eda50c4ef29ea04a7f1663e77932abed4fde514bcff572704c55760a34401dfc

Sharing

Copy URL

Twitter E-mail

General

Target

eda50c4ef29ea04a7f1663e77932abed4fde514bcff572704c55760a34401dfc
Size

208KB
MD5

54ece8759819b79f711de183db558617
SHA1

76b1365ba4e8db560e6e07117a59336670f715a1
SHA256

eda50c4ef29ea04a7f1663e77932abed4fde514bcff572704c55760a34401dfc
SHA512

780f16d1b15fa2af2ef39703527ea7dad99863a07d8da84db699e7b683b18a7949e63b2c6be69490b516c20a3cfaae817b47c499e064abea0bd9250b8b030c88
SSDEEP

6144:vRzoVpB4O78tNaYbCOBFyGqFtOVxoLnb7Se:doVpBXgyciLOVxoX9

Score

N/A

Malware Config

Signatures

Files

eda50c4ef29ea04a7f1663e77932abed4fde514bcff572704c55760a34401dfc
.exe windows x86

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

WaitForUserPolicyForegroundProcessing
DeleteProfileA
RsopSetPolicySettingStatus
UnregisterGPNotification
UnloadUserProfile
WaitForMachinePolicyForegroundProcessing

winmm

SendDriverMessage
mixerSetControlDetails
waveInUnprepareHeader
mixerGetLineInfoW
waveInStart
waveInClose
waveInStop
mixerOpen
mixerGetID
OpenDriver
waveInReset
mixerGetControlDetailsW
mixerClose
waveInPrepareHeader
mixerGetLineControlsW
waveInOpen
waveInAddBuffer
waveInGetDevCapsW

user32

GetDlgItem
DefWindowProcW
ShowWindow
GetDC
TranslateMessage
LoadStringW
SetDlgItemTextW
CheckRadioButton
IsRectEmpty
CreateDialogParamW
GetAsyncKeyState
PeekMessageW
EnableWindow
IsWindowVisible
GetDesktopWindow
GetWindowLongW
DestroyWindow
SendMessageW
SetWindowLongW
GetClientRect
ReleaseDC
DispatchMessageW
LoadCursorW
CheckDlgButton
InvalidateRect
ClientToScreen
GetWindowRect
GetDlgItemInt
SetCursor
SetDlgItemInt
MoveWindow
IsWindow

kernel32

GetCurrentProcessId
InterlockedIncrement
GlobalFree
SetEndOfFile
ReleaseSemaphore
GlobalAlloc
GetTickCount
GetFileSize
GetFileAttributesW
GetTimeZoneInformation
GetDiskFreeSpaceW
CreateEventW
lstrcpynW
GetProcAddress
GetSystemDefaultLangID
lstrcmpW
WaitForMultipleObjects
GetProfileIntA
GetLocaleInfoA
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
SetThreadPriority
GetSystemTimeAsFileTime
GetModuleFileNameA
SetEvent
InterlockedExchange
IsBadReadPtr
CreateFileW
lstrlenW
WideCharToMultiByte
lstrcpyA
CreateIoCompletionPort
IsBadWritePtr
GetVersionExW
GetLastError
OutputDebugStringW
SetUnhandledExceptionFilter
DeleteFileW
WriteFile
IsBadCodePtr
PostQueuedCompletionStatus
GetProcessHeap
HeapFree
EnterCriticalSection
GetFullPathNameW
CreateThread
GetQueuedCompletionStatus
LeaveCriticalSection
WaitForSingleObject
GetCurrentProcess
GetSystemInfo
ResetEvent
GlobalUnlock
GlobalHandle
VirtualFree
GetACP
GlobalMemoryStatus
ReadFile
MulDiv
GetPrivateProfileStringW
GetThreadPriority
FreeLibrary
lstrcpyW
SetFilePointer
CreateSemaphoreW
lstrcmpiW
InterlockedDecrement
InitializeCriticalSection
GlobalLock
DeleteCriticalSection
GetCurrentThread
HeapAlloc
LoadLibraryW
CloseHandle

ole32

CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize

ncobjapi

WmiEventSourceDisconnect
WmiCommitObject
WmiCreateObjectWithProps
WmiAddObjectProp
WmiSetAndCommitObject
WmiDestroyObject
WmiCreateObjectWithFormat
WmiCreateObject
WmiIsObjectActive
WmiEventSourceConnect

gdi32

GetObjectW
GetTextExtentPoint32W
SelectObject
PatBlt
GetPaletteEntries
GetStockObject

nddeapi

NDdeIsValidAppTopicListW
NDdeGetShareSecurityA
NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetTrustedShareW
NDdeIsValidShareNameA
NDdeGetErrorStringA
NDdeIsValidAppTopicListA

msvfw32

ICSendMessage
ICDecompress
ICClose
ICLocate
ICGetInfo
ICOpen

usp10

ScriptGetCMap
ScriptGetFontProperties
ScriptGetGlyphABCWidth
ScriptFreeCache
ScriptApplyLogicalWidth
ScriptCacheGetHeight
ScriptCPtoX
ScriptBreak
LpkPresent

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

Imports

userenv

winmm

user32

kernel32

ole32

ncobjapi

gdi32

nddeapi

msvfw32

usp10

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 28KB - Virtual size: 477KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 28KB - Virtual size: 477KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 904B