20dca055650a00b558b367d16f2bbc62108d9ac13ecee078685d6c310500fc51

Sharing

Copy URL Twitter E-mail

General

Target

20dca055650a00b558b367d16f2bbc62108d9ac13ecee078685d6c310500fc51
Size

724KB
MD5

0d71f363b1685e3662bf627c6bc2b73a
SHA1

7d22cdf2b86c386ba475e45ba075af4dd6726630
SHA256

20dca055650a00b558b367d16f2bbc62108d9ac13ecee078685d6c310500fc51
SHA512

8544880ccf6915f7355ee338fb5972b13db77bf560e9fefcc42f9afbf3f9b9791fbb871d7737c08abe6722cc6c03e4214ecdb8cfa3d044e47b532795244fcdab
SSDEEP

12288:N+26nL64w63XFQ6sR2R7j3wJe0yslDz1ZYfuc3FcEPaGy:T6nGm31Q6WkgJLzDpZYfuY9PaGy

Score

N/A

Malware Config

Signatures

Files

20dca055650a00b558b367d16f2bbc62108d9ac13ecee078685d6c310500fc51
.exe windows x86

43a73dbd5014535344fd23549d93204b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
ReleaseMutex
CreateMutexA
GetLastError
DeleteFileA
GetDriveTypeA
LocalAlloc
LocalFree
lstrcpyA
lstrcatA
LoadLibraryA
FreeLibrary
GetProcAddress
Sleep
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
GetLocalTime
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExA
GetFullPathNameA
LeaveCriticalSection
GetOEMCP
GetACP
CompareStringA
ExitThread
RaiseException
TerminateProcess
GetCurrentProcess
CloseHandle
HeapSize
HeapDestroy
HeapReAlloc
VirtualFree
DeleteCriticalSection
HeapCreate
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
ReadFile
SetFilePointer
WriteFile
GetFileType
TlsAlloc
GetCurrentThreadId
TlsGetValue
InterlockedDecrement
SetLastError
SetEnvironmentVariableW
SetEnvironmentVariableA
InterlockedIncrement
SetThreadPriorityBoost
EnterCriticalSection
HeapAlloc
GetSystemTimeAsFileTime
RtlUnwind
GetModuleHandleA
SetThreadPriority
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
ResumeThread
CreateThread
TlsSetValue
InitializeCriticalSection
GetCurrentThread
GetModuleFileNameA
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
CreateProcessA
FreeEnvironmentStringsW
CompareStringW
GetCPInfo
HeapFree
SetEndOfFile
GetEnvironmentStrings
IsBadCodePtr
LCMapStringW
LCMapStringA
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetEnvironmentStringsW
GetStringTypeA
SetStdHandle
FlushFileBuffers
CreateFileA

user32

RegisterClassA
ChangeDisplaySettingsA
GetCursorPos
GetClientRect
ClipCursor
EnumDisplaySettingsA
SetCursorPos
ClientToScreen
SetWindowsHookExA
SystemParametersInfoA
UnhookWindowsHookEx
ScreenToClient
CallNextHookEx
GetAsyncKeyState
FillRect
ShowWindow
DrawTextA
PtInRect
MessageBoxA
OffsetRect
SetWindowPos
ReleaseDC
GetDC
SetRect
CreateWindowExA
AdjustWindowRect
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowLongA
TranslateMessage
PeekMessageA
BeginPaint
GetKeyboardLayout
EndPaint
DefWindowProcA
ShowCursor
LoadCursorA
GetMessageA
UnregisterClassA
GetWindowRect

gdi32

DeleteObject
BitBlt
StretchBlt
CreateDIBSection
DeleteDC
CreateHatchBrush
SwapBuffers
CreateCompatibleDC
SetPixelFormat
SelectObject
CreateFontA
SetBkMode
SetTextColor
CreateSolidBrush
SetStretchBltMode
GetTextExtentPoint32A
ChoosePixelFormat

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

winmm

timeGetTime

ws2_32

htons
ioctlsocket
setsockopt
WSARecv
WSASend
WSASocketA
WSAStartup
WSAGetLastError
shutdown
bind
closesocket
accept
__WSAFDIsSet
listen
connect
WSACleanup
select
gethostname
inet_addr
gethostbyname
recvfrom
sendto
inet_ntoa
htonl

d3d8

Direct3DCreate8

imm32

ImmGetCandidateListA
ImmGetVirtualKey
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringA
ImmIsIME
ImmGetDescriptionA

ijl15

ord3
ord2
ord5
ord4

mss32

_AIL_set_3D_sample_file@8
_AIL_stop_3D_sample@4
_AIL_release_3D_sample_handle@4
_AIL_open_stream@12
_AIL_stop_sample@4
_AIL_release_sample_handle@4
_AIL_close_stream@4
_AIL_close_3D_listener@4
_AIL_close_digital_driver@4
_AIL_set_stream_volume@8
_AIL_end_sample@4
_AIL_startup@0
_AIL_open_digital_driver@16
_AIL_last_error@0
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_sample_handle@4
_AIL_open_3D_listener@4
_AIL_set_digital_master_volume@8
_AIL_enumerate_3D_providers@12
_AIL_pause_stream@8
_AIL_close_3D_provider@4
_AIL_sample_status@4
_AIL_register_stream_callback@8
_AIL_start_stream@4
_AIL_set_redist_directory@4
_AIL_shutdown@0
_AIL_open_3D_provider@4
_AIL_set_3D_position@16
_AIL_set_3D_orientation@28
_AIL_decompress_ADPCM@12
_AIL_WAV_info@8
_AIL_decompress_ASI@24
_AIL_mem_free_lock@4
_AIL_file_type@8
_AIL_file_read@8
_AIL_file_size@4
_AIL_start_3D_sample@4
_AIL_auto_update_3D_position@8
_AIL_set_3D_velocity@20
_AIL_set_3D_sample_loop_count@8
_AIL_set_3D_sample_distances@12
_AIL_set_3D_sample_volume@8
_AIL_start_sample@4
_AIL_set_sample_loop_count@8
_AIL_set_sample_volume@8
_AIL_3D_sample_status@4
_AIL_end_3D_sample@4
_AIL_set_sample_file@12

binkw32

_BinkClose@4
_BinkBufferOpen@16
_BinkOpenDirectSound@4
_BinkBufferClose@4
_BinkBufferSetScale@12
_BinkWait@4
_BinkBufferSetResolution@12
_BinkOpen@8
_BinkGetRects@8
_BinkNextFrame@4
_BinkBufferBlit@12
_BinkBufferLock@4
_BinkBufferUnlock@4
_BinkCopyToBuffer@28
_BinkDoFrame@4
_BinkSetSoundSystem@8
_BinkOpenMiles@4

Sections

.text
Size: 608KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43a73dbd5014535344fd23549d93204b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winmm

ws2_32

d3d8

imm32

ijl15

mss32

binkw32

Sections

.text Size: 608KB - Virtual size: 604KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 40KB - Virtual size: 459KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 608KB - Virtual size: 604KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 40KB - Virtual size: 459KB

.rsrc
Size: 44KB - Virtual size: 43KB