dfca944c7f895ec0fa8d6d709c90a20d6547f06bbdf9e9217b6456ca80e6b985

Sharing

Copy URL Twitter E-mail

General

Target

dfca944c7f895ec0fa8d6d709c90a20d6547f06bbdf9e9217b6456ca80e6b985
Size

144KB
MD5

3c6a3ce9bea2d2f4c5e13e4bff0a7616
SHA1

02ee613dcbf9e625ac94b7f7bad48fb9899e66df
SHA256

dfca944c7f895ec0fa8d6d709c90a20d6547f06bbdf9e9217b6456ca80e6b985
SHA512

03c1e5ca88210cc07f057d389134fdde6813568daf31dfc462203a9f605e40d90bc06a389997e57d1e4b2d39e60eca9322e800b3c0b000bcc4e3d3f6d3e03ee4
SSDEEP

3072:U2sRnKDqxaGxDazNUOjXQ2Ar1OhmuBKxQkAep6mIpcfioGj:0LwGxDvOjrAxqp4p6Bq

Score

N/A

Malware Config

Signatures

Files

dfca944c7f895ec0fa8d6d709c90a20d6547f06bbdf9e9217b6456ca80e6b985
.exe windows x86

13b1fe45f0d22bcf44a27a8f2e583b53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
lstrcatA
lstrcpyA
LocalFree
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateThread
SetEvent
CopyFileA
WriteFile
GetWindowsDirectoryA
CreateFileA
ReadFile
FreeLibrary
lstrcmpiA
AllocConsole
SetConsoleTitleA
GetLastError
GetProfileIntA
GetTickCount
WaitForMultipleObjects
GetThreadPriority
SetThreadPriority
InterlockedExchange
CreateSemaphoreA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
CloseHandle
DeleteFileA
CreateEventA
WaitForSingleObject
ResetEvent
Sleep
lstrlenA
SetFilePointer
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
IsBadCodePtr
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
GetCurrentProcess
TerminateProcess
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
WideCharToMultiByte
IsBadWritePtr
IsBadReadPtr
HeapValidate
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetCurrentThread
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
DebugBreak
GetStdHandle
OutputDebugStringA
LoadLibraryA
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
FatalAppExitA

user32

GetMessageA
TranslateAcceleratorA
TrackPopupMenu
GetSubMenu
GetClientRect
wsprintfA
PostMessageA
DispatchMessageA
TranslateMessage
GetQueueStatus
RegisterWindowMessageA
PostThreadMessageA
wvsprintfA
MsgWaitForMultipleObjects
LoadMenuA
UpdateWindow
EndDialog
BeginPaint
GetWindowRect
SetWindowPos
EndPaint
PostQuitMessage
DefWindowProcA
ClientToScreen
InvalidateRect
DestroyWindow
DialogBoxParamA
CreateWindowExA
ShowWindow
LoadIconA
LoadCursorA
RegisterClassExA
MessageBoxA
LoadStringA
GetSystemMenu
LoadAcceleratorsA
GetMenu
EnableMenuItem
PeekMessageA

gdi32

StretchBlt
CreateCompatibleDC
SetPixel
SelectObject
CreateCompatibleBitmap
DeleteDC
DeleteObject

comdlg32

GetSaveFileNameA

ole32

MkParseDisplayName
CreateBindCtx
CoInitialize
CoUninitialize
CoCreateInstance
CoGetMalloc
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
SysStringLen
SysFreeString

winmm

timeGetTime

ksproxy.ax

KsSynchronousDeviceControl

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13b1fe45f0d22bcf44a27a8f2e583b53

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

winmm

ksproxy.ax

advapi32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 24KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 24KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 3KB