f23297c06fa1218c921d409da24af50b647c4f13db28ff1a64ba574e9019c18f

Sharing

Copy URL Twitter E-mail

General

Target

f23297c06fa1218c921d409da24af50b647c4f13db28ff1a64ba574e9019c18f
Size

38KB
MD5

7b344c906b4da18e6fb04ace36a77a34
SHA1

43e4012c6ce10e4802a754218dfae4e195193710
SHA256

f23297c06fa1218c921d409da24af50b647c4f13db28ff1a64ba574e9019c18f
SHA512

748367149ad9f4d146904283c60c4917df231c66e9338d426da2ecd508fc6e754bcf5281219792557f49cb57d9f60dd0716a0a569bad6b9590e899a06e239486
SSDEEP

768:VzSM693jH/gtfXPfijGVmvpCAnWv1hKaeZACE8KTOBG1kX0ZkxDFt:tv693zgtPfijf1O1saWAS/UkxDFt

Score

N/A

Malware Config

Signatures

Files

f23297c06fa1218c921d409da24af50b647c4f13db28ff1a64ba574e9019c18f
.dll windows x86

87102c71372d007d0cde14731cb42d4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

imm32

ImmGetContext

avicap32

capCreateCaptureWindowA

winmm

waveInStop

advapi32

RegCloseKey

msvcrt

free

gdi32

BitBlt

shlwapi

StrChrA

ws2_32

listen

psapi

GetModuleFileNameExA

ole32

CreateStreamOnHGlobal

shell32

ShellExecuteA

user32

IsWindow

Exports

Exports

ServiceMain
222222222222
Qy001DoMainWSSK

Sections

.guoc
Size: 24KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocy
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guof
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guocy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gyuio
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocyo
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocyok
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87102c71372d007d0cde14731cb42d4d

Headers

File Characteristics

Imports

kernel32

imm32

avicap32

winmm

advapi32

msvcrt

gdi32

shlwapi

ws2_32

psapi

ole32

shell32

user32

Exports

Exports

Sections

.guoc Size: 24KB - Virtual size: 66KB

.guocy Size: 1024B - Virtual size: 6KB

.guof Size: 1024B - Virtual size: 2KB

guocy Size: - Virtual size: 4KB

.gyuio Size: 3KB - Virtual size: 3KB

.guocyo Size: 2KB - Virtual size: 3KB

.guocyok Size: 2KB - Virtual size: 4KB

.guoc
Size: 24KB - Virtual size: 66KB

.guocy
Size: 1024B - Virtual size: 6KB

.guof
Size: 1024B - Virtual size: 2KB

guocy
Size: - Virtual size: 4KB

.gyuio
Size: 3KB - Virtual size: 3KB

.guocyo
Size: 2KB - Virtual size: 3KB

.guocyok
Size: 2KB - Virtual size: 4KB