9718752a2ea85d924387473d362f1320747efc3ab61d44064807fe933b9eddb4

Sharing

Copy URL

Twitter E-mail

General

Target

9718752a2ea85d924387473d362f1320747efc3ab61d44064807fe933b9eddb4
Size

168KB
MD5

807d53fc2f4e4d8afaa98517619f7c88
SHA1

e46c69ebfc93416b9712e4a5c56888b4be492dc1
SHA256

9718752a2ea85d924387473d362f1320747efc3ab61d44064807fe933b9eddb4
SHA512

d64598e3e2bd2c436b86dfe562c87e8e5034edd5490b27fbf5f89edb57fc40c61ba73e3d1c606df3551672736b84f1ab7d2c2636c2423175af5052d859972a53
SSDEEP

3072:qgsI6be/USH6dp7QeQYYXYRqsoFuRCJPPREsNGRRHji:qgsdi/FHIp7qXYIvRpDNGRRO

Score

N/A

Malware Config

Signatures

Files

9718752a2ea85d924387473d362f1320747efc3ab61d44064807fe933b9eddb4
.dll windows x86

9684cfb14b7c4f96bb97f598f449242a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
SleepEx
QueueUserAPC
InitializeCriticalSection
CreateThread
CreateEventW
GetCurrentThread
GetVersionExW
WideCharToMultiByte
FindClose
FindFirstFileW
lstrcpynW
lstrcmpiW
WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
GetModuleHandleW
SetEvent
DeviceIoControl
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
lstrlenW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
QueryPerformanceCounter
GetLocalTime
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
RtlUnwind
CloseHandle
WaitForSingleObjectEx
TerminateThread
GetVersionExA
DeleteCriticalSection
ExitProcess

user32

wsprintfW
SendMessageW

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
PropVariantClear
CoInitializeEx
CoTaskMemFree

nscrt

_wcsdup
_wcsicmp
?terminate@@YAXXZ
free
realloc
memcpy
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
wcsstr
wcscmp
__CxxFrameHandler
memset
wcslen
wcscpy
calloc
_mktime64
_purecall
bsearch
fclose
ftell
fseek
fopen
_localtime64
_wunlink
_wcsnicmp
iswalnum
difftime
qsort
wcsrchr
_wtoi
wcschr
wcscat
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__security_error_handler

Exports

Exports

winampGetPMPDevicePlugin
winampUninstallPlugin

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9684cfb14b7c4f96bb97f598f449242a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

nscrt

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 13KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.text Size: 62KB - Virtual size: 64KB

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 13KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 62KB - Virtual size: 64KB