40d81b2f0e82386bf3c2799eeb2c90ef79128784958f0bc5b09ad591bb14d19f

Sharing

Copy URL

Twitter E-mail

General

Target

40d81b2f0e82386bf3c2799eeb2c90ef79128784958f0bc5b09ad591bb14d19f
Size

672KB
MD5

429e514009ccfeffa244194071530314
SHA1

a3640454b0ca6b4ac504799ee22b5daedd574610
SHA256

40d81b2f0e82386bf3c2799eeb2c90ef79128784958f0bc5b09ad591bb14d19f
SHA512

d4e2fe1a20572f27754d6f79149e373f16d81c72c100a7efd573e3e7d7e61924fd25046dba7c8279c0fe6ac64b3a0c7c5934dab3f219a58a14831ec5e48f8a22
SSDEEP

6144:+ml1pLc26riYHxMXwl7QUSP3xFldiC7WMPiD492JGcTM7QCjm6V51bbseEIrVrYJ:DfX6rzHxMXg2vaC7WkFk451HsenrusX

Score

N/A

Malware Config

Signatures

Files

40d81b2f0e82386bf3c2799eeb2c90ef79128784958f0bc5b09ad591bb14d19f
.exe windows x86

4772be90aa7ab12fb74b54f94ba1d1f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA

dsound

ord2
ord1

dinput

DirectInputCreateEx

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeSetEvent

kernel32

RtlUnwind
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
CreateThread
TerminateProcess
HeapSize
GetCurrentProcessId
GetTimeZoneInformation
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
ExitProcess
FindClose
FindFirstFileA
CopyFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
Sleep
QueryPerformanceFrequency
GlobalMemoryStatus
GetPrivateProfileIntA
MultiByteToWideChar
GetVersion
CompareStringA
CompareStringW
GetOEMCP
GetCPInfo
GlobalFlags
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetModuleHandleA
WaitForSingleObject
CreateEventA
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleFileNameA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
InterlockedDecrement
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
lstrlenA
GetStringTypeA

user32

GetMenuItemInfoA
InflateRect
LoadCursorA
GetSysColorBrush
ShowOwnedPopups
PostQuitMessage
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
ScreenToClient
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
PtInRect
RegisterWindowMessageA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
GetActiveWindow
EqualRect
GetKeyState
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
MessageBoxA
UpdateWindow
ShowCursor
DeferWindowPos
PostMessageA
GetForegroundWindow
ClientToScreen
GetClientRect
AdjustWindowRect
GetWindowPlacement
ToAscii
MapVirtualKeyA
SetRect
InsertMenuItemA
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetLastActivePopup
BringWindowToTop
SetMenu
IsWindow
GetDesktopWindow
GetWindow
TranslateAcceleratorA
GetWindowTextA
SendMessageA
GetFocus
GetParent
SetWindowPos
SetFocus
EnableWindow
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetWindowLongA
GetWindowRect
CharUpperA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetSystemMetrics
wsprintfA
GetDlgItem

gdi32

DeleteObject
BitBlt
GetPixel
PtVisible
RectVisible
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreatePatternBrush
CreateSolidBrush
GetTextExtentPoint32A
SetMapMode
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SetBkColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
SetBkMode
SetTextColor
TextOutA
CreateFontIndirectA
SetDIBitsToDevice
Ellipse
GetStockObject
SelectObject
MoveToEx
LineTo

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
CryptReleaseContext
RegSetValueExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathIsUNCA
PathFindExtensionA
PathStripToRootA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 356KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yvs
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ovwfbkk
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qezckqb
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nqcdori
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

abnzzgh
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rgsfuzb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4772be90aa7ab12fb74b54f94ba1d1f3

Headers

File Characteristics

Imports

ddraw

dsound

dinput

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 356KB - Virtual size: 353KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 32KB - Virtual size: 29KB

.yvs Size: 28KB - Virtual size: 28KB

ovwfbkk Size: 32KB - Virtual size: 32KB

qezckqb Size: 32KB - Virtual size: 32KB

nqcdori Size: 32KB - Virtual size: 32KB

abnzzgh Size: 32KB - Virtual size: 32KB

rgsfuzb Size: - Virtual size: 4KB

.text
Size: 356KB - Virtual size: 353KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 32KB - Virtual size: 29KB

.yvs
Size: 28KB - Virtual size: 28KB

ovwfbkk
Size: 32KB - Virtual size: 32KB

qezckqb
Size: 32KB - Virtual size: 32KB

nqcdori
Size: 32KB - Virtual size: 32KB

abnzzgh
Size: 32KB - Virtual size: 32KB

rgsfuzb
Size: - Virtual size: 4KB