287a62436a7c2f844de85585c2b34059216c4f4a968568a5ea3962ce972ce106

Sharing

Copy URL Twitter E-mail

General

Target

287a62436a7c2f844de85585c2b34059216c4f4a968568a5ea3962ce972ce106
Size

326KB
MD5

570c6cf982822ec601e874efa1c5d970
SHA1

5353b27bbdc19fd3c5c1af768c3aa8e8dce19091
SHA256

287a62436a7c2f844de85585c2b34059216c4f4a968568a5ea3962ce972ce106
SHA512

349837b353b571669e8e84662399f1628d807ff2914403d144a412b2c7809703ace64ab38fbac1313b9412177c6dd7fa81bacff9d83710d38db925b08ae2a20e
SSDEEP

6144:1tYiijb5XxSuQjnnc6GBvNvrRulBLQoy1aoFSEouxeQSDOKwCZ2IwEpw:11ijb5XUZnn50lrRMMrSHyYLB

Score

N/A

Malware Config

Signatures

Files

287a62436a7c2f844de85585c2b34059216c4f4a968568a5ea3962ce972ce106
.exe windows x86

2bda5b526efda1746dabfe343fd3a90a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_ftol
memmove
NtAllocateVirtualMemory

winmm

mciSendStringW
CloseDriver
waveInOpen
SendDriverMessage
waveInPrepareHeader
mmioSeek
mmioClose
waveInStart
waveInStop
waveOutGetNumDevs
mmioWrite
mmioDescend
waveInClose
timeGetTime
mmioAscend
OpenDriver
mmioOpenW
mmioCreateChunk
mmioRead
waveInReset
mmioFlush
waveInUnprepareHeader
waveInAddBuffer

gdi32

GetDCOrgEx
GetNearestPaletteIndex
PatBlt
RealizePalette
CreatePalette
GetObjectW
DeleteObject
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette
GetStockObject
GetPaletteEntries
GetClipBox
SetWindowOrgEx
SelectObject

msvfw32

ICCompressorFree
ICSeqCompressFrameStart
DrawDibBegin
DrawDibRealize
DrawDibDraw
ICCompressorChoose
ICImageDecompress
ICSeqCompressFrame
ICSeqCompressFrameEnd
DrawDibOpen
DrawDibClose
DrawDibGetPalette

user32

ClientToScreen
EqualRect
EmptyClipboard
DefWindowProcW
GetClientRect
LoadStringA
SetCursor
CreateWindowExW
RegisterClassW
GetDC
UpdateWindow
LoadCursorW
MessageBeep
PeekMessageW
ReleaseDC
wvsprintfW
TranslateMessage
wsprintfA
GetClassInfoW
BeginPaint
InvalidateRect
OpenClipboard
SetRect
wsprintfW
SetWindowLongW
MessageBoxW
DispatchMessageW
LoadStringW
CloseClipboard
KillTimer
GetAsyncKeyState
GetParent
GetClipboardData
PostMessageW
SetTimer
MsgWaitForMultipleObjects
GetMessageW
SetClipboardData
IsWindow
GetWindowLongW
SendMessageW
EndPaint

secur32

QuerySecurityPackageInfoW

kernel32

LocalUnlock
GetThreadPriority
CreateFileW
CreateEventW
lstrcatW
GetDiskFreeSpaceW
GetModuleHandleW
WriteFile
lstrcpyW
GetCurrentThreadId
WaitForSingleObject
InitializeCriticalSection
GlobalMemoryStatusEx
VirtualAlloc
SetThreadPriority
VirtualFree
LocalHandle
GetCurrentThread
DisableThreadLibraryCalls
GetFileSize
CloseHandle
DeleteFileW
QueryPerformanceCounter
Sleep
GetLocalTime
GetPrivateProfileStringW
MulDiv
FreeLibrary
IsBadWritePtr
SetEvent
GlobalUnlock
IsBadHugeReadPtr
MultiByteToWideChar
HeapFree
lstrcpyA
GlobalReAlloc
LocalAlloc
LocalFree
DeleteCriticalSection
LeaveCriticalSection
SleepEx
IsBadReadPtr
GetOverlappedResult
lstrcmpiW
GlobalAlloc
IsBadCodePtr
GetFileAttributesW
GetLastError
GetACP
lstrlenA
GlobalFree
GetProcAddress
EnterCriticalSection
WideCharToMultiByte
QueryPerformanceFrequency
GetModuleFileNameW
SetFilePointer
GetFullPathNameW
lstrcpynW
lstrlenW
CreateThread
GetProcessHeap
LoadLibraryW
GlobalLock
GetSystemInfo
IsBadStringPtrW
HeapAlloc
LocalLock
GlobalHandle
lstrcatA

advapi32

RegQueryValueExA
RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegCreateKeyW
RegOpenKeyA
RegQueryValueExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bda5b526efda1746dabfe343fd3a90a

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

winmm

gdi32

msvfw32

user32

secur32

kernel32

advapi32

version

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 6KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 74KB - Virtual size: 73KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 6KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 107KB - Virtual size: 106KB