0c3a95404cad700b5be7e31699546d2021d094ff0c9f85283976c0411221ceda

Sharing

Copy URL

Twitter E-mail

General

Target

0c3a95404cad700b5be7e31699546d2021d094ff0c9f85283976c0411221ceda
Size

100KB
MD5

0e5600f88476d666ba88e763be96bd25
SHA1

993fe47d0d77d6548219a8f59eb9b8e6b569c14c
SHA256

0c3a95404cad700b5be7e31699546d2021d094ff0c9f85283976c0411221ceda
SHA512

d22e5ae7c53dfe20d51f5a67603c0aa43e62a25c516f4418a6b87bc842658bd435219fe95d409cea9173d91273147a5d5475c7bcb82319c0a26046ba2e014360
SSDEEP

3072:xT9AZR+H6+zneDtHIpFUn6JvaHE6eEFNm:HQRE6ODF46JCj/F8

Score

N/A

Malware Config

Signatures

Files

0c3a95404cad700b5be7e31699546d2021d094ff0c9f85283976c0411221ceda
.dll windows x86

ba04015441f0a60f9005fc9fa5d5be4e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioDescend
waveInClose
waveOutReset
joyReleaseCapture
joySetThreshold
timeGetDevCaps
mciGetCreatorTask
midiOutMessage
mmioFlush
midiOutCacheDrumPatches
mmioRead
mmioSetInfo
mmioClose
mmioStringToFOURCCA
midiOutUnprepareHeader
joyGetPosEx
sndPlaySoundA
midiStreamProperty
auxGetVolume
waveOutGetPosition
waveInOpen
mciGetYieldProc
mmioCreateChunk
mixerGetNumDevs
timeGetSystemTime
waveOutOpen
joyGetNumDevs
mmioSeek
mixerMessage
auxOutMessage
midiInGetID
timeGetTime
auxGetDevCapsA
waveInGetNumDevs
waveInGetErrorTextA
midiInAddBuffer
midiOutClose
midiStreamPause
midiInUnprepareHeader
mixerGetLineControlsA
mciSetYieldProc
joyGetPos
midiStreamOut
midiOutPrepareHeader
waveInStart
waveInGetPosition
mciSendCommandA
midiOutShortMsg
midiInStart
midiOutCachePatches
midiStreamClose
waveOutGetID
midiStreamStop
mmioGetInfo
waveInUnprepareHeader
midiInStop
mciGetDeviceIDA
mmioInstallIOProcA
midiOutGetNumDevs
midiInClose
midiOutGetID
midiOutGetErrorTextA
waveInGetDevCapsA
mixerOpen
waveInMessage
mmioSetBuffer
midiInMessage
midiOutGetDevCapsA

kernel32

GetSystemTime
GetHandleInformation
GetProcAddress
GetModuleHandleA
LoadLibraryA
lstrcpynA
IsValidLocale
VirtualAlloc
GetVersion

gdi32

IntersectClipRect
SetTextAlign
CreatePen
StretchBlt
GetBkColor
SetBkMode
RectVisible
GetTextAlign
GetPixel
CreateMetaFileA
SetWindowOrgEx
DeleteDC
SelectObject
GetPaletteEntries
GetStockObject
ExtTextOutW
CreateRectRgnIndirect
DPtoLP
TextOutA
CreateFontIndirectA
SetViewportOrgEx
GetObjectA
CreateDIBSection
CreateDCW
GetObjectW
CreateRectRgn
PatBlt
RestoreDC
GetBkMode
CreateBitmap
GetTextMetricsA
GetTextColor
GetDIBits
CloseMetaFile
TranslateCharsetInfo
Rectangle
ExtTextOutA
CreateSolidBrush
EnumFontFamiliesExW
Ellipse
StretchDIBits
GetObjectType
SetViewportExtEx
BitBlt
CreateFontIndirectW
SetBrushOrgEx
GetWindowExtEx
GetTextExtentPointA
CombineRgn
SelectPalette
CreateDIBitmap
TextOutW
GetViewportExtEx
CreateFontA
RealizePalette
DeleteObject
DeleteMetaFile
MoveToEx
GetBitmapBits
Escape
GetTextExtentPoint32A
GetDeviceCaps
SetTextColor
GetClipRgn
CreateMetaFileW
CreatePalette
GetSystemPaletteEntries
CreateCompatibleBitmap
LPtoDP
CreateDCA
SetBkColor
LineTo
SaveDC
GetTextMetricsW
SetROP2
CreateCompatibleDC
GetMapMode
ExtSelectClipRgn
GetTextExtentPoint32W
OffsetViewportOrgEx
Polyline
GetCurrentObject
ExcludeClipRect
SetStretchBltMode
CreatePatternBrush
OffsetRgn
GetNearestColor
CreateHalftonePalette
SetMapMode
GetTextExtentPointW
SetWindowExtEx

shell32

StrCmpNIA
StrChrA

shlwapi

PathIsRootA
PathFindFileNameA
PathIsSameRootA
PathCommonPrefixA
PathMakePrettyA
SHRegDeleteEmptyUSKeyA
StrToIntA
SHRegEnumUSValueA
PathCompactPathExA
PathRemoveExtensionA
SHDeleteEmptyKeyA
PathUnquoteSpacesA
PathCombineA
PathRemoveFileSpecA
PathSearchAndQualifyA
PathFindNextComponentA
PathQuoteSpacesA
PathAddBackslashA
PathIsDirectoryA
PathIsPrefixA
SHQueryInfoKeyA
PathMatchSpecA
PathRemoveBackslashA
SHEnumKeyExA
StrPBrkA
SHGetValueA
PathIsSystemFolderA
StrDupA
PathSetDlgItemPathA
SHRegQueryInfoUSKeyA
StrNCatA
PathFindExtensionA
PathCanonicalizeA
SHRegCreateUSKeyA
PathSkipRootA
PathMakeSystemFolderA
SHDeleteKeyA
PathStripPathA
PathGetArgsA
StrFromTimeIntervalA
PathIsFileSpecA
SHRegGetUSValueA
PathRelativePathToA
StrTrimA
PathFindOnPathA
SHRegOpenUSKeyA

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueA

winspool.drv

DeletePrintProvidorA
SetPortA
SetFormA
FindClosePrinterChangeNotification
OpenPrinterA
AddPrinterDriverA
EnumMonitorsA
GetPrinterDataA
AdvancedDocumentPropertiesA
DocumentPropertiesA
ScheduleJob
AbortPrinter
EndPagePrinter
EnumFormsA
ResetPrinterA
EnumPrintProcessorDatatypesA
GetJobA
StartPagePrinter
SetPrinterDataExA
FindFirstPrinterChangeNotification
DeleteFormA
EnumPrintProcessorsA
FreePrinterNotifyInfo

msvcrt

ftell
fread
memset
_unlink
fclose
fwrite
fseek
printf
fopen
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
sprintf

Exports

Exports

Gcjfohzt

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba04015441f0a60f9005fc9fa5d5be4e

Headers

File Characteristics

Imports

winmm

kernel32

gdi32

shell32

shlwapi

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 4KB