561cfd051fd2093ed79bf513f6f732daa5230d4b264eeb44fcc9ddb875c2d09e

Sharing

Copy URL Twitter E-mail

General

Target

561cfd051fd2093ed79bf513f6f732daa5230d4b264eeb44fcc9ddb875c2d09e
Size

200KB
MD5

6d43d130a0e213f784cfbaa6b8443f17
SHA1

35a4269df61c5774cfb04d2db7962ca71ebedb88
SHA256

561cfd051fd2093ed79bf513f6f732daa5230d4b264eeb44fcc9ddb875c2d09e
SHA512

5a847ad33512e2b3a3aea81457640e3a4d3c512d4ca85e1c2eb776aa9a2a8ac1190ced2186a13076254d702942c8511e81dd91a4ad03c7422f3745c4f3f49a05
SSDEEP

6144:0rnqPDBX7NIlc6wOMnXqYIGvQgHbXjkiKS:02voMXzI/gHP

Score

N/A

Malware Config

Signatures

Files

561cfd051fd2093ed79bf513f6f732daa5230d4b264eeb44fcc9ddb875c2d09e
.exe windows x86

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetModuleFileNameA
IsBadHugeReadPtr
GlobalHandle
GetSystemTimeAsFileTime
SetEndOfFile
GetSystemInfo
GetFullPathNameW
HeapFree
GetCurrentThread
SetFilePointer
GetCPInfo
GlobalAlloc
GetFileAttributesW
lstrcmpiW
GlobalFree
GetVersionExW
GetProcessHeap
PostQueuedCompletionStatus
GetQueuedCompletionStatus
IsBadReadPtr
CreateEventW
InterlockedIncrement
GetCurrentProcessId
CloseHandle
ReadFile
GetLastError
CreateIoCompletionPort
GetPrivateProfileStringW
GetTickCount
FreeLibrary
MultiByteToWideChar
IsBadCodePtr
MulDiv
LoadLibraryW
WaitForMultipleObjects
OutputDebugStringA
GlobalLock
GetProfileIntA
InterlockedExchange
DeleteCriticalSection
lstrlenW
lstrcpyA
WaitForSingleObject
EnterCriticalSection
DeleteFileW
SetThreadPriority
SetEvent
GetEnvironmentStringsW
lstrcpyW
lstrcmpW
lstrlenA
IsBadWritePtr
GetCurrentProcess
GlobalMemoryStatus
QueryPerformanceCounter
InterlockedDecrement
ResetEvent
GetFileSize
WriteFile
GetThreadPriority
CreateSemaphoreW
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrcpynW
CreateFileW
VirtualFree
LeaveCriticalSection
GlobalUnlock
ReleaseSemaphore
HeapAlloc
GetSystemDefaultLangID
CreateThread
InitializeCriticalSection
GetDiskFreeSpaceW

advapi32

RegEnumKeyExW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegSetValueW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW
RegQueryValueExW
RegEnumKeyW

msvcrt

_purecall
??3@YAXPAX@Z
_ftol
wcslen
??2@YAPAXI@Z
_except_handler3

user32

IsWindowVisible
GetClientRect
EnableWindow
IsWindow
CheckDlgButton
GetWindowRect
DestroyWindow
SetWindowLongW
CreateDialogParamW
SetCursor
GetDC
GetAsyncKeyState
PeekMessageW
CheckRadioButton
DefWindowProcW
LoadCursorW
wsprintfW
ShowWindow
TranslateMessage
MoveWindow
SetDlgItemTextW
ClientToScreen
ReleaseDC
SetDlgItemInt
GetWindowLongW
GetDesktopWindow
InvalidateRect
IsRectEmpty
SendMessageW
DispatchMessageW
LoadStringW
GetDlgItemInt
GetDlgItem

winmm

mixerOpen
mixerClose
mixerGetControlDetailsW
waveInStart
waveInUnprepareHeader
waveInReset
mixerGetLineControlsW
mixerGetID
waveInClose
waveInPrepareHeader
CloseDriver
waveInStop
OpenDriver
waveInAddBuffer
mixerGetLineInfoW
mixerSetControlDetails
waveInGetDevCapsW
SendDriverMessage
waveInOpen

msvfw32

ICOpen
ICClose
ICCompress
ICLocate
ICGetInfo
ICDecompress
ICSendMessage

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateInstance
StringFromGUID2
CoFreeUnusedLibraries

gdi32

GetStockObject
PatBlt
GetTextExtentPoint32W
SelectObject
GetPaletteEntries
GetObjectW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae3dc808b3570de5bdba820f155d46e5

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

winmm

msvfw32

ole32

gdi32

version

Sections

.text Size: 172KB - Virtual size: 171KB

.data Size: 25KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 644B

.text
Size: 172KB - Virtual size: 171KB

.data
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 644B