0573475c680b22dfc983051801544d9bbd5fa3e8ea88d67cce4d8b7aa692401a

Sharing

Copy URL Twitter E-mail

General

Target

0573475c680b22dfc983051801544d9bbd5fa3e8ea88d67cce4d8b7aa692401a
Size

100KB
MD5

4089d22e5d4b5bfdc39af64be76fa748
SHA1

0e69e7f3acba0f3209cffabcae8e0385fb5e12db
SHA256

0573475c680b22dfc983051801544d9bbd5fa3e8ea88d67cce4d8b7aa692401a
SHA512

8f48f8e6bc4c8ad591fa274e98c4e3eca901d087d2877b26ffdb635b752010b150b20136a389505f9ac049e4e16930e376945d98856c292c246fd4e7d1b80241
SSDEEP

1536:Eqwt9Y6DzHQK6REANyxyp5B2CVYjlxni6fMNE0p96Uykb0djAf:Evh7Q5Erxyp5BCjSi8y5FAf

Score

N/A

Malware Config

Signatures

Files

0573475c680b22dfc983051801544d9bbd5fa3e8ea88d67cce4d8b7aa692401a
.exe windows x86

a22228f05665551dbf7c69f7f7fd5f09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
CreateThread
lstrlenW
lstrlenA
WriteFile
InterlockedExchange
IsBadCodePtr
ResetEvent
GetFullPathNameW
EnterCriticalSection
GetACP
WideCharToMultiByte
HeapAlloc
GetSystemInfo
WaitForSingleObject
lstrcpyA
GetLocaleInfoW
LoadLibraryW
GetCurrentProcessId
LeaveCriticalSection
GetFileAttributesW
GetCurrentProcess
GlobalUnlock
IsBadReadPtr
GetModuleFileNameA
FreeLibrary
CloseHandle
MulDiv
CreateFileW
InitializeCriticalSection
lstrcmpiW
GetFileSize
GetCurrentThread
GetSystemTimeAsFileTime
IsBadWritePtr
DeleteCriticalSection
ReleaseSemaphore
HeapFree
lstrcmpW
GlobalLock
GlobalFree
SetEndOfFile
CreateSemaphoreW
GetQueuedCompletionStatus
InterlockedIncrement
SetEvent
InterlockedDecrement
SetFilePointer
GetPrivateProfileStringW
lstrcpynW
GlobalAlloc
MultiByteToWideChar
QueryPerformanceCounter
GetProcAddress
GlobalHandle
GlobalMemoryStatus
SetUnhandledExceptionFilter
GetLastError
GetProfileIntA
DeleteFileW
CreateIoCompletionPort
lstrcpyW
SetThreadPriority
GetVersionExW
SetLastError
ReadFile
VirtualFree
PostQueuedCompletionStatus
GetTickCount
WaitForMultipleObjects
GetDiskFreeSpaceW
GetStartupInfoA
GetProcessHeap
GetThreadPriority

user32

GetDlgItemInt
SendMessageW
CheckDlgButton
IsRectEmpty
GetDlgItem
SetDlgItemTextW
IsWindow
GetWindowRect
DispatchMessageW
InvalidateRect
GetAsyncKeyState
GetDC
wsprintfW
DestroyWindow
CheckRadioButton
GetDesktopWindow
ClientToScreen
GetWindowLongW
PeekMessageW
SetWindowLongW
ReleaseDC
MoveWindow
LoadStringW
TranslateMessage
DefWindowProcW
LoadCursorW
GetClientRect
IsWindowVisible
EnableWindow
SetCursor
CreateDialogParamW
ShowWindow
SetDlgItemInt

gdi32

GetStockObject
PatBlt
SelectObject
GetPaletteEntries
GetObjectW
GetTextExtentPoint32W

winmm

OpenDriver
waveInReset
mixerSetControlDetails
mixerClose
SendDriverMessage
waveInOpen
waveInPrepareHeader
waveInClose
mixerGetControlDetailsW
mixerGetLineInfoW
mixerOpen
waveInAddBuffer
CloseDriver
waveInGetDevCapsW
waveInStop
waveInUnprepareHeader
mixerGetID
mixerGetLineControlsW
waveInStart

ole32

CoInitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

msvfw32

ICGetInfo
ICOpen
ICLocate
ICDecompress
ICClose
ICSendMessage
ICCompress

ncobjapi

WmiEventSourceConnect
WmiSetAndCommitObject
WmiCommitObject
WmiIsObjectActive
WmiEventSourceDisconnect
WmiCreateObjectWithFormat
WmiCreateObject
WmiAddObjectProp
WmiCreateObjectWithProps
WmiDestroyObject

nddeapi

NDdeGetTrustedShareW
NDdeGetShareSecurityA
NDdeGetTrustedShareA
NDdeIsValidShareNameA
NDdeGetShareSecurityW
NDdeGetErrorStringA
NDdeIsValidAppTopicListW
NDdeIsValidAppTopicListA

mydocs

DllGetClassObject
PerUserInit
DllCanUnloadNow

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a22228f05665551dbf7c69f7f7fd5f09

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

ole32

msvfw32

ncobjapi

nddeapi

mydocs

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 81KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 81KB

.rsrc
Size: 24KB - Virtual size: 23KB