ae885063d5255e70ac6e585cb27946e18e2dc5e1fbee323c1d2c4ea0d6ffce2c

Sharing

Copy URL Twitter E-mail

General

Target

ae885063d5255e70ac6e585cb27946e18e2dc5e1fbee323c1d2c4ea0d6ffce2c
Size

295KB
MD5

0d91c6337403ccf417b577708f052dd0
SHA1

40dd281f0bfabc7e292bdd2c824e469338a75466
SHA256

ae885063d5255e70ac6e585cb27946e18e2dc5e1fbee323c1d2c4ea0d6ffce2c
SHA512

c364fe14387e23834abe49e403fea2c261e45700ec559c4a01ea44d7bc2255c7f415182fb4efe354b1211e368b3125b502416e71b9e504f1138fc0888613aa3b
SSDEEP

6144:MIV5h8XW1lzTSkS/cbUbMmx8OtpwG/6XevRWOXDqZq3c1p+kQiIM+hz:Mq+elzmYvODqqM1p+ViM

Score

N/A

Malware Config

Signatures

Files

ae885063d5255e70ac6e585cb27946e18e2dc5e1fbee323c1d2c4ea0d6ffce2c
.dll windows x86

fa140c46be3ca599b000cfa5cfd71937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
PathIsURLW
PathIsDirectoryW
PathStripPathW
PathRemoveExtensionW
PathFileExistsW

powrprof

IsPwrSuspendAllowed
IsPwrHibernateAllowed

kernel32

GetVersionExW
GetLastError
GetLocalTime
DeleteFileW
SetFilePointer
SetEndOfFile
WriteFile
CreateFileW
CreateDirectoryW
GetTempPathW
lstrcmpiA
MoveFileW
RemoveDirectoryW
VirtualQuery
VirtualProtect
LocalUnlock
LocalReAlloc
LocalHandle
LocalLock
GetCurrentProcess
LocalFree
GetPrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
VirtualFree
OpenProcess
VirtualAlloc
WaitForSingleObject
CreateEventW
Module32FirstW
CreateToolhelp32Snapshot
GetCurrentThreadId
Module32NextW
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
FindNextFileW
FindClose
DisableThreadLibraryCalls
SetThreadPriority
lstrcmpW
GetModuleFileNameW
SetSystemPowerState
MulDiv
GetTickCount
SetErrorMode
FindFirstFileW
CompareStringA
CompareStringW
GetStringTypeExW
lstrlenA
CreateThread
LCMapStringW
ResumeThread
SuspendThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
lstrcpynW
LeaveCriticalSection
Sleep
InitializeCriticalSection
lstrcmpiW
GlobalFree
LoadLibraryW
GetModuleHandleW
FreeLibrary
GetPrivateProfileIntW
WritePrivateProfileStringW
lstrlenW
LocalAlloc

user32

IsMenu
SetTimer
GetSystemMenu
GetUpdateRgn
GetDlgItemInt
SetCursor
ClientToScreen
MonitorFromRect
GetMonitorInfoW
IsWindowUnicode
MonitorFromWindow
SystemParametersInfoW
SetWindowLongA
GetMonitorInfoA
CreateDialogParamW
EnumWindows
GetWindowThreadProcessId
GetActiveWindow
DestroyCursor
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
WindowFromDC
FrameRect
SetActiveWindow
MapDialogRect
RegisterWindowMessageW
SetCapture
KillTimer
GetKeyState
GetSubMenu
SetForegroundWindow
GetFocus
InvalidateRgn
LoadCursorW
CharPrevW
WindowFromPoint
GetTabbedTextExtentW
SetParent
CreateAcceleratorTableW
ExitWindowsEx
SetFocus
GetMenuItemInfoW
PtInRect
GetUpdateRect
GetDC
GetCapture
SetDlgItemInt
TrackPopupMenuEx
SetRect
MessageBoxA
GetDCEx
ReleaseDC
RedrawWindow
GetCursorPos
LoadStringW
CheckDlgButton
CreatePopupMenu
SetMenuDefaultItem
CheckRadioButton
DeferWindowPos
MessageBoxW
ReleaseCapture
BeginDeferWindowPos
GetSystemMetrics
ValidateRgn
UpdateWindow
DestroyMenu
SetWindowTextW
EndDeferWindowPos
SetMenuItemInfoW
ValidateRect
GetWindow
CharNextW
EndPaint
DestroyWindow
ScreenToClient
GetWindowRect
FillRect
LoadImageW
PostMessageW
DrawTextW
DrawIconEx
GetClientRect
BeginPaint
DrawFocusRect
InvalidateRect
GetWindowTextW
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
GetSysColor
IsDlgButtonChecked
IsWindow
CreateWindowExW
GetDlgItemTextW
SetDlgItemTextW
MapWindowPoints
EnableWindow
GetDlgCtrlID
CallWindowProcW
CopyRect
RemovePropW
GetMenuItemID
DeleteMenu
GetParent
SetPropW
InsertMenuItemW
GetWindowLongW
SetWindowPos
ShowWindow
IsWindowVisible
SendMessageW
GetPropW
CheckMenuItem
EnableMenuItem

gdi32

SetTextColor
CreatePen
SetBkMode
DeleteObject
GetNearestColor
CreateRectRgn
SetBkColor
GetPixel
SetStretchBltMode
CreateHatchBrush
GetBkColor
MoveToEx
BitBlt
GetTextExtentPoint32W
GetTextMetricsW
LineTo
DeleteDC
CreateFontIndirectW
GetDeviceCaps
StretchBlt
ExcludeClipRect
SelectObject
CreateCompatibleDC
CreateRectRgnIndirect
CombineRgn
CreateBrushIndirect
OffsetRgn
FillRgn
CreateSolidBrush

comdlg32

GetOpenFileNameW
ChooseColorW
GetSaveFileNameW

advapi32

RegDeleteKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegNotifyChangeKeyValue

shell32

ShellExecuteW
DragQueryFileW
DragAcceptFiles
SHChangeNotify
DragFinish

msvcr90

_lock
_crt_debugger_hook
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
memcmp
_vsnwprintf
free
memset
_wcsdup
wcsstr
_vsnprintf
_purecall
memcpy
_wtoi
_strdup
??3@YAXPAX@Z
??2@YAPAXI@Z
_unlock
__dllonexit
_encode_pointer
__CxxFrameHandler3
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter

Exports

Exports

winampGetGeneralPurposePlugin
winampUninstallPlugin

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa140c46be3ca599b000cfa5cfd71937

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

powrprof

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcr90

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 3KB - Virtual size: 78KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 13KB - Virtual size: 12KB

.text Size: 107KB - Virtual size: 108KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 3KB - Virtual size: 78KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 13KB - Virtual size: 12KB

.text
Size: 107KB - Virtual size: 108KB