eea1577052161ec436c4017accb73e8acb9d32ef7d7b826f6468e88ef9eb76d1

Sharing

Copy URL

Twitter E-mail

General

Target

eea1577052161ec436c4017accb73e8acb9d32ef7d7b826f6468e88ef9eb76d1
Size

2.2MB
MD5

2d4d1721badd91ecc2a95493fd7f7018
SHA1

5fadc172a36102d7788b0ae6e5f56524b8eda633
SHA256

eea1577052161ec436c4017accb73e8acb9d32ef7d7b826f6468e88ef9eb76d1
SHA512

0abff42e364dcb76db2b0a0a83b7bb025a3759fd5355e1235dabac26d21a62267e4c4020d8f7df04cd38735e7c059d4bb6855bf4e49256b4ad063eb5f4eb0c03
SSDEEP

49152:I0Yx1qDZ4Gvr/2hLI8QOZ0/oZTUFvJ1vGe:IT8DZ4Gz2hLhQF/xF

Score

N/A

Malware Config

Signatures

Files

eea1577052161ec436c4017accb73e8acb9d32ef7d7b826f6468e88ef9eb76d1
.exe windows x86

f8419251b58ac33c6b180bb3f61e004f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeKillEvent
timeSetEvent
waveOutSetVolume
mciSendCommandA
mciGetErrorStringA
joyGetNumDevs
joyGetPosEx
joyGetDevCapsA
waveOutGetErrorTextA
timeEndPeriod
timeBeginPeriod
timeGetTime
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutGetNumDevs
waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
waveOutMessage
waveOutGetPosition
waveOutGetDevCapsA

avcodec-52

ord925
ord921
ord867
ord919
ord906
ord841
ord840
ord839
ord908
ord858
ord923
ord868
ord937
ord911
ord860
ord862
ord931
ord958
ord960
ord903
ord940
ord914
ord935
ord956
ord905
ord932
ord959
ord946
ord950
ord844
ord842
ord882
ord857
ord865
ord896
ord863
ord845
ord859
ord881
ord883
ord920
ord889
ord875
ord852
ord957
ord847
ord926
ord924
ord873
ord933
ord848
ord902
ord945
ord874
ord936
ord944
ord910
ord927
ord912
ord854
ord843

avdevice-52

ord1

avformat-52

ord62
ord264
ord344
ord476
ord80
ord26
ord25
ord43
ord478
ord36
ord44
ord30
ord47
ord28
ord45
ord68
ord35
ord60
ord491
ord467
ord61
ord466
ord82
ord81
ord46
ord71
ord63
ord23
ord31
ord51
ord58
ord77
ord49
ord464
ord79
ord78
ord473
ord110
ord70
ord21

avutil-50

ord27
ord23
ord20
ord57
ord12
ord72
ord43
ord29
ord67
ord42
ord71
ord40
ord38
ord46
ord59
ord58
ord31
ord60
ord45
ord32
ord25
ord22
ord24

swscale-0

ord77
ord66
ord63
ord69

zlib1

ord67

kernel32

FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InterlockedCompareExchange
IsProcessorFeaturePresent
GetThreadContext
SetThreadContext
SetHandleCount
GetCommandLineA
SetUnhandledExceptionFilter
ReleaseSemaphore
TerminateProcess
TerminateThread
GetCurrentThread
SuspendThread
VirtualProtect
WriteProcessMemory
GetCurrentProcess
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetVersion
lstrlenW
GetLastError
lstrlenA
CompareStringA
GetEnvironmentVariableA
CompareStringW
InterlockedExchange
MultiByteToWideChar
lstrcmpiA
SizeofResource
LockResource
LoadResource
FindResourceA
FreeLibrary
SetLastError
GetModuleHandleA
RaiseException
lstrcpynA
GetModuleFileNameA
GetTickCount
GetVersionExA
FreeResource
GetWindowsDirectoryA
WinExec
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomA
MulDiv
GlobalAddAtomA
Sleep
CloseHandle
DeleteFileA
GetTempFileNameA
CreateThread
ReadFile
DuplicateHandle
GetCurrentProcessId
WriteFile
WaitForSingleObject
GetTempPathA
GetSystemDirectoryA
CopyFileA
CreateSemaphoreA
CreateToolhelp32Snapshot
Process32First
Process32Next
FindFirstFileA
FindClose
CreateFileA
GetFileTime
FileTimeToSystemTime
GetFileAttributesA
SetFilePointer
CreateFileW
ReadFileEx
GetFileSize
GetFileSizeEx
SetFilePointerEx
GetFileInformationByHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GlobalUnlock
FlushInstructionCache
lstrcmpA
GlobalAlloc
LoadLibraryExA
GlobalFree
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
GlobalLock
OutputDebugStringA
IsBadReadPtr
SetEvent
CreateEventA
DeviceIoControl
ResetEvent
CreateMutexA
ReleaseMutex
QueryPerformanceCounter
SetEnvironmentVariableA
SetThreadPriority
ResumeThread
GetLocaleInfoA
GetACP
SetErrorMode
GetDriveTypeA
GetLocaleInfoW
GetSystemDefaultLCID
FindResourceExA
FindNextFileW
FindFirstFileW
GetModuleFileNameW
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpW
GlobalGetAtomNameA
LocalFree
FormatMessageA
WritePrivateProfileStringA
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GlobalFlags
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapFree
HeapAlloc
HeapReAlloc
UnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ExitProcess
GetSystemTimeAsFileTime
GetProcessHeap
GetStartupInfoA
GetFileType
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
RtlUnwind
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation

user32

GetClassInfoA
DefWindowProcA
DestroyCursor
SetRectEmpty
GetMessageA
GetCursor
TranslateMessage
DispatchMessageA
SystemParametersInfoA
GetDesktopWindow
GetWindowLongA
SetForegroundWindow
MapVirtualKeyA
GetMessagePos
LoadIconA
LoadMenuA
GetSubMenu
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetCaretPos
SetWindowLongA
MessageBeep
SetWindowsHookExA
DrawStateA
GetMenuInfo
SetWindowPos
UnhookWindowsHookEx
GetMenuItemCount
DestroyIcon
IsMenu
GetPropA
RemovePropA
ValidateRect
CreatePopupMenu
BeginPaint
CallWindowProcA
EndPaint
CreateWindowExA
WindowFromDC
GetMenuDefaultItem
AppendMenuA
CopyAcceleratorTableA
IntersectRect
GetKeyNameTextA
GetClassNameA
SetPropA
ModifyMenuA
SetLayeredWindowAttributes
SetMenu
GetWindowDC
CallNextHookEx
GetMenuState
GetMenuItemInfoA
IsIconic
DrawIcon
EnableMenuItem
SetWindowRgn
MessageBoxA
EqualRect
ExitWindowsEx
EnumWindows
ShowWindow
IsWindowVisible
SetActiveWindow
GetLastActivePopup
LoadImageA
CharNextA
GetClassInfoExA
InflateRect
RegisterClassExA
DestroyWindow
GetWindow
SetFocus
GetDlgItem
GetKeyState
GetWindowTextA
CreateAcceleratorTableA
GetWindowTextLengthA
DestroyAcceleratorTable
MoveWindow
PeekMessageA
EnumDisplaySettingsA
ChangeDisplaySettingsA
GetForegroundWindow
AdjustWindowRectEx
IsZoomed
DrawTextW
WindowFromPoint
MapWindowPoints
GetKeyboardState
UnregisterClassA
GetKeyboardLayout
ToAsciiEx
SetCursorPos
PostQuitMessage
ClipCursor
AdjustWindowRect
ToUnicode
RegisterClassA
MsgWaitForMultipleObjects
SetClassLongA
CreateIconFromResourceEx
CreateCursor
LoadKeyboardLayoutA
GetKeyboardLayoutNameA
MapVirtualKeyExA
CheckMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetActiveWindow
TranslateAcceleratorA
GetWindowPlacement
GetDlgCtrlID
SetScrollInfo
GetScrollInfo
DeferWindowPos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetClassLongA
GetCapture
WinHelpA
SendDlgItemMessageA
GetMenuStringA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
InsertMenuItemA
LoadAcceleratorsA
IsWindowEnabled
GetWindowThreadProcessId
ReuseDDElParam
UnpackDDElParam
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
IsDialogMessageA
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
UpdateWindow
IsRectEmpty
GrayStringA
TabbedTextOutA
ScreenToClient
SetTimer
BringWindowToTop
SetWindowTextA
RedrawWindow
LockWindowUpdate
ShowScrollBar
ReleaseDC
GetDC
PostMessageA
ReleaseCapture
SetCapture
DrawTextA
LoadBitmapA
GetParent
GetSystemMetrics
GetWindowRect
DrawTextExA
DrawFrameControl
OffsetRect
SetCursor
FrameRect
LoadCursorA
IsWindow
PtInRect
SetRect
ClientToScreen
DrawFocusRect
GetSysColorBrush
FillRect
GetSysColor
DrawEdge
EnableWindow
InvalidateRect
GetClientRect
CopyRect
CharUpperA
SendMessageA
GetCursorPos
GetMenu
KillTimer
GetSystemMenu
DestroyMenu
GetFocus
IsChild
RegisterWindowMessageA
InvalidateRgn

gdi32

SetBkColor
Ellipse
PlgBlt
PtInRegion
GetPixel
FillRgn
CreatePolygonRgn
CreateRectRgn
PtVisible
GetCurrentObject
GetBkColor
Escape
ExtTextOutA
TextOutA
RectVisible
Rectangle
GetStockObject
CreateDIBSection
CreatePen
DeleteObject
CreateBitmap
SelectObject
RealizePalette
RoundRect
GetDeviceCaps
CreateCompatibleBitmap
SetTextColor
CreateFontIndirectA
LineTo
GetTextMetricsA
DeleteDC
CreateSolidBrush
StretchBlt
GetObjectA
CreateCompatibleDC
BitBlt
CreatePalette
UnrealizeObject
GetTextAlign
SetBrushOrgEx
CombineRgn
SetDIBColorTable
SetPaletteEntries
GetSystemPaletteUse
GetDeviceGammaRamp
SetDeviceGammaRamp
SetSystemPaletteUse
CreateFontW
GetBitmapBits
SetBkMode
SetPixelFormat
ChoosePixelFormat
CreateRoundRectRgn
SetTextAlign
GetTextExtentPointA
SetWindowOrgEx
GetCurrentPositionEx
CreateRectRgnIndirect
GetTextColor
GetLayout
MoveToEx
SelectClipRgn
GetNearestColor
SelectPalette
GetSystemPaletteEntries
CreateDCA
GetDIBits
SetMapMode
SetPixel
CreatePatternBrush
GetTextExtentPoint32A
SetDIBitsToDevice
GetRgnBox
DPtoLP
GetMapMode
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
IntersectClipRect
SetROP2
RestoreDC
SaveDC
GetClipBox
DescribePixelFormat
SwapBuffers

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
IsTextUnicode
RegEnumKeyA
RegQueryValueA

shell32

DragFinish
DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathFindExtensionA
PathRemoveExtensionA
PathRenameExtensionA
PathCombineA
PathFileExistsA
PathRemoveFileSpecA

oledlg

ord8

ole32

CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
OleLockRunning
CoCreateInstance
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromString

oleaut32

SysFreeString
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
SysAllocString
SysAllocStringLen
OleCreateFontIndirect
SysStringLen
SysStringByteLen
VarUI4FromStr
LoadRegTypeLi
GetErrorInfo
VariantCopy
SafeArrayDestroy
SysAllocStringByteLen
VariantChangeType
VariantClear
VariantInit
OleLoadPicture

ddraw

DirectDrawCreate
DirectDrawCreateEx

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 412KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8419251b58ac33c6b180bb3f61e004f

Headers

File Characteristics

Imports

winmm

avcodec-52

avdevice-52

avformat-52

avutil-50

swscale-0

zlib1

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ddraw

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 328KB - Virtual size: 326KB

.data Size: 412KB - Virtual size: 5.5MB

.rsrc Size: 116KB - Virtual size: 112KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 328KB - Virtual size: 326KB

.data
Size: 412KB - Virtual size: 5.5MB

.rsrc
Size: 116KB - Virtual size: 112KB