149d04fcd89bb8c2867a4802303440fbfbb32d97c94a4fd17cf7b0aaa68658f1

Sharing

Copy URL

Twitter E-mail

General

Target

149d04fcd89bb8c2867a4802303440fbfbb32d97c94a4fd17cf7b0aaa68658f1
Size

108KB
MD5

05b4ab197e9dd8ee1ff6e5871a46fb6e
SHA1

a568ae9b0f9128302eacff48c3d0b6e9646e69bb
SHA256

149d04fcd89bb8c2867a4802303440fbfbb32d97c94a4fd17cf7b0aaa68658f1
SHA512

b1eac9823f2a336d5ed5c951a2f3c6eed5c4f6ccb3a9c7046416f97a731ed840e7d4cb9a30410157f8fb3fb7296ede323e801348513d1d89a7b658c22f650302
SSDEEP

3072:EV6DBUuFvJVHSxOE7lwGJW2bEg8KGpGX3+:EV6DBzRtS/72+bEqGpQ

Score

N/A

Malware Config

Signatures

Files

149d04fcd89bb8c2867a4802303440fbfbb32d97c94a4fd17cf7b0aaa68658f1
.dll windows x86

0a5bc16ab1201b95d0cf3b044063bac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

WOW32DriverCallback
midiInStart
midiOutSetVolume
mmioInstallIOProcA
mod32Message
timeBeginPeriod
timeKillEvent
waveInGetDevCapsA
waveInStart
waveOutRestart
waveOutUnprepareHeader
PlaySoundW

dinput

DirectInputCreateW

user32

BeginDeferWindowPos
CharLowerBuffA
CharLowerW
DefWindowProcA
UpdateWindow
TranslateMessage
ShowWindow
SetUserObjectSecurity
SetSystemCursor
SetRect
RemoveMenu
RegisterWindowMessageW
RegisterShellHookWindow
RegisterClassA
PeekMessageA
OpenClipboard
MsgWaitForMultipleObjects
MessageBoxW
GetTopWindow
GetKeyState
GetForegroundWindow
GetCaretPos
EnumPropsA
EmptyClipboard
DispatchMessageA
DialogBoxParamA
CreateWindowExA
CharToOemA

shell32

SHGetSpecialFolderPathW
ShellExecuteA
SHFileOperationW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

lstrcmpA
WaitForMultipleObjectsEx
TlsGetValue
SetFileTime
SetEnvironmentVariableA
ReadFile
OpenJobObjectW
OpenEventW
MulDiv
HeapCreate
HeapAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
GetTimeZoneInformation
GetTempPathW
GetSystemInfo
GetSystemDefaultLangID
GetStringTypeExA
GetPrivateProfileSectionW
GetModuleHandleA
GetFileAttributesExA
GetCurrentProcessId
GetConsoleOutputCP
GetConsoleAliasA
GetCommandLineA
GetBinaryTypeA
FormatMessageA
FlushConsoleInputBuffer
FindNextVolumeW
FindAtomW
FindAtomA
Beep
BindIoCompletionCallback
CloseHandle
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnumTimeFormatsA
ExitProcess

ole32

PropVariantClear
IsEqualGUID

ws2_32

htons
WSCDeinstallProvider
closesocket
WSAGetLastError
socket
WSAUnhookBlockingHook
gethostbyname
connect

advapi32

SetUserFileEncryptionKey
SetSecurityDescriptorDacl
RegisterEventSourceA
RegQueryValueExA
OpenTraceW
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LookupPrivilegeNameW
I_ScSetServiceBitsA
GetTrusteeNameW
GetSecurityDescriptorDacl
GetAclInformation
BuildExplicitAccessWithNameW
FileEncryptionStatusA
GetAce
AddAccessDeniedAce

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a5bc16ab1201b95d0cf3b044063bac1

Headers

File Characteristics

Imports

winmm

dinput

user32

shell32

version

kernel32

ole32

ws2_32

advapi32

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB