246124d313c36599eede36de20e4c9476a1a0a24a42ca5e784f9a05f515062f0

Sharing

Copy URL Twitter E-mail

General

Target

246124d313c36599eede36de20e4c9476a1a0a24a42ca5e784f9a05f515062f0
Size

15.7MB
MD5

6c4cbabc365c75ba520945ebb0045e53
SHA1

91c0d2c1dcab4a33d5b2a9ad12110f65d45175fa
SHA256

246124d313c36599eede36de20e4c9476a1a0a24a42ca5e784f9a05f515062f0
SHA512

4a9d1e0e4d09a9a3f5b2a6c3e5a1b9bb4ceea83776c4c397ed7dfa977d779f7c60a4a16dcdaf189b6e2e002c3473dc47a85bc2b129e15d9313034af87e9267ac
SSDEEP

196608:zThFoufKlQWTbKqS2ZLMpKlehOmrGJUSUgMg5f0eprEn3BA4J6hJFjQr:zTlwTbKqLLZmEUQf0cr+3Bf6hrK

Score

N/A

Malware Config

Signatures

Files

246124d313c36599eede36de20e4c9476a1a0a24a42ca5e784f9a05f515062f0
.exe windows x86

9ab1eea13550c7396f065d0fd48a6714

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInOpen
waveInReset
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInStop
waveInStart
mixerGetLineControlsA
mixerGetControlDetailsA
mixerSetControlDetails
mixerClose
mixerGetNumDevs
mixerOpen
mixerGetLineInfoA
joyGetPosEx
joyGetDevCapsA
waveOutGetNumDevs

wintrust

WinVerifyTrust

user32

SetWindowPos
ShowWindow
GetClientRect
CreateWindowExA
RegisterClassA
LoadCursorA
SetParent
DestroyWindow
InvalidateRect
AdjustWindowRectEx
WaitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
ReleaseDC
GetDC
DrawTextExA
FillRect
InvertRect
DrawIconEx
RegisterRawInputDevices
SystemParametersInfoA
GetWindowThreadProcessId
GetWindowLongA
EnumDisplayDevicesA
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplayMonitors
GetMonitorInfoA
EnumChildWindows
IsWindow
LoadIconA
SetCursor
ValidateRect
SetActiveWindow
CallWindowProcA
CreateIconIndirect
WindowFromPoint
ScreenToClient
GetCursorPos
GetKeyboardState
ToUnicode
GetWindowRect
ClientToScreen
KillTimer
SetTimer
GetKeyState
SetFocus
SetCapture
ReleaseCapture
ClipCursor
SetCursorPos
ShowCursor
SetWindowTextA
GetWindowTextA
EnumWindows
GetRawInputData
CallNextHookEx
SetWindowsHookExA
MapVirtualKeyA
GetKeyNameTextW
ChangeDisplaySettingsA
GetSystemMetrics
MessageBoxA
GetClipboardSequenceNumber
PostQuitMessage
CloseClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
WaitForInputIdle
EndPaint
BeginPaint
PostMessageA
DefWindowProcA

gdi32

DescribePixelFormat
SwapBuffers
SetPixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
GetDeviceCaps
GetObjectA
Rectangle
CreateDIBSection
GdiFlush
SetBkColor
GetStockObject
CreateFontIndirectA
CreateSolidBrush
SetMapMode
SetBkMode
SetTextColor
CreateRectRgn
SelectClipRgn
DeleteObject
SetViewportOrgEx
OffsetViewportOrgEx
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CreateDIBitmap
ChoosePixelFormat
CreateDCA
ExtEscape

advapi32

InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyExA
RegQueryValueExW
RegCloseKey
SetSecurityDescriptorDacl
RegOpenKeyExW

shell32

ShellExecuteA

wsock32

bind
__WSAFDIsSet
accept
getpeername
htons
recv
ioctlsocket
connect
select
send
inet_ntoa
listen
socket
WSAGetLastError
closesocket

psapi

GetModuleFileNameExA

ole32

CoUninitialize
CoInitializeEx
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear

msimg32

AlphaBlend

kernel32

FindNextFileW
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
MoveFileA
DeleteFileA
RtlUnwind
GetModuleHandleW
HeapReAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
CreateFileA
GetCommandLineA
GetCurrentDirectoryW
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
MapViewOfFile
GetConsoleWindow
GetEnvironmentStringsW
InterlockedExchange
GetModuleHandleExA
CreateSemaphoreA
lstrlenW
LockResource
SizeofResource
GetStartupInfoW
GetFullPathNameA
GetFullPathNameW
lstrcmpiW
SetLastError
ReleaseSemaphore
ExitProcess
GetCommandLineW
CreateFileMappingA
UnmapViewOfFile
FindResourceW
GetFileInformationByHandle
HeapSize
VirtualAlloc
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
TlsFree
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetFileType
HeapCreate
InitializeCriticalSectionAndSpinCount
GetFileAttributesA
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LoadResource
LCMapStringW
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetComputerNameA
GetSystemTime
GetWindowsDirectoryW
GetSystemDirectoryW
OpenProcess
VirtualFree
HeapFree
GetProcessHeap
HeapAlloc
SetThreadIdealProcessor
GetProcessAffinityMask
CreatePipe
SetHandleInformation
CreateProcessA
PeekNamedPipe
GetExitCodeProcess
IsDebuggerPresent
GetLocaleInfoA
MoveFileW
DeleteFileW
CreateDirectoryW
LoadLibraryW
SetErrorMode
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
SetThreadAffinityMask
GetSystemTimeAsFileTime
QueryPerformanceCounter
SystemTimeToFileTime
CreateThread
GetCurrentProcess
GetCurrentThread
DuplicateHandle
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTickCount
Sleep
InterlockedIncrement
MulDiv
CloseHandle
OpenFileMappingA
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
LocalFree
FormatMessageA
GetVolumeInformationA
GetDiskFreeSpaceA
GetDriveTypeA
GetLastError
GetSystemInfo
GetModuleHandleA
GetVersionExA
OpenEventA
GetOverlappedResult
CreateEventA
ReadFile
SetFilePointer
GetFileSize
CreateFileW
WriteFile
GetFileTime
GetFileSizeEx
GetFileAttributesW
GlobalMemoryStatusEx
GetModuleFileNameA
VirtualQuery
IsBadWritePtr
SetEvent
ResetEvent
WaitForSingleObject
InterlockedCompareExchange
RaiseException
SetThreadPriority

steam_api

SteamRemoteStorage
SteamFriends
SteamUser
SteamApps
SteamAPI_UnregisterCallback
SteamAPI_WriteMiniDump
SteamAPI_SetMiniDumpComment
SteamUtils
SteamAPI_RunCallbacks
SteamAPI_RegisterCallback
SteamAPI_Shutdown
SteamClient
SteamAPI_RestartAppIfNecessary
SteamNetworking
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallResult
SteamUserStats
SteamMatchmakingServers
SteamMatchmaking
SteamAPI_Init

Sections

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 219KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.version
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ab1eea13550c7396f065d0fd48a6714

Headers

DLL Characteristics

File Characteristics

Imports

winmm

wintrust

user32

gdi32

advapi32

shell32

wsock32

psapi

ole32

oleaut32

msimg32

kernel32

steam_api

Sections

.text Size: 9.0MB - Virtual size: 9.0MB

.rdata Size: 6.2MB - Virtual size: 6.2MB

.data Size: 219KB - Virtual size: 740KB

.tls Size: 512B - Virtual size: 53B

.version Size: 512B - Virtual size: 4B

.rsrc Size: 301KB - Virtual size: 304KB

.text
Size: 9.0MB - Virtual size: 9.0MB

.rdata
Size: 6.2MB - Virtual size: 6.2MB

.data
Size: 219KB - Virtual size: 740KB

.tls
Size: 512B - Virtual size: 53B

.version
Size: 512B - Virtual size: 4B

.rsrc
Size: 301KB - Virtual size: 304KB