord3195
ord2475
ord1799
ord1873
ord1774
ord6090
ord2657
ord6067
ord758
ord1425
ord567
ord5715
ord2346
ord2370
ord2866
ord557
ord1565
ord4118
ord3402
ord5871
ord1580
ord1532
ord3651
ord2274
ord1001
ord1308
ord2176
ord444
ord723
ord531
ord2264
ord2873
ord4564
ord5059
ord2794
ord745
ord5438
ord3795
ord5445
ord5746
ord5434
ord5443
ord677
ord5437
ord5459
ord1003
ord2883
ord2495
ord3401
ord657
ord1397
ord6266
ord1933
ord1484
ord4099
ord2091
ord1570
ord4237
ord3229
ord1851
ord3406
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord4580
ord2322
ord6282
ord6065
ord6236
ord556
ord876
ord5097
ord313
ord6310
ord1452
ord1123
ord1917
ord744
ord1892
ord764
ord380
ord3201
ord2703
ord5493
ord1198
ord354
ord310
ord784
ord605
ord578
ord4262
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord563
ord1655
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4735
ord4212
ord5182
ord3441
ord3684
ord3641
ord1207

msvcr71

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_setmbcp
malloc
wcscpy
wcslen
_resetstkoflw
_except_handler3
_mktime64
_localtime64
atoi
sprintf
_time64
_CIpow
wcsncpy
strftime
memset
??1type_info@@UAE@XZ
__security_error_handler
__dllonexit
free
__CxxFrameHandler
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_controlfp

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
CreateProcessA
GetExitCodeProcess
lstrcatA
GetModuleFileNameA
lstrcpyA
CreateThread
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
CloseHandle
GetCurrentDirectoryA
CreateDirectoryA
GetSystemTime
Sleep
FindFirstFileA
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
lstrlenA
LockResource
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersion
GetVersionExA
GetVolumeInformationA
GetSystemTimeAsFileTime

user32

GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
FillRect
GetSysColor
CopyRect
SetWindowPos
EnableWindow
GetWindowRect
UpdateWindow
GetKeyState
KillTimer
SetTimer
LoadIconA
IsIconic
GetSystemMenu
DrawIcon
GetMessagePos
TranslateMessage
DispatchMessageA
LoadImageA
PostMessageA
SetCursor
DestroyCursor
GetWindowLongA
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
ReleaseCapture
GetFocus
SetCapture
GetCapture
ScreenToClient
DrawFocusRect
FrameRect
OffsetRect
InflateRect
GetIconInfo
CreateIconIndirect
IsMenu
DrawStateA
EmptyClipboard
CloseClipboard
GetClipboardData
MessageBoxA
SendMessageA
OpenClipboard
MapWindowPoints
DrawFrameControl
GetSystemMetrics
FindWindowA
PtInRect
DestroyIcon
DrawTextA
ReleaseDC
GetDC
ModifyMenuA

gdi32

ExtTextOutA
CreateFontA
Polyline
StartDocA
StartPage
TextOutA
EndDoc
GetStockObject
SetTextColor
SetBkColor
CreateBitmap
GetTextMetricsA
GetTextExtentPoint32A
SetPixel
GetPixel
Rectangle
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreatePen
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
CreateSolidBrush
EndPage
DeleteDC
DeleteObject

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegQueryInfoKeyA

shell32

SHBrowseForFolderA
ShellExecuteExA
ShellExecuteA
SHGetPathFromIDListA

comctl32

ImageList_BeginDrag
ord17
_TrackMouseEvent
ImageList_GetIconSize
ImageList_EndDrag
ImageList_AddMasked
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragLeave
ImageList_Draw
ImageList_DrawEx

shlwapi

PathFindExtensionA

ole32

CoRevokeClassObject
CoInitialize
CoRegisterClassObject
StringFromGUID2
CoCreateInstance

oleaut32

VarUdateFromDate
VariantInit
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString
SysFreeString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi

skinppwtl

ord3

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d58ff6b70d394c211fcca9b7809dfbb

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

skinppwtl

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 680KB - Virtual size: 679KB

.adata Size: 4KB - Virtual size: 1KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 680KB - Virtual size: 679KB

.adata
Size: 4KB - Virtual size: 1KB