0f05afe7e7673c32aef733342a912d0d2d6652b62204f5e23f0a2225da3a280f

Sharing

Copy URL Twitter E-mail

General

Target

0f05afe7e7673c32aef733342a912d0d2d6652b62204f5e23f0a2225da3a280f
Size

200KB
MD5

5b6b7c640d4cb2c1b821881b7033694a
SHA1

482dff9cd8337d6db3bdbe65d670d894b10c9d18
SHA256

0f05afe7e7673c32aef733342a912d0d2d6652b62204f5e23f0a2225da3a280f
SHA512

83b2e1d219ae629f78db76c24f2afda5439fba9c54a018139b514665f816168a27d760a773f59232ae9149281474236c053ed457ef6b8da0225a9e105fe273e2
SSDEEP

6144:0rnqPDBX7NIlc6wOMnXqYIGvQgHbXjkivS:02voMXzI/gHg

Score

N/A

Malware Config

Signatures

Files

0f05afe7e7673c32aef733342a912d0d2d6652b62204f5e23f0a2225da3a280f
.exe windows x86

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleFileNameA
IsBadHugeReadPtr
GlobalHandle
GetSystemTimeAsFileTime
SetEndOfFile
GetSystemInfo
GetFullPathNameW
HeapFree
GetCurrentThread
SetFilePointer
GetCPInfo
GlobalAlloc
GetFileAttributesW
lstrcmpiW
GlobalFree
GetVersionExW
GetProcessHeap
PostQueuedCompletionStatus
GetQueuedCompletionStatus
IsBadReadPtr
CreateEventW
InterlockedIncrement
GetCurrentProcessId
CloseHandle
ReadFile
GetLastError
CreateIoCompletionPort
GetPrivateProfileStringW
GetTickCount
FreeLibrary
MultiByteToWideChar
IsBadCodePtr
MulDiv
LoadLibraryW
WaitForMultipleObjects
OutputDebugStringA
GlobalLock
GetProfileIntA
InterlockedExchange
DeleteCriticalSection
lstrlenW
lstrcpyA
WaitForSingleObject
EnterCriticalSection
DeleteFileW
SetThreadPriority
SetEvent
GetEnvironmentStringsW
lstrcpyW
lstrcmpW
lstrlenA
IsBadWritePtr
GetCurrentProcess
GlobalMemoryStatus
QueryPerformanceCounter
InterlockedDecrement
ResetEvent
GetFileSize
WriteFile
GetThreadPriority
CreateSemaphoreW
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrcpynW
CreateFileW
VirtualFree
LeaveCriticalSection
GlobalUnlock
ReleaseSemaphore
HeapAlloc
GetSystemDefaultLangID
CreateThread
InitializeCriticalSection
GetDiskFreeSpaceW

advapi32

RegEnumKeyExW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegSetValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegQueryValueExW
RegEnumKeyW

msvcrt

_purecall
??3@YAXPAX@Z
_ftol
wcslen
??2@YAPAXI@Z
_except_handler3

user32

IsWindowVisible
GetClientRect
EnableWindow
IsWindow
CheckDlgButton
GetWindowRect
DestroyWindow
SetWindowLongW
CreateDialogParamW
SetCursor
GetDC
GetAsyncKeyState
PeekMessageW
CheckRadioButton
DefWindowProcW
LoadCursorW
wsprintfW
ShowWindow
TranslateMessage
MoveWindow
SetDlgItemTextW
ClientToScreen
ReleaseDC
SetDlgItemInt
GetWindowLongW
GetDesktopWindow
InvalidateRect
IsRectEmpty
SendMessageW
DispatchMessageW
LoadStringW
GetDlgItemInt
GetDlgItem

winmm

mixerOpen
mixerClose
mixerGetControlDetailsW
waveInStart
waveInUnprepareHeader
waveInReset
mixerGetLineControlsW
mixerGetID
waveInClose
waveInPrepareHeader
CloseDriver
waveInStop
OpenDriver
waveInAddBuffer
mixerGetLineInfoW
mixerSetControlDetails
waveInGetDevCapsW
SendDriverMessage
waveInOpen

msvfw32

ICOpen
ICClose
ICCompress
ICLocate
ICGetInfo
ICDecompress
ICSendMessage

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

gdi32

GetStockObject
PatBlt
GetTextExtentPoint32W
SelectObject
GetPaletteEntries
GetObjectW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

winmm

msvfw32

ole32

gdi32

version

Sections

.text Size: 172KB - Virtual size: 171KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 644B

.text
Size: 172KB - Virtual size: 171KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 644B