4a0b578c783f43177e28793bf79c46b899378c2e72af637aab0e0f69d67964db

Sharing

Copy URL

Twitter E-mail

General

Target

4a0b578c783f43177e28793bf79c46b899378c2e72af637aab0e0f69d67964db
Size

268KB
MD5

1abb45e94cfcfe5f1717ba3b907b83f0
SHA1

77c3841d41d2d0f508ace3c89de9974522253ee8
SHA256

4a0b578c783f43177e28793bf79c46b899378c2e72af637aab0e0f69d67964db
SHA512

249b3fce91b3b2352d4e71f58c0f7310257778a1c007ab0b6eaefd66bcb4b8ae94fd1ff74e6d7d20bdc7d623d1aa76d866abb9968247e8cc48a6f7efed5c9509
SSDEEP

6144:IaciLpnGxT/rS5W0FkGfLMo1sUT+0UJLCdScFs6BG0Co7T6j:40pGx7u5Wcfd3ALCdU6B57g

Score

N/A

Malware Config

Signatures

Files

4a0b578c783f43177e28793bf79c46b899378c2e72af637aab0e0f69d67964db
.dll windows x86

acdac88f8613d457a7dc942d9c25b321

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathIsURLW

kernel32

UnhandledExceptionFilter
GetPrivateProfileIntA
CompareStringW
MultiByteToWideChar
WritePrivateProfileStringA
GetModuleHandleA
Sleep
MulDiv
lstrcmpA
lstrlenA
lstrcpynA
WaitForSingleObject
WideCharToMultiByte
TerminateThread
lstrcpynW
SetThreadPriority
DisableThreadLibraryCalls
GetTempFileNameA
GetShortPathNameW
CloseHandle
GetTempPathA
DeleteFileA
CreateThread
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
HeapReAlloc
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
IsDebuggerPresent

user32

DestroyWindow
SetTimer
GetWindowRect
SetActiveWindow
KillTimer
GetActiveWindow
PostMessageA
GetSystemMetrics
SetWindowTextA
MoveWindow
GetParent
SendMessageA
SetWindowLongA
MessageBoxA
GetDlgItem
EndDialog
SetWindowPos
CheckDlgButton
ShowWindow
IsDlgButtonChecked
MessageBoxIndirectW
SendMessageW
EnableWindow
GetDlgCtrlID
GetDlgItemTextA
SetWindowTextW
SetDlgItemTextA
GetDialogBaseUnits
SetForegroundWindow
GetWindowLongA

comdlg32

GetSaveFileNameA

msvcr90

__clean_type_info_names_internal
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_crt_debugger_hook
_except_handler4_common
free
calloc
malloc
strstr
strchr
_vsnwprintf
_vsnprintf
atof
_stricmp
strncmp
atoi
_vswprintf_c_l
_itow
strrchr
strncpy
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
fclose
feof
ftell
fseek
fputc
fgetc
fwrite
fread
fopen
memcpy
rand
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer

Exports

Exports

winampGetExtendedFileInfoW
winampGetExtendedRead_close
winampGetExtendedRead_getData
winampGetExtendedRead_open
winampGetInModule2

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acdac88f8613d457a7dc942d9c25b321

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

comdlg32

msvcr90

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 35KB - Virtual size: 43KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 4KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 35KB - Virtual size: 43KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 107KB - Virtual size: 108KB