f161ef6c8e050947bc1e79b9368020cc5293594f0b6285f2124aaec07eb1fc9c

Sharing

Copy URL

Twitter E-mail

General

Target

f161ef6c8e050947bc1e79b9368020cc5293594f0b6285f2124aaec07eb1fc9c
Size

200KB
MD5

67f935c4b036a86df301a7ccb8683daa
SHA1

52a899aa19a53b9a78db71830cf5db1ebc6008f8
SHA256

f161ef6c8e050947bc1e79b9368020cc5293594f0b6285f2124aaec07eb1fc9c
SHA512

52880b702ab939a86dae4198d7dd710b666128282318153d2ca9d561c0417531d1a629cb0ca2dcf4005795dff14888c8a0746e117aa09f9c3a368d27468b6055
SSDEEP

6144:maxSKxtHdVxIKelF2iA2VQDTVPbM6Nu47AeJEi8:m+DxtH7xIFEiCW6fnJEi8

Score

N/A

Malware Config

Signatures

Files

f161ef6c8e050947bc1e79b9368020cc5293594f0b6285f2124aaec07eb1fc9c
.exe windows x86

9560acbb49882f1924b548b242d986d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
GetProcessHeap
GetFullPathNameW
GetQueuedCompletionStatus
SetEndOfFile
lstrcmpiW
SetUnhandledExceptionFilter
HeapFree
GlobalLock
lstrcpyW
QueryPerformanceCounter
GetModuleFileNameA
VirtualFree
PostQueuedCompletionStatus
GetThreadPriority
GlobalAlloc
InterlockedExchange
MultiByteToWideChar
GetCurrentThread
WaitForMultipleObjects
GetSystemTimeAsFileTime
InterlockedIncrement
GetProfileIntA
DeleteCriticalSection
IsBadCodePtr
GetCurrentProcessId
GetLocaleInfoW
GetProcAddress
FreeLibrary
GetPrivateProfileStringW
lstrcpyA
GlobalUnlock
WaitForSingleObject
CreateEventW
lstrlenW
CreateFileW
CreateThread
lstrcpynW
GetDiskFreeSpaceW
ResetEvent
GetCurrentProcess
EnterCriticalSection
GetSystemInfo
lstrcmpW
GetFileSize
ReadFile
GlobalMemoryStatus
SetEvent
SetThreadPriority
MulDiv
GetVersionExW
InitializeCriticalSection
IsBadReadPtr
GetACP
GetTickCount
LoadLibraryW
ReleaseSemaphore
InterlockedDecrement
GetStartupInfoA
GetLastError
WideCharToMultiByte
LeaveCriticalSection
HeapAlloc
CloseHandle
GetFileAttributesW
WriteFile
IsBadWritePtr
lstrlenA
GlobalHandle
SetLastError
SetFilePointer
DeleteFileW
CreateIoCompletionPort
GlobalFree

user32

CreateDialogParamW
PeekMessageW
TranslateMessage
DestroyWindow
GetAsyncKeyState
DispatchMessageW
CheckDlgButton
GetDesktopWindow
GetWindowLongW
SetDlgItemTextW
MoveWindow
SetWindowLongW
LoadCursorW
SendMessageW
GetDC
EnableWindow
ClientToScreen
IsWindow
GetDlgItemInt
IsRectEmpty
DefWindowProcW
SetCursor
GetWindowRect
IsWindowVisible
ReleaseDC
SetDlgItemInt
LoadStringW
ShowWindow
CheckRadioButton
GetDlgItem
GetClientRect
InvalidateRect

winmm

mixerGetID
SendDriverMessage
waveInStop
mixerGetLineInfoW
waveInReset
mixerSetControlDetails
waveInPrepareHeader
mixerGetLineControlsW
CloseDriver
waveInUnprepareHeader
waveInGetDevCapsW
mixerClose
waveInClose
mixerGetControlDetailsW
waveInStart
waveInAddBuffer
mixerOpen
waveInOpen
OpenDriver

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitialize

msvfw32

ICDecompress
ICLocate
ICOpen
ICGetInfo
ICSendMessage
ICClose

gdi32

PatBlt
GetPaletteEntries
GetTextExtentPoint32W
GetObjectW
GetStockObject
SelectObject

nddeapi

NDdeGetTrustedShareW
NDdeGetShareSecurityW
NDdeGetErrorStringA
NDdeGetShareSecurityA
NDdeIsValidAppTopicListW
NDdeIsValidShareNameA
NDdeIsValidAppTopicListA
NDdeGetTrustedShareA

ncobjapi

WmiDestroyObject
WmiCreateObjectWithProps
WmiIsObjectActive
WmiCreateObjectWithFormat
WmiEventSourceConnect
WmiCreateObject
WmiSetAndCommitObject
WmiAddObjectProp
WmiEventSourceDisconnect
WmiCommitObject

mydocs

DllGetClassObject
PerUserInit
DllCanUnloadNow

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9560acbb49882f1924b548b242d986d6

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

msvfw32

gdi32

nddeapi

ncobjapi

mydocs

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 36KB - Virtual size: 357KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 36KB - Virtual size: 357KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 828B