669c2528e0160f31039b4ab77522d870c54f36cabda6f78ef9203c13aa0061cc

Sharing

Copy URL Twitter E-mail

General

Target

669c2528e0160f31039b4ab77522d870c54f36cabda6f78ef9203c13aa0061cc
Size

41KB
MD5

06434c5dcdd4b630ec13d443ce2d5990
SHA1

da539923176bb2200403f0f27d59a3b1c0ba4f11
SHA256

669c2528e0160f31039b4ab77522d870c54f36cabda6f78ef9203c13aa0061cc
SHA512

af198866206ba02ae4a7af169acb729e06907f60d6776bba4bb9d189ab2276e10821d19d94ffb79e2e9497522720ef9c67a4b1cacd5b7af5f86d6cc38abcab1c
SSDEEP

768:02V8G9c0TGfN0pxfENgdKC6WfK3WA+cVj5qvtd/yy0jH+yuqm4egpdUVs6Ik:8G9pSlGEaULDG3cVcb/yyO+//4ejVs6z

Score

N/A

Malware Config

Signatures

Files

669c2528e0160f31039b4ab77522d870c54f36cabda6f78ef9203c13aa0061cc
.dll windows x86

fd5a3199211e6ee89248ef7a9483d108

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

ws2_32

listen

imm32

ImmGetContext

winmm

waveInStop

msvcrt

free

shell32

ShellExecuteA

psapi

GetModuleFileNameExA

ole32

CreateStreamOnHGlobal

gdi32

BitBlt

avicap32

capCreateCaptureWindowA

user32

IsWindow

advapi32

RegCloseKey

shlwapi

StrChrA

Exports

Exports

erdftgyhy
222222222222
ServiceMain

Sections

.guoc
Size: 26KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guocy
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.guof
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

guocy
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gyuio
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtfghy
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wsedrf
Size: 6KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd5a3199211e6ee89248ef7a9483d108

Headers

File Characteristics

Imports

kernel32

ws2_32

imm32

winmm

msvcrt

shell32

psapi

ole32

gdi32

avicap32

user32

advapi32

shlwapi

Exports

Exports

Sections

.guoc Size: 26KB - Virtual size: 66KB

.guocy Size: 1024B - Virtual size: 6KB

.guof Size: 1024B - Virtual size: 2KB

guocy Size: - Virtual size: 4KB

.gyuio Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.rtfghy Size: 2KB - Virtual size: 3KB

.wsedrf Size: 6KB - Virtual size: 4KB

.guoc
Size: 26KB - Virtual size: 66KB

.guocy
Size: 1024B - Virtual size: 6KB

.guof
Size: 1024B - Virtual size: 2KB

guocy
Size: - Virtual size: 4KB

.gyuio
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.rtfghy
Size: 2KB - Virtual size: 3KB

.wsedrf
Size: 6KB - Virtual size: 4KB