87d2eaa67ae38332c4444940f0e15f895b3cb909377d89e95a364a1897efdb5e

Sharing

Copy URL Twitter E-mail

General

Target

87d2eaa67ae38332c4444940f0e15f895b3cb909377d89e95a364a1897efdb5e
Size

628KB
MD5

0cb0ea4f913a1569e56e8c44b0d0f6f0
SHA1

a92feab6079d158bf780fcf995b9e06e2058ef1d
SHA256

87d2eaa67ae38332c4444940f0e15f895b3cb909377d89e95a364a1897efdb5e
SHA512

15e5025c960de9e4859108e264f7f7399c5a12a907952e763d7e369ef639e3e842e0f315fde15e0043b91cd9ba31b7813455ba15975a0a28f63403065de2d30b
SSDEEP

12288:BhwKID1ZRc5p6HoQ7DQthuouhQ0cP63RvheVkVLlFJDZPaGF:BhqxLc5pKawoQQ0cPwRIVkVZFBZPaGF

Score

N/A

Malware Config

Signatures

Files

87d2eaa67ae38332c4444940f0e15f895b3cb909377d89e95a364a1897efdb5e
.exe windows x86

6ad391d863180820ab79c6771f0d0f5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ifc22

??1CImmProject@@QAE@XZ
??1CImmCompoundEffect@@QAE@XZ
?OpenFile@CImmProject@@QAEHPBDPAVCImmDevice@@@Z
??0CImmProject@@QAE@XZ
?Start@CImmCompoundEffect@@QAEHKK@Z
?Start@CImmProject@@QAEHPBDKKPAVCImmDevice@@@Z
?Stop@CImmProject@@QAEHPBD@Z
??0CImmDevices@@QAE@XZ
?CreateDevices@CImmDevices@@QAEJPAUHINSTANCE__@@PAUHWND__@@JW4IMM_ENUMERATE@@W4IMM_ENUMERATE_PREFERENCE@@@Z
?GetDevice@CImmDevices@@QAEPAVCImmDevice@@J@Z
??1CImmDevices@@QAE@XZ

ws2_32

gethostname
htonl
WSAStartup
recvfrom
WSAGetLastError
socket
setsockopt
getsockname
htons
bind
sendto
closesocket
gethostbyname

dinput8

DirectInput8Create

quartz

AMGetErrorTextA

winmm

timeGetTime

kernel32

SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateMutexA
CloseHandle
ReleaseMutex
WaitForSingleObject
GetCurrentDirectoryA
FreeLibrary
LoadLibraryA
GetProcAddress
GetStdHandle
QueryPerformanceFrequency
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
CreateThread
FindFirstFileA
GetSystemDirectoryA
FindNextFileA
FindClose
GetLastError
CreateFileA
CreateDirectoryA
SetFilePointer
ReadFile
WriteFile
GetFileSize
GetFileInformationByHandle
SetEndOfFile
SetFileAttributesA
SetFileTime
GetFileAttributesA
DeleteFileA
MoveFileA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CompareStringW
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
HeapSize
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetVersion
GetStartupInfoA
GetDriveTypeA
GetFileType
FlushFileBuffers
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
QueryPerformanceCounter
GetFullPathNameA
SetCurrentDirectoryA
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime

user32

GetClientRect
MessageBoxA
ShowCursor
DrawTextA
GetDC
ReleaseDC
MapVirtualKeyA
LoadImageA
GetDesktopWindow
SetWindowLongA
AdjustWindowRect
SetWindowPos
ShowWindow
UpdateWindow
SetFocus
ClientToScreen
DefWindowProcA
PostQuitMessage
SendMessageA
GetMessageA
TranslateAcceleratorA
LoadIconA
LoadCursorA
RegisterClassA
SetRect
CreateWindowExA
GetWindowLongA
GetWindowRect
GetAsyncKeyState
GetCursorPos
PeekMessageA
TranslateMessage
DispatchMessageA
GetKeyState
SetCursorPos

gdi32

GetStockObject
DeleteObject
DeleteDC
GetPixel
SelectObject
CreateCompatibleDC
GetObjectA
GetGlyphOutlineA
CreateFontA
SetBkMode
SetBkColor
SetTextColor
CreateDIBSection
CreatePalette

ole32

StringFromGUID2
CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 496KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ad391d863180820ab79c6771f0d0f5b

Headers

File Characteristics

Imports

ifc22

ws2_32

dinput8

quartz

winmm

kernel32

user32

gdi32

ole32

Sections

.text Size: 496KB - Virtual size: 494KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 64KB - Virtual size: 641KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 496KB - Virtual size: 494KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 64KB - Virtual size: 641KB

.rsrc
Size: 40KB - Virtual size: 39KB