fadba585f695b88380a45e304681c42d0d2aa4e71ff5edd79c0b1fd34135c639

Sharing

Copy URL

Twitter E-mail

General

Target

fadba585f695b88380a45e304681c42d0d2aa4e71ff5edd79c0b1fd34135c639
Size

541KB
MD5

6cf3c148f0b3e396d613761bbab95780
SHA1

c78accacb39340cce3b7568401bfe3ba1517dd21
SHA256

fadba585f695b88380a45e304681c42d0d2aa4e71ff5edd79c0b1fd34135c639
SHA512

70df7d365fadeac0bf6c02ea7af86648631ae971565bd7146ab8ee38002b094a75188188936cc1dbe3f4e3b6c43bf53282bbd565a1b8c0370ab691276086cd37
SSDEEP

12288:8RXL4SNhwbKgx5HTV8oQuKm7XifmOtMCmIdmARaKkzxhkzUb87YL27kZV/lFKBCP:8BL9wb77HMenIdm4jynL3/+TBou1SoG

Score

N/A

Malware Config

Signatures

Files

fadba585f695b88380a45e304681c42d0d2aa4e71ff5edd79c0b1fd34135c639
.exe windows x86

3ed3d7054ad658f8599cf0002b64dedb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdipBitmapUnlockBits
GdipBitmapLockBits
GdiplusStartup
GdipCloneImage
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth

dsound

ord1

winmm

PlaySoundA
mmioOpenA
mmioSetInfo
mmioAdvance
mmioGetInfo
mmioClose
mmioAscend
mmioRead
mmioDescend

kernel32

FlushFileBuffers
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentDirectoryW
CreateFileA
PeekNamedPipe
GetFileInformationByHandle
GetModuleFileNameW
HeapSize
HeapReAlloc
HeapCreate
GetConsoleMode
GetConsoleCP
GetTickCount
FindFirstFileA
FindClose
DeleteFileA
RemoveDirectoryA
FindNextFileA
CopyFileA
GetLastError
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetVersionExA
Sleep
InitializeCriticalSection
QueryPerformanceFrequency
DeleteCriticalSection
ExitThread
GetCommandLineA
GetStdHandle
AllocConsole
WriteConsoleA
lstrcpyA
LoadLibraryW
GlobalLock
GlobalAlloc
LocalFree
FormatMessageA
WideCharToMultiByte
WriteFile
SetFilePointer
GetFileType
SetHandleCount
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStartupInfoW
HeapSetInformation
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
DecodePointer
EncodePointer
GetFullPathNameA
GetDriveTypeW
CloseHandle
CreateThread
GetCurrentThreadId
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapAlloc
HeapFree
GetLocalTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
SetEndOfFile
CompareStringW
GetProcessHeap
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
CreateFileW
GlobalUnlock
RaiseException
CreateDirectoryA
RtlUnwind

user32

PtInRect
MessageBoxA
IntersectRect
PostMessageA
UpdateWindow
MoveWindow
GetClientRect
GetDC
ShowWindow
GetWindowRect
FlashWindow
EndPaint
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
ReleaseDC
DestroyWindow
BeginPaint
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wvsprintfA
UnionRect
GetKeyState
SetRect
LoadIconA
LoadCursorA
RegisterClassExA
SystemParametersInfoA
OffsetRect

gdi32

BitBlt
GetTextExtentPoint32A
SetBkColor
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkMode
DeleteDC
GetDeviceCaps
TextOutA
CreateFontA
SetTextColor
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHGetFolderPathA
ShellExecuteA

ole32

CoInitialize
StringFromGUID2

shlwapi

PathAppendA

ws2_32

recv
ntohs
inet_addr
connect
select
__WSAFDIsSet
send
closesocket
WSAStartup
htons
ioctlsocket
setsockopt
socket
WSAGetLastError
inet_ntoa
htonl
gethostbyname

Sections

.text
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ed3d7054ad658f8599cf0002b64dedb

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

dsound

winmm

kernel32

user32

gdi32

comdlg32

shell32

ole32

shlwapi

ws2_32

Sections

.text Size: 375KB - Virtual size: 374KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 12KB - Virtual size: 2.1MB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 73KB - Virtual size: 72KB

.text
Size: 375KB - Virtual size: 374KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 2.1MB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 73KB - Virtual size: 72KB