c5a8da3ee0c231b383ff0b6d1be48a6da06c4b2b9642d8bfabd7dc4d9e88b38d

Sharing

Copy URL Twitter E-mail

General

Target

c5a8da3ee0c231b383ff0b6d1be48a6da06c4b2b9642d8bfabd7dc4d9e88b38d
Size

787KB
MD5

9332699508c24602e0e4fecd318f00c0
SHA1

4dc0111c5ffca1cab1993111e6844cfb96a4fc50
SHA256

c5a8da3ee0c231b383ff0b6d1be48a6da06c4b2b9642d8bfabd7dc4d9e88b38d
SHA512

502f833129a203279885ee440f60f6b9983054a2a2fe1cf09a57a4edc21c656982da486d2c26073f568fc512a968c7d3342f14050175a5966f90d86478e54f6b
SSDEEP

12288:+nti96374+dOJmJHo8z8w8V7mxire+zuXIksXM4BpggtfVnvGGim/EGG35Bid:19m4+dOcu/V7SiXq4dpggtVuGiWEppB0

Score

N/A

Malware Config

Signatures

Files

c5a8da3ee0c231b383ff0b6d1be48a6da06c4b2b9642d8bfabd7dc4d9e88b38d
.exe windows x86

537f2b1c7419deb1ba0dd25446b80a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
ResetEvent
GetCurrentThread
SetPriorityClass
SetEvent
GetCurrentProcess
OpenEventA
GetVersionExA
GetModuleHandleA
CreateEventA
WaitForSingleObject
GetDiskFreeSpaceA
WinExec
GetPrivateProfileIntA
WritePrivateProfileStringA
FindNextFileA
WriteFile
GetTickCount
_hwrite
CreateThread
GetPrivateProfileStringA
lstrcatA
lstrlenA
SetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
CreateFileA
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
GetStringTypeW
GetStringTypeA
LCMapStringW
WideCharToMultiByte
SetThreadPriority
ResumeThread
_lcreat
FindFirstFileA
FindClose
GetModuleFileNameA
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalSize
GlobalLock
_lwrite
FlushFileBuffers
OpenFile
_hread
lstrcmpA
OutputDebugStringA
lstrcmpiA
DeleteFileA
SetFilePointer
SetEndOfFile
GetLocaleInfoW
_lread
_llseek
_lclose
lstrcpyA
ReadFile
CloseHandle
_lopen
LoadLibraryA
GetLocaleInfoA
RaiseException
HeapDestroy
LCMapStringA
MultiByteToWideChar
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetProcAddress
GetVersion
GetCommandLineA
GetStartupInfoA

user32

wsprintfA
GetFocus
MessageBoxA
BeginPaint
SetCursorPos
ReleaseDC
GetDC
SetCursor
LoadCursorA
GetClientRect
IsIconic
SetCapture
ReleaseCapture
ShowCursor
MessageBeep
OffsetRect
ClientToScreen
PostMessageA
SetWindowPos
LoadImageA
GetWindowLongA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
SendMessageA
GetActiveWindow
UpdateWindow
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
RegisterClassA
CreateWindowExA

gdi32

CreateSolidBrush
GetPixel
SetPixel
StretchBlt
CreatePen
LineTo
MoveToEx
SetTextColor
SetBkMode
TextOutA
GetStockObject
CreateFontA
CreatePalette
GetObjectA
RealizePalette
SelectPalette
CreateCompatibleDC
BitBlt
SelectObject
DeleteDC
CreateDIBSection
DeleteObject
Rectangle

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ddraw

DirectDrawCreate

dsound

DirectSoundCreate

dplayx

ord1
ord2

winmm

timeGetTime
mixerOpen
mixerGetNumDevs
mixerClose
mixerSetControlDetails
mixerGetLineInfoA
mixerGetDevCapsA
mixerGetControlDetailsA
mixerGetLineControlsA
timeSetEvent
timeKillEvent
joySetThreshold
joyGetDevCapsA
joyReleaseCapture
joySetCapture
mciSendStringA
mciSendCommandA
joyGetPos
joyGetNumDevs

rwl21

ord154
ord319
ord371
ord424
ord277
ord100
ord56
ord345
ord304
ord377
ord17
ord362
ord147
ord427
ord293
ord500
ord72
ord142
ord172
ord509
ord308
ord515
ord363
ord357
ord275
ord314
ord134
ord135
ord36
ord375
ord374
ord428
ord208
ord51
ord161
ord231
ord222
ord223
ord168
ord115
ord260
ord473
ord518
ord361
ord318
ord18
ord38
ord58
ord171
ord391
ord516
ord138
ord366
ord376
ord352
ord212
ord368
ord130
ord182
ord158
ord210
ord98
ord167
ord384
ord510
ord327
ord74
ord181
ord467
ord465
ord228
ord461
ord458
ord456
ord336
ord441
ord444
ord435
ord436
ord443
ord10
ord393
ord33
ord519
ord524
ord31
ord170
ord179
ord279
ord348
ord489
ord278
ord425
ord420
ord422
ord415
ord118
ord426
ord41
ord332
ord235
ord262
ord330
ord61
ord68
ord64
ord234
ord236
ord30
ord92
ord386
ord324
ord299
ord95
ord437
ord220
ord205
ord203
ord201
ord197
ord204
ord199
ord196
ord287
ord418
ord414
ord380
ord507
ord133
ord25
ord110
ord284
ord136
ord301
ord382
ord570
ord402
ord569
ord66
ord495
ord45
ord42
ord144
ord292
ord62
ord372
ord37
ord50
ord57
ord19
ord487
ord140
ord81
ord283
ord55
ord429
ord126
ord27
ord70
ord91
ord159
ord423
ord43
ord504
ord76
ord48
ord383
ord148
ord497
ord297
ord282
ord291
ord315
ord523
ord290
ord156
ord486
ord354
ord321
ord93
ord421
ord320
ord116
ord23
ord381
ord502
ord60
ord337
ord6
ord406
ord40
ord501
ord450
ord242
ord390
ord369

Sections

.text
Size: 588KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

537f2b1c7419deb1ba0dd25446b80a42

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ddraw

dsound

dplayx

winmm

rwl21

Sections

.text Size: 588KB - Virtual size: 587KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 32KB - Virtual size: 2.4MB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 145KB - Virtual size: 148KB

.text
Size: 588KB - Virtual size: 587KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 32KB - Virtual size: 2.4MB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 145KB - Virtual size: 148KB