1703e5ebbc31d1403506014bd585a5af9addc5a8c075dab2e456933320126049

Sharing

Copy URL Twitter E-mail

General

Target

1703e5ebbc31d1403506014bd585a5af9addc5a8c075dab2e456933320126049
Size

3.9MB
MD5

a37b81084aef667357eb3deaf2b4473f
SHA1

94cceb1332c2cd59eaa6fd5234251184ac1b66e8
SHA256

1703e5ebbc31d1403506014bd585a5af9addc5a8c075dab2e456933320126049
SHA512

6e4449b7e7d9d6c3ccbab13f6962d29b4648de29bdb9672a480bcf3ffab296ecebc132aa97fc177ef31d837bdf191aaf199aed7466fad253829dffb8d330579b
SSDEEP

98304:+vHfXjymhy44FoD2FIuNDQ2lug+mGmmnmTiykt:+vHfXOmhy44FoaFIylkt

Score

N/A

Malware Config

Signatures

Files

1703e5ebbc31d1403506014bd585a5af9addc5a8c075dab2e456933320126049
.exe windows x86

ce5ee542f4ecd6d7c95e58a70792e97a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
FindClose
FindNextFileW
CreateFileW
CreateDirectoryW
DeleteFileA
GetLastError
RemoveDirectoryW
CreateDirectoryA
CreateFileA
WriteFile
ReadFile
GetOverlappedResult
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
GetModuleHandleA
FindFirstFileA
FindNextFileA
GetCurrentThreadId
SetThreadAffinityMask
GetCurrentThread
GetModuleFileNameA
SetCurrentDirectoryA
QueryPerformanceFrequency
LoadLibraryA
QueryPerformanceCounter
FreeLibrary
GetSystemInfo
GetVersionExA
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
SetEvent
CreateEventA
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
SetFilePointer
InterlockedIncrement
InterlockedDecrement
ResetEvent
DeviceIoControl
GetWindowsDirectoryA
GetSystemDirectoryA
GetTickCount
VirtualFree
VirtualQuery
UnmapViewOfFile
OpenEventA
InterlockedExchange
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetLastError
SetWaitableTimer
CreateWaitableTimerA
OpenFile
FormatMessageA
CloseHandle
GetProcessAffinityMask
GetCurrentProcess
lstrlenA
MulDiv
WaitForMultipleObjects
ReleaseSemaphore
DuplicateHandle
CreateSemaphoreA
VirtualAlloc
GetFileInformationByHandle
SetEndOfFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
GetFileType
HeapReAlloc
GetFullPathNameA
MoveFileA
GetTimeFormatA
GetDateFormatA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
GetCurrentDirectoryA
SetStdHandle
CompareStringA
CompareStringW
GetFileAttributesA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
CreatePipe
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetExitCodeThread
ResumeThread
SetThreadPriority
SetThreadIdealProcessor
CreateThread
ExitThread
GetUserDefaultLangID
TryEnterCriticalSection
Sleep
OutputDebugStringA
CreateMutexA
GetLogicalDrives
SetErrorMode
GetDriveTypeA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetThreadPriority
EnterCriticalSection

user32

MsgWaitForMultipleObjects
RegisterWindowMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
DestroyWindow
SendMessageA
CreateWindowExA
AdjustWindowRect
SetRect
RegisterClassA
LoadIconA
GetQueueStatus
GetDC
UpdateWindow
SetWindowPos
SetWindowLongA
GetSystemMetrics
GetForegroundWindow
SetCursorPos
ClientToScreen
CharLowerBuffA
GetDesktopWindow
CloseClipboard
GetClipboardData
PostThreadMessageA
SystemParametersInfoA
ScreenToClient
ReleaseDC
SetCursor
LoadCursorA
ShowWindow
MessageBoxW
OpenClipboard
EmptyClipboard
SetClipboardData
DefWindowProcA
wsprintfA

msacm32

acmStreamPrepareHeader
acmStreamConvert
acmStreamOpen
acmStreamSize
acmFormatSuggest
acmStreamUnprepareHeader

gdi32

GetDeviceCaps
GetStockObject

advapi32

RegOpenKeyExA
SetFileSecurityW
AllocateAndInitializeSid
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetTokenInformation
OpenProcessToken
GetLengthSid
InitializeAcl
GetAce
GetFileSecurityW
SetFileSecurityA
RegOpenKeyA
RegEnumKeyA
IsTextUnicode
RegCloseKey
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
RegQueryValueExA

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoUninitialize
CoInitialize
CoFreeUnusedLibraries

winmm

waveOutClose
waveOutOpen
timeGetTime
waveOutWrite
waveOutReset
waveOutGetPosition
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveOutGetDevCapsA
waveInStart
waveInOpen
waveInClose
waveInReset
waveOutPrepareHeader
timeKillEvent
timeSetEvent
timeBeginPeriod
timeEndPeriod
mciSendCommandA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
waveOutUnprepareHeader

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

dinput8

DirectInput8Create

d3d9

Direct3DCreate9

d3dx9_42

D3DXGetImageInfoFromFileInMemory
D3DXCheckTextureRequirements
D3DXLoadVolumeFromMemory
D3DXCheckVolumeTextureRequirements
D3DXCheckCubeTextureRequirements
D3DXCreateCubeTextureFromFileInMemory
D3DXLoadSurfaceFromMemory
D3DXCreateEffect
D3DXCompileShader
D3DXGetPixelShaderProfile
D3DXFVFFromDeclarator
D3DXCreateTextureFromFileInMemoryEx
D3DXFilterTexture

ws2_32

connect
send
accept
htonl
bind
listen
socket
inet_addr
closesocket
WSAAsyncGetHostByName
htons
ioctlsocket
WSAGetLastError
WSACancelAsyncRequest
select
WSAStartup
WSACleanup
recv

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PSFD00
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 642KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.secu
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce5ee542f4ecd6d7c95e58a70792e97a

Headers

File Characteristics

Imports

kernel32

user32

msacm32

gdi32

advapi32

shell32

ole32

winmm

version

dinput8

d3d9

d3dx9_42

ws2_32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

PSFD00 Size: 8KB - Virtual size: 7KB

.rdata Size: 642KB - Virtual size: 642KB

.data Size: 193KB - Virtual size: 8.6MB

.rsrc Size: 9KB - Virtual size: 8KB

.secu Size: 337KB - Virtual size: 337KB

.text
Size: 2.7MB - Virtual size: 2.7MB

PSFD00
Size: 8KB - Virtual size: 7KB

.rdata
Size: 642KB - Virtual size: 642KB

.data
Size: 193KB - Virtual size: 8.6MB

.rsrc
Size: 9KB - Virtual size: 8KB

.secu
Size: 337KB - Virtual size: 337KB