d12ce2db05ab75e259837ed7a71351f24409c7ec8104829301ffafe9ba037aad

Sharing

Copy URL

Twitter E-mail

General

Target

d12ce2db05ab75e259837ed7a71351f24409c7ec8104829301ffafe9ba037aad
Size

102KB
MD5

731c4471af890a790f6b86ed22c3550d
SHA1

dd0e6833030626dbbfe1e6f6ed0553afba0930b2
SHA256

d12ce2db05ab75e259837ed7a71351f24409c7ec8104829301ffafe9ba037aad
SHA512

e5941906d5f9299b5abd3b92bd9b1ab2377c78193f705c59c4418efa61f9164f975ed95fd6c3f609d2b47b939ee3b276203ff9aae03f2a44be2f770848a5d7f4
SSDEEP

3072:N4rfdR1406Vv/JaB4pC5e4/y00wQSBbmjs:+jdRuLpQTHQ1

Score

N/A

Malware Config

Signatures

Files

d12ce2db05ab75e259837ed7a71351f24409c7ec8104829301ffafe9ba037aad
.exe windows x86

3141d18b3691bff3eafb66b225ed9995

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogParamW
LoadCursorW
InvalidateRect
ShowWindow
CheckDlgButton
EnableWindow
TranslateMessage
CheckRadioButton
GetDesktopWindow
GetAsyncKeyState
GetDlgItem
GetClientRect
GetWindowLongW
IsWindowVisible
DestroyWindow
GetDC
LoadStringW
DefWindowProcW
ClientToScreen
PeekMessageW
GetWindowRect
SetCursor
SendMessageW
DispatchMessageW
MoveWindow
SetDlgItemInt
GetDlgItemInt
SetWindowLongW
IsWindow
ReleaseDC
IsRectEmpty
SetDlgItemTextW

kernel32

MulDiv
HeapFree
GetCurrentProcess
CreateSemaphoreW
lstrcpyW
LeaveCriticalSection
GetProcessHeap
GlobalHandle
FreeLibrary
GetFullPathNameW
GetProfileIntA
OutputDebugStringW
IsBadWritePtr
WriteFile
GetLastError
GetVersionExW
WideCharToMultiByte
GetCurrentThread
IsBadCodePtr
DeleteCriticalSection
CreateFileW
SetUnhandledExceptionFilter
GetModuleFileNameA
GetProcAddress
ReleaseSemaphore
GetSystemInfo
DeleteFileW
GetPrivateProfileStringW
WaitForSingleObject
GlobalFree
MultiByteToWideChar
ReadFile
WaitForMultipleObjects
VirtualFree
IsBadReadPtr
lstrcpyA
GetSystemDefaultLangID
GlobalAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetThreadPriority
GetACP
SetThreadPriority
SetEvent
lstrlenA
lstrcpynW
EnterCriticalSection
HeapAlloc
InterlockedIncrement
GetQueuedCompletionStatus
CloseHandle
PostQueuedCompletionStatus
GetTickCount
CreateIoCompletionPort
LoadLibraryW
InitializeCriticalSection
QueryPerformanceCounter
InterlockedDecrement
CreateThread
InterlockedExchange
GetCurrentProcessId
SetEndOfFile
SetFilePointer
GetFileSize
GlobalMemoryStatus
GetDiskFreeSpaceW
GlobalLock
ResetEvent
GetFileAttributesW
lstrlenW
CreateEventW
lstrcmpiW
lstrcmpW
GlobalUnlock

winmm

waveInUnprepareHeader
mixerSetControlDetails
mixerGetControlDetailsW
mixerGetLineInfoW
mixerClose
waveInReset
waveInStop
SendDriverMessage
waveInOpen
waveInClose
waveInPrepareHeader
waveInGetDevCapsW
mixerGetLineControlsW
OpenDriver
waveInAddBuffer
mixerGetID
waveInStart
mixerOpen

ole32

CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoFreeUnusedLibraries

ncobjapi

WmiCreateObjectWithFormat
WmiEventSourceDisconnect
WmiCommitObject
WmiIsObjectActive
WmiCreateObjectWithProps
WmiEventSourceConnect
WmiDestroyObject
WmiAddObjectProp
WmiCreateObject
WmiSetAndCommitObject

usp10

ScriptFreeCache
ScriptGetCMap
ScriptApplyLogicalWidth
ScriptBreak
ScriptCPtoX
LpkPresent
ScriptGetFontProperties
ScriptGetGlyphABCWidth
ScriptCacheGetHeight

msvfw32

ICSendMessage
ICGetInfo
ICLocate
ICClose
ICDecompress
ICOpen

userenv

DeleteProfileA
UnloadUserProfile
WaitForUserPolicyForegroundProcessing
RsopSetPolicySettingStatus
UnregisterGPNotification
WaitForMachinePolicyForegroundProcessing

nddeapi

NDdeIsValidAppTopicListW
NDdeGetErrorStringA
NDdeIsValidAppTopicListA
NDdeGetTrustedShareW
NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetShareSecurityA
NDdeIsValidShareNameA

gdi32

GetStockObject
GetTextExtentPoint32W
PatBlt
SelectObject
GetObjectW
GetPaletteEntries

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3141d18b3691bff3eafb66b225ed9995

Headers

File Characteristics

Imports

user32

kernel32

winmm

ole32

ncobjapi

usp10

msvfw32

userenv

nddeapi

gdi32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 98KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 98KB

.rsrc
Size: 23KB - Virtual size: 23KB