d44185d05d527f39d054ccfcd2280bcd7beba32ae104f24ced0d026f5079c262

Sharing

Copy URL Twitter E-mail

General

Target

d44185d05d527f39d054ccfcd2280bcd7beba32ae104f24ced0d026f5079c262
Size

200KB
MD5

831198e74e9548024928236289af6c85
SHA1

2a3f24d9e4c5dd6e8b166f554163b1498a4b8436
SHA256

d44185d05d527f39d054ccfcd2280bcd7beba32ae104f24ced0d026f5079c262
SHA512

fe3c676e83de6ee0558b01a65c28d390f71c290109cdf0e11d1aee7bd77338682c1381ae7a31a434e2dfc5251efa98a9318c30d4f7f3cc8b4c9107a72c9f21e7
SSDEEP

6144:maxSKxtHdVxIKelF2iA2VQDTVPbM6Nu47AeJd8:m+DxtH7xIFEiCW6fnJd8

Score

N/A

Malware Config

Signatures

Files

d44185d05d527f39d054ccfcd2280bcd7beba32ae104f24ced0d026f5079c262
.exe windows x86

9560acbb49882f1924b548b242d986d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
GetProcessHeap
GetFullPathNameW
GetQueuedCompletionStatus
SetEndOfFile
lstrcmpiW
SetUnhandledExceptionFilter
HeapFree
GlobalLock
lstrcpyW
QueryPerformanceCounter
GetModuleFileNameA
VirtualFree
PostQueuedCompletionStatus
GetThreadPriority
GlobalAlloc
InterlockedExchange
MultiByteToWideChar
GetCurrentThread
WaitForMultipleObjects
GetSystemTimeAsFileTime
InterlockedIncrement
GetProfileIntA
DeleteCriticalSection
IsBadCodePtr
GetCurrentProcessId
GetLocaleInfoW
GetProcAddress
FreeLibrary
GetPrivateProfileStringW
lstrcpyA
GlobalUnlock
WaitForSingleObject
CreateEventW
lstrlenW
CreateFileW
CreateThread
lstrcpynW
GetDiskFreeSpaceW
ResetEvent
GetCurrentProcess
EnterCriticalSection
GetSystemInfo
lstrcmpW
GetFileSize
ReadFile
GlobalMemoryStatus
SetEvent
SetThreadPriority
MulDiv
GetVersionExW
InitializeCriticalSection
IsBadReadPtr
GetACP
GetTickCount
LoadLibraryW
ReleaseSemaphore
InterlockedDecrement
GetStartupInfoA
GetLastError
WideCharToMultiByte
LeaveCriticalSection
HeapAlloc
CloseHandle
GetFileAttributesW
WriteFile
IsBadWritePtr
lstrlenA
GlobalHandle
SetLastError
SetFilePointer
DeleteFileW
CreateIoCompletionPort
GlobalFree

user32

CreateDialogParamW
PeekMessageW
TranslateMessage
DestroyWindow
GetAsyncKeyState
DispatchMessageW
CheckDlgButton
GetDesktopWindow
GetWindowLongW
SetDlgItemTextW
MoveWindow
SetWindowLongW
LoadCursorW
SendMessageW
GetDC
EnableWindow
ClientToScreen
IsWindow
GetDlgItemInt
IsRectEmpty
DefWindowProcW
SetCursor
GetWindowRect
IsWindowVisible
ReleaseDC
SetDlgItemInt
LoadStringW
ShowWindow
CheckRadioButton
GetDlgItem
GetClientRect
InvalidateRect

winmm

mixerGetID
SendDriverMessage
waveInStop
mixerGetLineInfoW
waveInReset
mixerSetControlDetails
waveInPrepareHeader
mixerGetLineControlsW
CloseDriver
waveInUnprepareHeader
waveInGetDevCapsW
mixerClose
waveInClose
mixerGetControlDetailsW
waveInStart
waveInAddBuffer
mixerOpen
waveInOpen
OpenDriver

ole32

StringFromGUID2
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoInitialize

msvfw32

ICDecompress
ICLocate
ICOpen
ICGetInfo
ICSendMessage
ICClose

gdi32

PatBlt
GetPaletteEntries
GetTextExtentPoint32W
GetObjectW
GetStockObject
SelectObject

nddeapi

NDdeGetTrustedShareW
NDdeGetShareSecurityW
NDdeGetErrorStringA
NDdeGetShareSecurityA
NDdeIsValidAppTopicListW
NDdeIsValidShareNameA
NDdeIsValidAppTopicListA
NDdeGetTrustedShareA

ncobjapi

WmiDestroyObject
WmiCreateObjectWithProps
WmiIsObjectActive
WmiCreateObjectWithFormat
WmiEventSourceConnect
WmiCreateObject
WmiSetAndCommitObject
WmiAddObjectProp
WmiEventSourceDisconnect
WmiCommitObject

mydocs

DllGetClassObject
PerUserInit
DllCanUnloadNow

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9560acbb49882f1924b548b242d986d6

Headers

File Characteristics

Imports

kernel32

user32

winmm

ole32

msvfw32

gdi32

nddeapi

ncobjapi

mydocs

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 36KB - Virtual size: 357KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 36KB - Virtual size: 357KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 828B