36e955d44edccc76d6003277f3c03b7838e136cf2c8f286e1a0a104c48876cb1

Sharing

Copy URL

Twitter E-mail

General

Target

36e955d44edccc76d6003277f3c03b7838e136cf2c8f286e1a0a104c48876cb1
Size

128KB
MD5

68afbece96b0a61d640e006c573336af
SHA1

2a781dd75e7dd7f4245abf00dd5e7c25b7773ee7
SHA256

36e955d44edccc76d6003277f3c03b7838e136cf2c8f286e1a0a104c48876cb1
SHA512

9b2167373ecb1ca02178c94d98a5fcaa489fe48c52162ea350b9b0aebd3d577e88e8c0827c27d6fe721d380deb5cfc01720a2f416d61df3bf3b9a7b126a07061
SSDEEP

3072:159+pTRz4GPsmjuPknaN1KDBJS1wWD2OyHh1A:Y3psmjg14JywOWh

Score

N/A

Malware Config

Signatures

Files

36e955d44edccc76d6003277f3c03b7838e136cf2c8f286e1a0a104c48876cb1
.dll windows x86

d8ccebe37658fb2ee2c5242c4748d31b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerLanguageNameW
GlobalAddAtomW
GetHandleInformation
IsDebuggerPresent
GetProcessHeap
GetVersion
ClearCommBreak
SetFileApisToANSI
ReadProcessMemory
GetModuleHandleA
WriteConsoleW
DeleteFileA
GetOverlappedResult
CloseHandle
VerLanguageNameA
GetCurrencyFormatW
IsValidLocale
GetProcAddress
ReadConsoleInputExW
LoadLibraryA
ExpandEnvironmentStringsA
GetCurrentDirectoryA
GetSystemTime
GetUserDefaultLCID
SleepEx
TerminateJobObject
GetVDMCurrentDirectories
GetComputerNameA
VirtualAlloc

user32

GetWindowWord
UnregisterHotKey
GetClassWord
GetUserObjectInformationA
ChangeClipboardChain
RedrawWindow
SetMessageExtraInfo
GetClassLongA
EnumThreadWindows
ScrollWindowEx
SetClassWord
BeginPaint
GetOpenClipboardWindow
EnableScrollBar
DdeQueryConvInfo
DrawFrame
DrawStateA
CreateCaret
GetClassNameW
ToAsciiEx
ChangeDisplaySettingsExW
CallMsgFilterW
DlgDirSelectComboBoxExW
DdeAddData
EnumDisplaySettingsW
PeekMessageA
SetProcessDefaultLayout
UpdateWindow
SetWindowLongA
SetThreadDesktop
MessageBoxIndirectA
CharToOemBuffW
SetWindowPos
EnumWindowStationsA
DialogBoxIndirectParamA
GetForegroundWindow
GetNextDlgGroupItem
GrayStringA
GetIconInfo
mouse_event

gdi32

SetTextAlign
GetBkColor
SetTextJustification
GetTextCharacterExtra

advapi32

SystemFunction031
CryptDuplicateKey
SystemFunction006
ConvertAccessToSecurityDescriptorW
ElfRegisterEventSourceW
PrivilegeCheck

comctl32

ImageList_SetDragCursorImage
ord14
ord6
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Copy
ImageList_Create
ord16
ImageList_DrawIndirect
CreatePropertySheetPageW
FlatSB_SetScrollPos
ImageList_DragEnter
ImageList_Read
ord7
ImageList_Remove
_TrackMouseEvent
DestroyPropertySheetPage
FlatSB_EnableScrollBar
FlatSB_SetScrollRange
ord17
ImageList_SetIconSize
ImageList_DrawEx
InitCommonControlsEx
ord5
ImageList_AddMasked
FlatSB_SetScrollInfo
ImageList_Replace
ord13
ImageList_Add
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_Duplicate
DrawStatusTextW
ImageList_GetBkColor
ImageList_LoadImageW
FlatSB_GetScrollPos
UninitializeFlatSB
ImageList_BeginDrag
ImageList_AddIcon
PropertySheetA
ImageList_GetIcon
CreateStatusWindowW
ImageList_SetOverlayImage

opengl32

glVertex3s
glNewList
glColor4uiv
glVertex3d
glColor3i
glPushMatrix
glCallList
glTexCoord2d
glRasterPos3fv
glScissor
glLogicOp
glEvalCoord1dv
wglShareLists
GlmfPlayGlsRecord
glColorMaterial
glTexCoord1f
glTexCoord1d
glTexCoord4iv
glTexCoord2f
glAlphaFunc
glLightiv
glColor4iv
glPixelMapusv

shell32

StrStrIA
StrChrIW

shlwapi

PathCommonPrefixA
SHRegQueryInfoUSKeyW
SHDeleteValueW
SHQueryInfoKeyA
StrToIntA
StrToIntExA
PathIsRootW
PathIsUNCServerW
PathIsUNCServerShareA
UrlUnescapeA
UrlEscapeA
SHQueryValueExA
SHRegGetUSValueA
PathGetDriveNumberA
HashData
SHRegSetUSValueW
SHRegWriteUSValueW
PathFindFileNameW
SHGetInverseCMAP
SHRegOpenUSKeyA
PathBuildRootA
PathMatchSpecA
PathStripToRootW
UrlCombineW
SHDeleteKeyW
ChrCmpIA
PathRenameExtensionW
SHRegCreateUSKeyA
StrIsIntlEqualA
SHRegQueryInfoUSKeyA
PathCompactPathW
PathIsUNCA
PathCombineW
UrlApplySchemeA
SHGetValueW
SHRegEnumUSKeyA
PathIsUNCServerShareW
SHRegDeleteEmptyUSKeyW
PathFindFileNameA
SHRegEnumUSValueA
SHQueryInfoKeyW
SHRegCloseUSKey
PathAppendA
PathMakePrettyW
PathFileExistsA
SHIsLowMemoryMachine
UrlCreateFromPathW
SHDeleteEmptyKeyW

version

GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
VerFindFileW
VerFindFileA
GetFileVersionInfoA
VerInstallFileW
VerQueryValueA
VerInstallFileA

winmm

WOW32DriverCallback
mciGetDeviceIDFromElementIDW
midiOutSetVolume
midiStreamProperty
mciGetCreatorTask
mmioFlush
joyGetDevCapsA
GetDriverModuleHandle
midiOutMessage
midiOutLongMsg
mxd32Message
mmTaskBlock
mciGetDeviceIDA
PlaySoundA
wod32Message
mod32Message
mixerGetLineInfoW
midiStreamOpen
waveOutRestart
OpenDriver
mciGetDriverData
mmioClose
sndPlaySoundW
DrvGetModuleHandle
midiInGetErrorTextA
waveInAddBuffer
mmioRenameA
mciGetDeviceIDFromElementIDA
waveInUnprepareHeader
midiInGetNumDevs
waveOutSetVolume
timeKillEvent
midiOutClose
NotifyCallbackData
mmioCreateChunk
midiInStart
mmioStringToFOURCCA
mid32Message
waveInClose
joySetThreshold
midiOutGetErrorTextW
midiInGetID
timeGetDevCaps
SendDriverMessage
mmioAdvance

winspool.drv

SetPrinterW
GetFormA
EnumPortsA
GetPrintProcessorDirectoryA
AddPortW
AddPrintProcessorW
GetJobA
DeletePrintProvidorW
DeletePrinter
EnumPortsW
GetPrinterDriverDirectoryW
ConvertAnsiDevModeToUnicodeDevmode

msvcrt

_rmdir
fseek
fsetpos
sprintf
_y1
feof
wcscpy
_heapadd
_wspawnle
ftell
fclose
gets
__p__dstbias
towlower
wcstol
__RTtypeid
fopen
_finite
_unlink
sqrt
difftime
ferror
_wmktemp
_copysign
fread
vfprintf
fprintf
_longjmpex
__fpecode
_beep
atof
strcpy
printf
_getmaxstdio
_wstrtime
__lc_codepage
__p__mbcasemap
localeconv
_mbsnextc
_mbsnbicmp
fputc
_heapset
_mbsncat
memset
__p__winmajor
fputs
strchr
fwprintf
fwrite

Exports

Exports

Acxpvrfh
Cijqm
Dsujrmoaxx
Fsvucw
Nphmtgd
Tmpzfh
Vqgcmfsqh
Vzowtztku
Wtiff
Xwkvtwuhjb

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ccebe37658fb2ee2c5242c4748d31b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

opengl32

shell32

shlwapi

version

winmm

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 52KB - Virtual size: 51KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 52KB - Virtual size: 51KB

.reloc
Size: 8KB - Virtual size: 7KB