2157f1d7ade5162c2acae0d16d8c652bcbbf68a2d23b061dc6498810ec1b9690

Sharing

Copy URL

Twitter E-mail

General

Target

2157f1d7ade5162c2acae0d16d8c652bcbbf68a2d23b061dc6498810ec1b9690
Size

208KB
MD5

646b50f3d0d04060005243581418d903
SHA1

d40d8172a19c6b858e3a41711e7abc6db4025fe5
SHA256

2157f1d7ade5162c2acae0d16d8c652bcbbf68a2d23b061dc6498810ec1b9690
SHA512

6b256e890016efe508dbe5456dd84f746d534935a67719409e10cc7deae29ef5a05fe2b7cdd7d810ed7c1f644d07233e0f153b738e15d252f916bcfbf4975f39
SSDEEP

6144:vRzoVpB4O78tNaYbCOBFyGqFtOVxoLnb7S/:doVpBXgyciLOVxoXc

Score

N/A

Malware Config

Signatures

Files

2157f1d7ade5162c2acae0d16d8c652bcbbf68a2d23b061dc6498810ec1b9690
.exe windows x86

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

WaitForUserPolicyForegroundProcessing
DeleteProfileA
RsopSetPolicySettingStatus
UnregisterGPNotification
UnloadUserProfile
WaitForMachinePolicyForegroundProcessing

winmm

SendDriverMessage
mixerSetControlDetails
waveInUnprepareHeader
mixerGetLineInfoW
waveInStart
waveInClose
waveInStop
mixerOpen
mixerGetID
OpenDriver
waveInReset
mixerGetControlDetailsW
mixerClose
waveInPrepareHeader
mixerGetLineControlsW
waveInOpen
waveInAddBuffer
waveInGetDevCapsW

user32

GetDlgItem
DefWindowProcW
ShowWindow
GetDC
TranslateMessage
LoadStringW
SetDlgItemTextW
CheckRadioButton
IsRectEmpty
CreateDialogParamW
GetAsyncKeyState
PeekMessageW
EnableWindow
IsWindowVisible
GetDesktopWindow
GetWindowLongW
DestroyWindow
SendMessageW
SetWindowLongW
GetClientRect
ReleaseDC
DispatchMessageW
LoadCursorW
CheckDlgButton
InvalidateRect
ClientToScreen
GetWindowRect
GetDlgItemInt
SetCursor
SetDlgItemInt
MoveWindow
IsWindow

kernel32

GetCurrentProcessId
InterlockedIncrement
GlobalFree
SetEndOfFile
ReleaseSemaphore
GlobalAlloc
GetTickCount
GetFileSize
GetFileAttributesW
GetTimeZoneInformation
GetDiskFreeSpaceW
CreateEventW
lstrcpynW
GetProcAddress
GetSystemDefaultLangID
lstrcmpW
WaitForMultipleObjects
GetProfileIntA
GetLocaleInfoA
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
SetThreadPriority
GetSystemTimeAsFileTime
GetModuleFileNameA
SetEvent
InterlockedExchange
IsBadReadPtr
CreateFileW
lstrlenW
WideCharToMultiByte
lstrcpyA
CreateIoCompletionPort
IsBadWritePtr
GetVersionExW
GetLastError
OutputDebugStringW
SetUnhandledExceptionFilter
DeleteFileW
WriteFile
IsBadCodePtr
PostQueuedCompletionStatus
GetProcessHeap
HeapFree
EnterCriticalSection
GetFullPathNameW
CreateThread
GetQueuedCompletionStatus
LeaveCriticalSection
WaitForSingleObject
GetCurrentProcess
GetSystemInfo
ResetEvent
GlobalUnlock
GlobalHandle
VirtualFree
GetACP
GlobalMemoryStatus
ReadFile
MulDiv
GetPrivateProfileStringW
GetThreadPriority
FreeLibrary
lstrcpyW
SetFilePointer
CreateSemaphoreW
lstrcmpiW
InterlockedDecrement
InitializeCriticalSection
GlobalLock
DeleteCriticalSection
GetCurrentThread
HeapAlloc
LoadLibraryW
CloseHandle

ole32

CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize

ncobjapi

WmiEventSourceDisconnect
WmiCommitObject
WmiCreateObjectWithProps
WmiAddObjectProp
WmiSetAndCommitObject
WmiDestroyObject
WmiCreateObjectWithFormat
WmiCreateObject
WmiIsObjectActive
WmiEventSourceConnect

gdi32

GetObjectW
GetTextExtentPoint32W
SelectObject
PatBlt
GetPaletteEntries
GetStockObject

nddeapi

NDdeIsValidAppTopicListW
NDdeGetShareSecurityA
NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetTrustedShareW
NDdeIsValidShareNameA
NDdeGetErrorStringA
NDdeIsValidAppTopicListA

msvfw32

ICSendMessage
ICDecompress
ICClose
ICLocate
ICGetInfo
ICOpen

usp10

ScriptGetCMap
ScriptGetFontProperties
ScriptGetGlyphABCWidth
ScriptFreeCache
ScriptApplyLogicalWidth
ScriptCacheGetHeight
ScriptCPtoX
ScriptBreak
LpkPresent

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

Imports

userenv

winmm

user32

kernel32

ole32

ncobjapi

gdi32

nddeapi

msvfw32

usp10

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 28KB - Virtual size: 477KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 28KB - Virtual size: 477KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 904B