dcc79d97307ed95111d9d7641052d9fe702efbacda80b29ef63b6050f7f63edf[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

dcc79d97307ed95111d9d7641052d9fe702efbacda80b29ef63b6050f7f63edf.7z
Size

50KB
MD5

c67c1c49fbc35f5489b7e588d86b2171
SHA1

4299ccc51248a5b658709e7c7270ee2f5c3e86c5
SHA256

8f37209efb4956e488218e9986ef4db2a74e3595266e712e454ef6a810ab9172
SHA512

7b94996561cc7a580cd0207794691e469fb3c1754d955477618efb7a4690294e2a2a0646e1a7a81e84769e03fbf13792aec36e97abd5314da4a26307beea5b30
SSDEEP

1536:Sz6kNv5in5NVsPwh7XY8dDg+MeZBmzI7VJpny:SPNv5053RjbDseygy

Score

N/A

Malware Config

Signatures

Files

dcc79d97307ed95111d9d7641052d9fe702efbacda80b29ef63b6050f7f63edf.7z
.7z

Password: infected
dcc79d97307ed95111d9d7641052d9fe702efbacda80b29ef63b6050f7f63edf
.exe windows x86

Password: infected

1366c969d6a684ae8ee6653f31504543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

ddraw

DirectDrawCreate

winmm

timeSetEvent
timeKillEvent

kernel32

GetCurrentProcess
SetFilePointer
WriteFile
CreateEventA
LoadLibraryExA
WriteConsoleA
GetStdHandle
GetDiskFreeSpaceExA
GetVolumeInformationA
WaitForSingleObject
GetSystemInfo
GetDriveTypeA
GetLogicalDrives
FreeConsole
DeleteFileA
FlushConsoleInputBuffer
SetConsoleCursorPosition
FillConsoleOutputCharacterA
SetConsoleCursorInfo
SetConsoleMode
AllocConsole
Sleep
FreeLibrary
GetSystemPowerStatus
UnhandledExceptionFilter
ExitProcess
GetStartupInfoA
FlushFileBuffers
LCMapStringW
GetProcAddress
Beep
ReadFile
GetStringTypeW
lstrcpynA
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsAlloc
GetCurrentThreadId
TerminateProcess
RtlUnwind
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalAlloc
LoadLibraryA
LocalFree
FindResourceA
LoadResource
LockResource
_lopen
_lread
_lclose
GetCommandLineA
GetVersion
GetTempPathA
CreateFileA
CloseHandle
GetTickCount
SetStdHandle
OutputDebugStringA
ExitThread
TlsSetValue
GetVersionExA
GetStringTypeA
GetModuleHandleA
LCMapStringA
HeapFree
HeapAlloc
GetLastError
ResumeThread
CreateThread

user32

SetWindowTextA
GetSystemMetrics
CharNextA
LoadIconA
GetClientRect
FindWindowA
RegisterWindowMessageA
GetForegroundWindow
PeekMessageA
DialogBoxParamA
IsWindow
PostQuitMessage
GetCursorPos
SetForegroundWindow
SetFocus
LoadBitmapA
MsgWaitForMultipleObjects
DestroyWindow
GetDC
ReleaseDC
LoadCursorA
SetCursor
InflateRect
GetDlgItem
GetSysColorBrush
GetParent
SendMessageA
DialogBoxIndirectParamA
EndDialog
IsDlgButtonChecked
CheckDlgButton
PostMessageA
InvalidateRect
RegisterClassA
GetMessageA
DispatchMessageA
TranslateMessage
CreateWindowExA
DefWindowProcA
MessageBoxA
OffsetRect
IntersectRect
SystemParametersInfoA

gdi32

CreateDIBitmap
CreatePalette
GetDeviceCaps
SetMapMode
StartDocA
StartPage
EndPage
EndDoc
CreateCompatibleDC
SelectObject
SelectPalette
RealizePalette
StretchBlt
DeleteDC
GetObjectA
CreateSolidBrush
GetClipBox
GetDCOrgEx
GetStockObject

comdlg32

PrintDlgA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA

Exports

Exports

ScreenSaverConfigureDialog
ScreenSaverProc

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 520KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1366c969d6a684ae8ee6653f31504543

Headers

File Characteristics

Imports

comctl32

ddraw

winmm

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 120KB - Virtual size: 124KB

.sxdata Size: 4KB - Virtual size: 4B

.rsrc Size: 520KB - Virtual size: 517KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 120KB - Virtual size: 124KB

.sxdata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 520KB - Virtual size: 517KB