07255b5512986bb634c86f814bfa3900

Sharing

Copy URL

Twitter E-mail

General

Target

07255b5512986bb634c86f814bfa3900
Size

761KB
MD5

07255b5512986bb634c86f814bfa3900
SHA1

5cdc95d600dcf2c60243e16fbf2266d0a3cd5c96
SHA256

43b3adb92bcfb592a0e3f993435c442dd2f1df570c54d52753c78b7400132518
SHA512

36a3557cc5892e41bdb0cea41a246e401a42e67f3d12a3e0a3d9b74fd1c82e223948313a360bdbe3efdc9e5ca55c9990992c29ec6b6ae72aa0118301a4b67363
SSDEEP

12288:bfclm/+b6xCbUW0L5vvL/5S8G3GJVeB5JGD7og8iZD1SYtMeqwXwBY51dcxeyAM8:jE4++SUhL5vvDA8dOB5UfQiZD1XvqJ6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fxt/飞信通客户端/GetPL.exe
unpack001/fxt/飞信通客户端/飞信通客户端.exe

Files

07255b5512986bb634c86f814bfa3900
.rar
fxt/飞信通客户端/888netsms.htm
.html
fxt/飞信通客户端/GetPL.exe
.exe windows:4 windows x86 arch:x86

81ec3f02d4bfa87d0662a516535b4d94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
GetProfileStringA
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
MulDiv
LoadLibraryA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
FreeLibrary
GetModuleFileNameA
VirtualAlloc
GetPrivateProfileStringA

user32

GetNextDlgGroupItem
MessageBeep
DestroyMenu
InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetRect
RegisterWindowMessageA
OffsetRect
PtInRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
LoadCursorA
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
PostQuitMessage
UnhookWindowsHookEx
WaitMessage
PeekMessageA
DispatchMessageA
EnableWindow
KillTimer
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
SetWindowLongA
DrawIcon
SendMessageA
DefDlgProcA
IsWindowUnicode
SetTimer
GetClassNameA
GetDesktopWindow
LoadStringA
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ScreenToClient
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetMenuState
GetSysColor
SetFocus
IntersectRect
AdjustWindowRectEx
ClientToScreen

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantClear

wsock32

connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
bind
accept
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup
ntohs
ioctlsocket

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
fxt/飞信通客户端/add.dat
fxt/飞信通客户端/addr.dat
fxt/飞信通客户端/am.dat
fxt/飞信通客户端/index.dat
fxt/飞信通客户端/m2.bmp
fxt/飞信通客户端/m3.jpg
.jpg
fxt/飞信通客户端/phrase/中秋祝福.txt
fxt/飞信通客户端/phrase/友谊万岁.txt
fxt/飞信通客户端/phrase/商务用语.txt
fxt/飞信通客户端/phrase/感谢之情.txt
fxt/飞信通客户端/phrase/生日祝福.txt
fxt/飞信通客户端/phrase/真诚祝福.txt
fxt/飞信通客户端/phrase/礼貌用语.txt
fxt/飞信通客户端/phrase/经典谚语.txt
fxt/飞信通客户端/phrase/聚会约定.txt
fxt/飞信通客户端/phrase/诚心道歉.txt
fxt/飞信通客户端/temp.mdb
fxt/飞信通客户端/url.ini
fxt/飞信通客户端/飞信通客户端.exe
.exe windows:4 windows x86 arch:x86

c9a54565e00896a9ef9e693b2cab8209

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

send
select
recv
WSARecv
setsockopt
WSAGetLastError
ioctlsocket
getprotobyname
gethostbyname
socket
listen
WSASocketA
connect
WSAConnect
htonl
WSACleanup
bind
accept
shutdown
WSASendTo
sendto
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSASend
WSAAsyncSelect
closesocket
WSAStartup
htons

kernel32

CreateDirectoryA
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetTimeZoneInformation
GetSystemTime
CreateThread
ExitThread
GetACP
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
FatalAppExitA
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetProfileStringA
HeapAlloc
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
InterlockedDecrement
GetVersionExA
GetVersion
lstrlenW
GetCPInfo
LockResource
LoadResource
FindResourceA
lstrcmpiA
DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
_hread
_llseek
_lclose
_lread
_lopen
Sleep
WideCharToMultiByte
CloseHandle
CreateFileMappingA
GetModuleFileNameA
WinExec
CreateEventA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapFree
RtlUnwind
GetDiskFreeSpaceA
GetTempFileNameA
GetCurrentDirectoryA
GetPrivateProfileIntA
LocalLock
LocalUnlock
CopyFileA
SetErrorMode
SizeofResource
GetOEMCP
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalSize
GetCurrentThread
GlobalReAlloc
FindNextFileA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
EnterCriticalSection
GetTickCount
CreateFileA
DeviceIoControl
FreeLibrary
LoadLibraryA
GetLocalTime
GetProcAddress
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetCurrentProcess
DuplicateHandle
lstrcmpA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FindFirstFileA
FindClose
lstrcpynA
GetFileTime
GetFileSize
GetFileAttributesA
FormatMessageA
MulDiv
SetLastError
InterlockedIncrement
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA

user32

WaitMessage
MessageBeep
IsClipboardFormatAvailable
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
GetDialogBaseUnits
GetClassNameA
CharNextA
RegisterClipboardFormatA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
CharUpperA
LoadStringA
SetRectEmpty
GetMessageA
ValidateRect
DestroyMenu
wvsprintfA
EndPaint
BeginPaint
GetWindowDC
OemToCharA
CharToOemA
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
EndDialog
CreateDialogIndirectParamA
IsWindowEnabled
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
GetWindowThreadProcessId
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
DrawFrameControl
GetWindowTextA
MoveWindow
RedrawWindow
PeekMessageA
DispatchMessageA
TranslateMessage
SetActiveWindow
IsIconic
GetSystemMenu
FindWindowA
ShowWindow
IsWindow
SetForegroundWindow
mouse_event
GetDlgItem
SetWindowLongA
GetFocus
KillTimer
GetCursorPos
ScreenToClient
CopyAcceleratorTableA
GetNextDlgGroupItem
PostThreadMessageA
SetParent
IsRectEmpty
InvertRect
ScrollWindow
SetTimer
DrawIcon
ReleaseCapture
SetCapture
UpdateWindow
GetCapture
PtInRect
LoadIconA
LoadCursorA
LoadImageA
GetIconInfo
CreateIconIndirect
DrawStateA
GetClientRect
FrameRect
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
DeleteMenu
GrayStringA
RemoveMenu
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
ModifyMenuA
GetMenuItemCount
InsertMenuA
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
MessageBoxA
EnableWindow
IsWindowUnicode
DefDlgProcA
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetDlgCtrlID

gdi32

DPtoLP
LPtoDP
StretchBlt
GetTextColor
ExtCreatePen
GetDCOrgEx
GetClipBox
StartDocA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetBkColor
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
CreateDIBPatternBrushPt
CreatePen
GetMapMode
SetRectRgn
CombineRgn
GetCharWidthA
CreateFontA
GetTextMetricsA
CopyMetaFileA
CreateDCA
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
RoundRect
StretchDIBits
CreatePalette
SelectPalette
RealizePalette
CreateRectRgnIndirect
Polygon
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
CreateHatchBrush
Rectangle
Escape
ExtTextOutA
TextOutA
PatBlt
RectVisible
PtVisible
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
GetTextExtentPointA
CreateDIBitmap
CreateCompatibleDC
GetDeviceCaps
GetCurrentPositionEx
CreateFontIndirectA
GetBkMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
ReplaceTextA
FindTextA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegEnumKeyA
RegCreateKeyA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
Shell_NotifyIconA
SHGetFileInfoA
ShellExecuteExA
ExtractIconA

comctl32

_TrackMouseEvent
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw
ImageList_BeginDrag
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_AddMasked
ImageList_Write

odbc32

ord72
ord4
ord48
ord49
ord20
ord17
ord59
ord8
ord19
ord46
ord54
ord10
ord5
ord16
ord61
ord13
ord18
ord11
ord3
ord14
ord9
ord15
ord51
ord45
ord50
ord23
ord1
ord2
ord41
ord43
ord68
ord12
ord44

oledlg

ord8

ole32

CoTaskMemFree
SetConvertStg
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoDisconnectObject
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
CreateBindCtx

olepro32

ord253

oleaut32

SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SysReAllocStringLen
SysStringLen
LoadTypeLi
SafeArrayAllocDescriptor
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysFreeString
VariantInit
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantClear
GetErrorInfo
SetErrorInfo
VariantChangeType
CreateErrorInfo

msimg32

GradientFill

wininet

FtpCreateDirectoryA
InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetSetCookieA
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
InternetGetLastResponseInfoA
GopherFindFirstFileA
InternetFindNextFileA
FtpFindFirstFileA
HttpQueryInfoA
HttpSendRequestExA
HttpEndRequestA
HttpSendRequestA
HttpAddRequestHeadersA
InternetErrorDlg
HttpOpenRequestA
GopherOpenFileA
GopherGetAttributeA
GopherCreateLocatorA
FtpGetFileA
FtpPutFileA
FtpOpenFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
InternetSetStatusCallback
FtpDeleteFileA
FtpRenameFileA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 275B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 320KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81ec3f02d4bfa87d0662a516535b4d94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 12KB - Virtual size: 8KB

c9a54565e00896a9ef9e693b2cab8209

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

odbc32

oledlg

ole32

olepro32

oleaut32

msimg32

wininet

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 176KB - Virtual size: 174KB

.data Size: 44KB - Virtual size: 61KB

.idata Size: 20KB - Virtual size: 19KB

_BSS Size: 4KB - Virtual size: 275B

.rsrc Size: 320KB - Virtual size: 318KB

.reloc Size: 76KB - Virtual size: 72KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 12KB - Virtual size: 8KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 176KB - Virtual size: 174KB

.data
Size: 44KB - Virtual size: 61KB

.idata
Size: 20KB - Virtual size: 19KB

_BSS
Size: 4KB - Virtual size: 275B

.rsrc
Size: 320KB - Virtual size: 318KB

.reloc
Size: 76KB - Virtual size: 72KB