293f2c1a764621aa43008bc2231bbbf27af4a805c7a8c2ad82c8d04a8bb974d6

Sharing

Copy URL

Twitter E-mail

General

Target

293f2c1a764621aa43008bc2231bbbf27af4a805c7a8c2ad82c8d04a8bb974d6
Size

108KB
MD5

6a5c95e5a2d7d9f648608ee20b6482f4
SHA1

94b5cf76c05aa1a09c155c3fd1756510d519cdee
SHA256

293f2c1a764621aa43008bc2231bbbf27af4a805c7a8c2ad82c8d04a8bb974d6
SHA512

62471e81d4d7b23e5b371efcb8da66f679830cc07d45802c0db28550055d1784fe90bbe137e48010e637d458ce8bd789b958186e2c7d4a792a890e122bdb397c
SSDEEP

1536:4mh1XtgZfgJSxyBi0DNfcdR8HXw24TDVHfYzBCMd7X9T/kljzulo3UsoiPVf3:n7XEcSxyVqSjABfYVfdNkl1ksoiPV/

Score

N/A

Malware Config

Signatures

Files

293f2c1a764621aa43008bc2231bbbf27af4a805c7a8c2ad82c8d04a8bb974d6
.exe windows x86

3d3fe9587900ec48f831de258d9da9a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
DefWindowProcW
GetWindowRect
PeekMessageW
GetDlgItem
IsWindow
CheckDlgButton
ClientToScreen
SetDlgItemInt
GetAsyncKeyState
LoadStringW
GetClientRect
GetWindowLongW
SetCursor
InvalidateRect
GetDlgItemInt
LoadCursorW
DispatchMessageW
MoveWindow
DestroyWindow
SetDlgItemTextW
TranslateMessage
GetDesktopWindow
EnableWindow
ReleaseDC
IsWindowVisible
SendMessageW
CheckRadioButton
IsRectEmpty
SetWindowLongW
ShowWindow
CreateDialogParamW

kernel32

GetVersionExW
GetModuleFileNameA
CreateEventW
GetLastError
GlobalFree
CreateIoCompletionPort
CloseHandle
lstrcpyW
ReadFile
WideCharToMultiByte
GetCurrentProcessId
VirtualFree
DeleteCriticalSection
GlobalLock
GetFileAttributesW
GetCurrentProcess
InterlockedDecrement
GetProfileIntA
lstrcmpiW
GetPrivateProfileStringW
SetFilePointer
LeaveCriticalSection
HeapAlloc
LoadLibraryW
GetProcessHeap
CreateThread
GetACP
GetDiskFreeSpaceW
SetUnhandledExceptionFilter
WriteFile
GlobalUnlock
IsBadReadPtr
GlobalMemoryStatus
GetFullPathNameW
OutputDebugStringW
InterlockedIncrement
SetEvent
GetTickCount
ReleaseSemaphore
lstrlenW
QueryPerformanceCounter
HeapFree
DeleteFileW
lstrlenA
IsBadCodePtr
GetProcAddress
GetFileSize
ResetEvent
lstrcmpW
InterlockedExchange
SetThreadPriority
EnterCriticalSection
lstrcpynW
InitializeCriticalSection
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateFileW
WaitForMultipleObjects
GetQueuedCompletionStatus
MultiByteToWideChar
GetLocaleInfoA
SetEndOfFile
GetSystemDefaultLangID
GetSystemInfo
PostQueuedCompletionStatus
GetThreadPriority
CreateSemaphoreW
lstrcpyA
MulDiv
FreeLibrary
GlobalHandle
WaitForSingleObject
IsBadWritePtr
GetCurrentThread
GlobalAlloc

winmm

waveInUnprepareHeader
SendDriverMessage
mixerGetLineControlsW
mixerOpen
mixerSetControlDetails
waveInAddBuffer
waveInStart
waveInClose
waveInOpen
OpenDriver
mixerGetControlDetailsW
waveInGetDevCapsW
waveInStop
mixerGetID
mixerGetLineInfoW
waveInReset
waveInPrepareHeader
mixerClose

msvfw32

ICGetInfo
ICClose
ICSendMessage
ICOpen
ICDecompress
ICLocate

gdi32

PatBlt
GetTextExtentPoint32W
GetPaletteEntries
GetObjectW
GetStockObject
SelectObject

userenv

RsopSetPolicySettingStatus
DeleteProfileA
WaitForUserPolicyForegroundProcessing
UnloadUserProfile
UnregisterGPNotification
WaitForMachinePolicyForegroundProcessing

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoTaskMemAlloc
CoInitialize

nddeapi

NDdeIsValidShareNameA
NDdeIsValidAppTopicListA
NDdeGetTrustedShareW
NDdeIsValidAppTopicListW
NDdeGetErrorStringA
NDdeGetShareSecurityW
NDdeGetShareSecurityA
NDdeGetTrustedShareA

ncobjapi

WmiSetAndCommitObject
WmiCreateObject
WmiCreateObjectWithProps
WmiAddObjectProp
WmiEventSourceDisconnect
WmiIsObjectActive
WmiCommitObject
WmiEventSourceConnect
WmiDestroyObject
WmiCreateObjectWithFormat

usp10

ScriptGetCMap
ScriptBreak
ScriptApplyLogicalWidth
ScriptFreeCache
ScriptCPtoX
ScriptGetFontProperties
LpkPresent
ScriptCacheGetHeight
ScriptGetGlyphABCWidth

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d3fe9587900ec48f831de258d9da9a9

Headers

File Characteristics

Imports

user32

kernel32

winmm

msvfw32

gdi32

userenv

ole32

nddeapi

ncobjapi

usp10

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 75KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 75KB

.rsrc
Size: 28KB - Virtual size: 27KB