012d3638987310681a80ba5c1c90f812a28764cab133410aac15a6050ab7db7b

Sharing

Copy URL Twitter E-mail

General

Target

012d3638987310681a80ba5c1c90f812a28764cab133410aac15a6050ab7db7b
Size

928KB
MD5

692764e088b95c0aac0234d205fbe550
SHA1

f085c1141371fe8bae6d3998b44737e1c2d1d65b
SHA256

012d3638987310681a80ba5c1c90f812a28764cab133410aac15a6050ab7db7b
SHA512

3ef6c8af1f465b9d0aa7972441b5986d4340c97c387758e100ee33b901196b32c6833577442373dd4934bb9d177400c0561e1acf4d82133c7adad2060347206f
SSDEEP

24576:CsJ7Cc3pDB1ZsRtgHujvKEDRSUo34QA6iTFEcwPaGc:CsUkpbZlGsUs2NTvGaF

Score

N/A

Malware Config

Signatures

Files

012d3638987310681a80ba5c1c90f812a28764cab133410aac15a6050ab7db7b
.exe windows x86

14cb1a7c24d548f071eec5185198a2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdiplusStartup
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipDeletePen
GdipCreatePen1
GdiplusShutdown
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipGraphicsClear
GdipDrawRectangleI
GdipCloneImage
GdipCreateHBITMAPFromBitmap

wmvcore

WMCreateSyncReader

wininet

FtpSetCurrentDirectoryA
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryDataAvailable
InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenUrlA
InternetOpenA
InternetGetConnectedState
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectA
FtpCreateDirectoryA
InternetWriteFile
FtpOpenFileA

kernel32

TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileAttributesA
GetFileTime
SetErrorMode
GetCurrentDirectoryA
RtlUnwind
CreateThread
ExitThread
ExitProcess
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GetLocalTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetDriveTypeA
LocalReAlloc
IsBadCodePtr
SetEnvironmentVariableA
GetProfileStringA
InterlockedExchange
DeleteFileA
CreateDirectoryA
lstrcatA
lstrcpyA
GetTickCount
GetProcAddress
lstrcmpA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
lstrlenW
CloseHandle
TerminateThread
WaitForSingleObject
CreateProcessA
CopyFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
GetFileSize
CreateFileA
FreeLibrary
LoadLibraryA
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
RemoveDirectoryA
GetModuleFileNameA
GetVolumeInformationA
SuspendThread
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetCurrentThread
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
lstrcpynA
SetLastError
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
FindResourceA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetACP
SizeofResource
LoadResource
LockResource
FormatMessageA
LocalAlloc
LocalFree
InterlockedDecrement
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetFullPathNameA
MulDiv
GetLastError
GetVersion
GetVersionExA
FindFirstFileA
FindNextFileA
FindClose
TerminateProcess
GetEnvironmentVariableA
IsBadReadPtr

user32

SetWindowContextHelpId
PostQuitMessage
CharUpperA
GetMessageA
ValidateRect
DestroyMenu
LoadStringA
CharNextA
InflateRect
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
MapDialogRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
PtInRect
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowPos
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetSysColorBrush
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
DestroyWindow
GetDlgItem
wsprintfA
SystemParametersInfoA
GetClassNameA
GetSubMenu
GetFocus
LoadBitmapA
CopyRect
GetParent
LockWindowUpdate
GrayStringA
EnableWindow
SendMessageA
SetTimer
KillTimer
RedrawWindow
GetWindow
IsWindowVisible
ClientToScreen
ReleaseCapture
GetWindowTextA
PostThreadMessageA
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetCapture
GetDesktopWindow
UpdateWindow
RegisterClipboardFormatA
SetCursor
LoadCursorA
ScreenToClient
WindowFromPoint
InvalidateRect
PostMessageA
ReleaseDC
GetDC
GetWindowRect
MessageBoxA
DispatchMessageA
TranslateMessage
PeekMessageA
UnregisterClassA
DrawTextA
TabbedTextOutA
IsWindow
GetSysColor
ShowWindow
SetWindowRgn
GetCursorPos
IsWindowEnabled
GetWindowLongA
SetWindowLongA
SetRect
OffsetRect
SetForegroundWindow
RegisterWindowMessageA
LoadIconA

gdi32

SetBkColor
GetDeviceCaps
GetClipBox
CreateBitmap
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
PatBlt
GetTextColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Polyline
LPtoDP
GetMapMode
DPtoLP
GetBkColor
CreatePen
SetTextColor
CreateFontIndirectA
CreateRectRgn
CreateCompatibleBitmap
GetTextExtentPoint32A
CreateSolidBrush
CreateCompatibleDC
GetObjectA
CreateDIBSection
SelectObject
BitBlt
DeleteDC
GetTextExtentPointA
CreateDIBitmap
DeleteObject
CombineRgn
ExtCreateRegion

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

comctl32

ImageList_DragEnter
ImageList_GetImageCount
ImageList_Remove
ImageList_SetImageCount
ord17
ImageList_DragLeave
ImageList_EndDrag
ImageList_SetBkColor
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_Replace

oledlg

ord8

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
VarDateFromStr
SysAllocStringByteLen
VariantChangeType
VariantCopy
VariantClear
SysAllocString
SysFreeString
SysAllocStringLen

wsock32

WSACleanup
send
gethostbyname
WSAStartup
recv
closesocket
socket
connect
setsockopt
htons

mediamaker

??0CMediaMaker@@QAE@XZ
?Active@CMediaMaker@@QAE_NXZ
?GetMicLevel@CMediaMaker@@QAE_NPAH@Z
?GetDuration@CMediaMaker@@QAE_NPA_J@Z
?GetCurrentPosition@CMediaMaker@@QAE_NPA_J@Z
?GetACPCurrentPosition@CMediaMaker@@QAE_NPA_J@Z
?GetWritingProgress@CMediaMaker@@QAE_NPAM@Z
?SwitchChannel@CMediaMaker@@QAE_NH@Z
?SetEqType@CMediaMaker@@QAE_NI@Z
?SetReverbType@CMediaMaker@@QAE_NI@Z
?AdjustVolume@CMediaMaker@@QAE_NH@Z
?OpenFile@CMediaMaker@@QAE_NPBD_N@Z
?Stop@CMediaMaker@@QAE_NXZ
?ResetImageFiles@CMediaMaker@@QAEXXZ
?AddImageFile@CMediaMaker@@QAEXPBD@Z
?Build@CMediaMaker@@QAE_NHH@Z
?Run@CMediaMaker@@QAE_NXZ
?SetLyShowPos@CMediaMaker@@QAE_NN@Z
?SetAccompanyFileName@CMediaMaker@@QAEXPBD@Z
?SetAccompanyFileNameA@CMediaMaker@@QAEXPBD@Z
?SetAccompanyFileNameO@CMediaMaker@@QAEXPBD@Z
?SetLyricFileName@CMediaMaker@@QAEXPBD@Z
?SetOriginalChannel@CMediaMaker@@QAEXH@Z
?SetTitle@CMediaMaker@@QAEXPBD@Z
?SetAuthor@CMediaMaker@@QAEXPBD@Z
?SetLogoFileName@CMediaMaker@@QAEXPBD@Z
?SetScreenWnd@CMediaMaker@@QAEXPAUHWND__@@@Z
?SetNotifyWnd@CMediaMaker@@QAEXPAUHWND__@@@Z
?SetWorkDir@CMediaMaker@@QAEXPBD@Z
?SetAudioCaptureDevName@CMediaMaker@@QAEXPBD@Z
?SetVideoCaptureDevName@CMediaMaker@@QAEXPBD@Z
??1CMediaMaker@@QAE@XZ

winmm

waveInGetDevCapsA
waveInGetNumDevs
timeGetTime
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeSetEvent
timeKillEvent

shlwapi

StrToIntA

Exports

Exports

??4CDRMWriterManager@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 608KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14cb1a7c24d548f071eec5185198a2fc

Headers

File Characteristics

Imports

gdiplus

wmvcore

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

mediamaker

winmm

shlwapi

Exports

Exports

Sections

.text Size: 608KB - Virtual size: 604KB

.rdata Size: 204KB - Virtual size: 200KB

.data Size: 52KB - Virtual size: 94KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 608KB - Virtual size: 604KB

.rdata
Size: 204KB - Virtual size: 200KB

.data
Size: 52KB - Virtual size: 94KB

.rsrc
Size: 60KB - Virtual size: 59KB