1ddd7f54df9d2bb1969bd98b9b44a93c51a079c65fa6451633802c307bd55bd4

Sharing

Copy URL Twitter E-mail

General

Target

1ddd7f54df9d2bb1969bd98b9b44a93c51a079c65fa6451633802c307bd55bd4
Size

179KB
MD5

04f8d3da0251c54687f99d121173d455
SHA1

2d98390155f36e5eb22ed82583385a2ef99b72eb
SHA256

1ddd7f54df9d2bb1969bd98b9b44a93c51a079c65fa6451633802c307bd55bd4
SHA512

850da220e595f7a3abed6a6d33db9e59ce4851bd020568ac6cc89254e6286ab5250130b97e184b37f1b6ab6a08b2dfaa8315b96f26f22c1de9828f198ef10417
SSDEEP

3072:4DiadQSC6fkgL66mHvAiQ/fgBzo8YpdRGiXoG1+DKzf6gz4NeNrn5SmI3tSntvnj:ulTfkgL66cZGfYUdRMk+De6gzRNr5TI+

Score

N/A

Malware Config

Signatures

Files

1ddd7f54df9d2bb1969bd98b9b44a93c51a079c65fa6451633802c307bd55bd4
.dll windows x86

ff7e72a36d0112a4be56886c8e3c591d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetInstanceExplorer
SHGetFolderPathW

winmm

WOW32ResolveMultiMediaHandle
midiInReset
midiOutClose
midiStreamRestart
mmsystemGetVersion
waveInOpen
waveOutGetVolume
joyGetThreshold

msvcrt

_lrotl
_ismbcspace
_isatty
_initterm
_getche
_fileno
_lseeki64
_atoi64
_amsg_exit
__pioinfo
__doserrno
__dllonexit
__badioinfo
_XcptFilter
_onexit
_popen
_purecall
_snprintf
_snwprintf
_spawnl
_spawnlp
_strnicmp
_stricmp
_vsnwprintf
_wcslwr
_wcsnicmp
_wcsupr
_wctime
_wrename
_write
_wtmpnam
_wtol
atoi
ceil
feof
ftell
isleadbyte
isspace
iswalnum
iswdigit
iswspace
ldexp
malloc
memmove
printf
qsort
sscanf
strcpy
strcspn
strncmp
strstr
swscanf
towlower
towupper
wcsncmp
wcsrchr
wctomb
_errno

kernel32

GetStartupInfoA
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCurrentThreadId
GetCommandLineA
FreeLibrary
FindResourceA
FindFirstFileA
FindClose
ExitThread
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateThread
GetTapePosition
GetThreadLocale
GetTickCount
GetVersion
GlobalAlloc
InitializeCriticalSection
lstrlenA
lstrcpynA
WriteFile
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
SetTimeZoneInformation
RtlUnwind
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
LocalFree
LocalAlloc
LoadLibraryExA
InterlockedDecrement
InterlockedIncrement
GetStdHandle

rpcrt4

CStdStubBuffer_Disconnect
NdrEncapsulatedUnionBufferSize
NdrFixedArrayFree
NdrFixedArrayMemorySize
NdrFullPointerXlatFree
NdrMesSimpleTypeDecode
NdrPointerMarshall
NdrRpcSsEnableAllocate
NdrServerCall2
NdrSimpleStructUnmarshall
NdrSimpleTypeUnmarshall
NdrXmitOrRepAsFree
NdrpReleaseTypeGenCookie
RpcAsyncCancelCall
RpcIfIdVectorFree
RpcServerInqIf
RpcSmDisableAllocate
RpcSsDestroyClientContext
RpcSsGetContextBinding

advapi32

LsaSetQuotasForAccount
AddAce
AllocateAndInitializeSid
SystemFunction014
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
RegQueryValueExA
RegFlushKey
RegCreateKeyExW
OpenThreadToken
LsaSetSecret
AddAccessAllowedAce
LsaQueryTrustedDomainInfoByName
LsaGetSystemAccessAccount
InitializeSecurityDescriptor
GetUserNameW
GetLengthSid
CryptSetProvParam
CheckTokenMembership
AreAnyAccessesGranted

user32

WINNLSEnableIME
UpdateWindow
UnpackDDElParam
ToUnicode
ShowWindow
SetTimer
SetDlgItemInt
SetClipboardViewer
RegisterClassA
PtInRect
PostQuitMessage
KillTimer
IsWindowUnicode
IntersectRect
InSendMessageEx
GetShellWindow
GetPriorityClipboardFormat
GetMessageA
GetMenuState
GetListBoxInfo
GetKeyboardLayout
GetDlgItem
GetDC
GetAncestor
EnableScrollBar
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CreateIconFromResourceEx
CloseClipboard
BringWindowToTop
ActivateKeyboardLayout
WaitForInputIdle

Exports

Exports

BuildNotificationPackage
GetQueryParameterInfo
GetTableInfo
StreamSubStringMatch

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff7e72a36d0112a4be56886c8e3c591d

Headers

DLL Characteristics

File Characteristics

Imports

shell32

winmm

msvcrt

kernel32

rpcrt4

advapi32

user32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 14KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 14KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 3KB