5b55a5b038beb133d614a17fc9e17770d4983a5b792a89914871ace355871c52

Sharing

Copy URL Twitter E-mail

General

Target

5b55a5b038beb133d614a17fc9e17770d4983a5b792a89914871ace355871c52
Size

1.2MB
MD5

0758be6a204cbb5042969c8ec08f7b60
SHA1

fbe31c9cbb133aa6ffaf54fde6af243efe677ee6
SHA256

5b55a5b038beb133d614a17fc9e17770d4983a5b792a89914871ace355871c52
SHA512

6cc438eef6e38fef84798f4b1c49602f3fce4cf7df1b7c455cdefad7d28cd2734c350fb847cd96f7b74f74490b4b761d2ed90559c2be595ab3560c1d95e8ff86
SSDEEP

24576:68YCDEDQYRGMr5IkR2/Kjf5Q4OTVURqCTjo72VtIoOFdT:6OE31f5LqCY72Vt

Score

N/A

Malware Config

Signatures

Files

5b55a5b038beb133d614a17fc9e17770d4983a5b792a89914871ace355871c52
.exe windows x86

f02a62891e41a0955d1182a32b38abc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetCurrentDirectoryA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
GetCurrentProcessId
QueryPerformanceCounter
WinExec
GetTickCount
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
ReadFile
SetFilePointer
FlushFileBuffers
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
TlsAlloc
SetLastError
TlsFree
GetStringTypeW
GetStringTypeA
CompareStringW
CompareStringA
Sleep
SetThreadPriority
GetCurrentThread
OutputDebugStringA
MultiByteToWideChar
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
GetModuleFileNameA
DeleteFileA
GetCurrentThreadId
MulDiv
CloseHandle
GetFileTime
CreateFileA
SetUnhandledExceptionFilter
GetCurrentProcess
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualQuery
GetVersionExA
IsBadWritePtr
GetLastError
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLocaleInfoA
RtlUnwind
RaiseException
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
IsBadReadPtr
GetSystemTimeAsFileTime
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
ExitProcess
TerminateProcess
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA

user32

ClipCursor
ClientToScreen
GetClientRect
ShowCursor
MessageBoxA
SetCursorPos
GetWindowRect
GetSysColor
SendMessageA
GetMessageA
PostQuitMessage
DrawTextExA
GetDC
ReleaseDC
OffsetRect
LoadIconA
RegisterClassA
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
GetClipboardData
SetWindowLongA
DestroyWindow
AdjustWindowRect
CreateWindowExA
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA
GetCursorPos
WindowFromPoint
SetCapture
ReleaseCapture
ShowWindow
CloseWindow
GetWindowPlacement
SetFocus
SetCursor
LoadCursorA
CloseClipboard
SetClipboardData
OpenClipboard

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

winmm

timeEndPeriod
mixerSetControlDetails
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerClose
timeBeginPeriod
timeGetTime

ddraw

DirectDrawCreate

wsock32

WSAGetLastError
send
connect
WSAStartup
socket
ioctlsocket
gethostbyname
htons
shutdown
closesocket
WSACleanup
recv

dsound

ord1

fmod

_FSOUND_Sample_GetLength@4
_FSOUND_Sample_Lock@28
_FSOUND_Sample_Unlock@20
_FMUSIC_IsPlaying@4
_FSOUND_IsPlaying@4
_FMUSIC_SetPaused@8
_FSOUND_SetPaused@8
_FMUSIC_SetLooping@8
_FMUSIC_PlaySong@4
_FMUSIC_SetOrder@8
_FSOUND_PlaySound@8
_FSOUND_SetLoopMode@8
_FMUSIC_SetMasterVolume@8
_FSOUND_Sample_GetMode@4
_FSOUND_Sample_Load@16
_FSOUND_Sample_SetLoopPoints@12
_FSOUND_Sample_Free@4
_FSOUND_Sample_Alloc@28
_FMUSIC_LoadSong@4
_FSOUND_Init@12
_FSOUND_StopSound@4
_FMUSIC_StopSong@4
_FSOUND_SetVolume@8
_FSOUND_SetHWND@4
_FSOUND_Close@0
_FSOUND_Sample_GetDefaults@20

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

SelectObject
SetBkMode
DeleteObject
CreateSolidBrush
IntersectClipRect
SetTextColor
TextOutA
GetDeviceCaps
CreateFontA
GetTextMetricsA
CreateFontIndirectA
GetObjectA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 776KB - Virtual size: 773KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f02a62891e41a0955d1182a32b38abc2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

ddraw

wsock32

dsound

fmod

version

gdi32

shell32

ole32

oleaut32

Sections

.text Size: 776KB - Virtual size: 773KB

.rdata Size: 140KB - Virtual size: 137KB

.data Size: 20KB - Virtual size: 241KB

.rsrc Size: 28KB - Virtual size: 26KB

.tc Size: 244KB - Virtual size: 244KB

.text
Size: 776KB - Virtual size: 773KB

.rdata
Size: 140KB - Virtual size: 137KB

.data
Size: 20KB - Virtual size: 241KB

.rsrc
Size: 28KB - Virtual size: 26KB

.tc
Size: 244KB - Virtual size: 244KB