085f09a8554df4dacc563f6010f0ecbf0f62b159a58af554d20176e68a46169d

Sharing

Copy URL Twitter E-mail

General

Target

085f09a8554df4dacc563f6010f0ecbf0f62b159a58af554d20176e68a46169d
Size

106KB
MD5

80b1c9689521248e78da2e04d3c98f44
SHA1

6856522987eb05665ed269bd7dcb7425d6e020c8
SHA256

085f09a8554df4dacc563f6010f0ecbf0f62b159a58af554d20176e68a46169d
SHA512

01e31a5282545569001c0d91ffd6b691ff1c7b627ba56704cb51a5ec3d7537544b10ed883a348ba11d8f338e7a8fd4b6b58175717358acf8c891d0c148116767
SSDEEP

3072:R9XOzpCxgxn8xTLwoLuJeFzWOuV4fEJvV19yI:RUCGroCJ+FfEJvV1l

Score

N/A

Malware Config

Signatures

Files

085f09a8554df4dacc563f6010f0ecbf0f62b159a58af554d20176e68a46169d
.dll windows x86

03bc2326fc874cae3b04f197e5593986

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

kernel32

LocalAlloc
Sleep
WideCharToMultiByte
CreateDirectoryW
CloseHandle
WriteFile
CreateFileW
ReadFile
GetFileSize
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
MultiByteToWideChar
LocalFree
DisableThreadLibraryCalls
TlsAlloc
TlsGetValue
SetEvent
TlsSetValue
QueueUserAPC
WaitForSingleObject
CreateThread
CreateEventW
InterlockedIncrement
InterlockedDecrement
lstrlenW
OpenThread
GetCurrentThreadId

user32

IsDialogMessageW
wsprintfA
wsprintfW
PostMessageW
GetParent
GetAsyncKeyState
PostQuitMessage
SendMessageW
MessageBoxA
ShowWindow
CopyRect
IsDlgButtonChecked
CheckDlgButton
PostThreadMessageW
SetWindowPos
PeekMessageW
MsgWaitForMultipleObjectsEx
GetDlgItem
TranslateMessage
DispatchMessageW
IsWindow
SetPropW
GetPropW
DefWindowProcW
RemovePropW
CallWindowProcW
SetWindowLongW
GetClientRect
InvalidateRect

gdi32

SetBkColor
ExtTextOutW

ole32

OleInitialize
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemAlloc
CoInitialize
OleUninitialize

oleaut32

SysAllocString
SysFreeString
SafeArrayUnaccessData
VariantInit
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SysAllocStringLen

nscrt

free
_strdup
_wcsdup
malloc
_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
_endthread
strncpy
realloc
memcpy
wcscmp
_vsnprintf
memcmp
memset
_vsnwprintf
strcmp
calloc
wcslen
sprintf
strlen
__CxxFrameHandler
strcpy
strstr

Exports

Exports

winampGetMediaLibraryPlugin

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03bc2326fc874cae3b04f197e5593986

Headers

File Characteristics

Imports

shlwapi

rpcrt4

kernel32

user32

gdi32

ole32

oleaut32

nscrt

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text Size: 76KB - Virtual size: 76KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB