9acf0df62532067d588977697c386efde45fd8033ee87b4a10bc7df7beede220

Sharing

Copy URL Twitter E-mail

General

Target

9acf0df62532067d588977697c386efde45fd8033ee87b4a10bc7df7beede220
Size

555KB
MD5

08a7503efd82c577b7933737065cc250
SHA1

0e8b8d6d6af8b9f7e05963241a4285c5fea075f9
SHA256

9acf0df62532067d588977697c386efde45fd8033ee87b4a10bc7df7beede220
SHA512

7c778a6ec16710799aa97eec381d6408dfedc4b6b04d5a7e064e0240a522c83fa3c164311934f6848b9836ff7c07419e71f92be76f01f95a85b9af2db405890e
SSDEEP

12288:BJ4AuDQj1VGQaJXyB8igSM1PUFhfzYEVOQBa:X9V1QE8igSYUFhfzDVX

Score

N/A

Malware Config

Signatures

Files

9acf0df62532067d588977697c386efde45fd8033ee87b4a10bc7df7beede220
.exe windows x86

16b5893acc0882582571214f8c868cbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommTimeouts
SetupComm
lstrcpyA
SetCommState
GetOverlappedResult
GetExitCodeThread
BuildCommDCBA
GetCommState
DeleteCriticalSection
SetCommMask
TerminateThread
QueryPerformanceFrequency
SetCurrentDirectoryA
InitializeCriticalSection
GetDriveTypeA
GetFullPathNameA
SetEvent
GetLocaleInfoA
LoadLibraryA
CreateEventA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
CreateProcessA
LocalSize
LocalAlloc
GetLastError
GetTickCount
LocalFree
EnterCriticalSection
LeaveCriticalSection
Sleep
ReleaseSemaphore
CloseHandle
CreateThread
GetThreadLocale
ReadFile
GetCurrentThreadId
OutputDebugStringA
WriteFile
QueryPerformanceCounter
CreateSemaphoreA
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
DeviceIoControl
CreateFileA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetModuleHandleA
GetStdHandle
GetFileAttributesA
HeapSize
SetEndOfFile
GetTimeZoneInformation
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
HeapCreate
GetFileType
SetHandleCount
SetFilePointer
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
GetStringTypeA
TlsGetValue
SetLastError
TlsAlloc
RtlUnwind
GetVersion
GetCommandLineA
GetStartupInfoA
ExitThread
TlsSetValue
GetLocalTime
HeapReAlloc
WaitForSingleObject
ExitProcess
HeapAlloc
HeapFree

user32

CheckDlgButton
ShowWindow
PostThreadMessageA
MoveWindow
SetWindowTextA
LoadCursorA
BeginPaint
GetUpdateRgn
SystemParametersInfoA
LoadIconA
IsDlgButtonChecked
GetDlgItemInt
GetCursorPos
MessageBeep
SetDlgItemTextA
IsWindowEnabled
SetFocus
GetDlgItemTextA
GetWindowWord
PeekMessageA
GetKeyboardState
EnableWindow
MessageBoxA
PostMessageA
GetKeyboardLayoutNameA
DefWindowProcA
RegisterClassA
RegisterWindowMessageA
UpdateWindow
GetMessageA
CreateWindowExA
CheckRadioButton
SetTimer
KillTimer
DispatchMessageA
PostQuitMessage
SendMessageA
SetDlgItemInt
OffsetRect
GetWindowRect
DrawTextA
InvalidateRect
SetCursor
GetFocus
EndDialog
EndPaint
wsprintfA
SendDlgItemMessageA
DrawTextExA
TranslateMessage
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowWord
LoadStringA
GetParent
FillRect
GetDlgItem
DialogBoxParamA
ShowCursor
DestroyWindow

gdi32

SetTextColor
GetTextExtentPoint32A
TextOutA
GetRegionData
DeleteObject
CreateFontA
CreateRectRgn
CreateRectRgnIndirect
RemoveFontResourceA
AddFontResourceA
GetStockObject
SetBkColor
LineTo
MoveToEx
CreatePen
SelectObject
SetBkMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey

ddraw

DirectDrawCreate

dsound

DirectSoundCreate

winmm

mciSendCommandA
timeSetEvent
mciGetDeviceIDA
joyGetPosEx
mmioClose
timeKillEvent
joyGetDevCapsA
mmioDescend
mmioAscend
mmioRead
mmioSetInfo
mmioOpenA
mmioSeek
joySetCapture
mmioAdvance
mmioGetInfo
midiStreamRestart
joyReleaseCapture
midiOutSetVolume
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiStreamPause
midiOutReset
midiOutUnprepareHeader
midiStreamClose

msacm32

acmMetrics

tapi32

lineSetDevConfig
lineGetCallStatus
lineShutdown
lineGetAddressStatus
lineDeallocateCall
lineDrop
lineClose
lineGetCountry
lineTranslateAddress
lineGetTranslateCaps
lineSetCurrentLocation
lineGetIcon
lineTranslateDialog
lineGetAddressCaps
lineAnswer
lineMakeCall
lineGetDevCaps
lineNegotiateAPIVersion
lineGetID
lineOpen
lineDial
lineInitialize
lineSetStatusMessages

comctl32

ord17

wsock32

gethostbyname
ntohs
WSAGetLastError
recv
WSACleanup
WSAStartup
gethostname
setsockopt
getsockname
connect
inet_ntoa
htonl
bind
sendto
closesocket
send
socket
htons
recvfrom

aweman32

ord2

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16b5893acc0882582571214f8c868cbc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ddraw

dsound

winmm

msacm32

tapi32

comctl32

wsock32

aweman32

Sections

.text Size: 386KB - Virtual size: 386KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 89KB - Virtual size: 408KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 53KB - Virtual size: 54KB

.text
Size: 386KB - Virtual size: 386KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 89KB - Virtual size: 408KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 53KB - Virtual size: 54KB