3f8db495d1499590fe5158640d446d3a94c4d12270ce5fc3fab34db2d6a93152

Sharing

Copy URL Twitter E-mail

General

Target

3f8db495d1499590fe5158640d446d3a94c4d12270ce5fc3fab34db2d6a93152
Size

163KB
MD5

04135875ee28f65cbd1980e37dd8c842
SHA1

6a9a6be83ad4bd2e8074d160d098b494e9043c5e
SHA256

3f8db495d1499590fe5158640d446d3a94c4d12270ce5fc3fab34db2d6a93152
SHA512

0c7874ea3e2c754f4ebf64f30b6fc8d1841e687aab949f6c8d927bd6d5d2c214d0b2da061237af3e5cff4ed5a874101e10a551efbd7cc5b8844de97ee422c38d
SSDEEP

3072:7KsPID9Ii8kzik+uWHVWnVpNkhJkzG43IM/d+MQhFAVCab0fVHJ09kkk:usQDt88ik+Z1WnVpNkhCbbdv+FAVCa6V

Score

N/A

Malware Config

Signatures

Files

3f8db495d1499590fe5158640d446d3a94c4d12270ce5fc3fab34db2d6a93152
.dll windows x86

0256282ab2f0d16edfc2fd165541f285

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
Sleep
GetFileAttributesA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
GetPrivateProfileStringA
GetVersionExA
GetLastError
CreateDirectoryA
lstrlenA
GetDiskFreeSpaceExA
FindClose
LocalFree
LocalReAlloc
LocalAlloc
GetFileSize
CreateFileA
ReadFile
WriteFile
MoveFileA
lstrcatA
SetFilePointer
GetModuleFileNameA
GetCurrentProcess
VirtualAllocEx
GetLocalTime
MoveFileExA
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
OutputDebugStringA
ResetEvent
InterlockedExchange
VirtualFree
VirtualAlloc
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
LocalSize
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
PeekNamedPipe
WaitForMultipleObjects
GlobalMemoryStatusEx
DeviceIoControl
GetSystemInfo
GetModuleHandleA
ReleaseMutex
OpenEventA
SetErrorMode
CreateMutexA
SetUnhandledExceptionFilter
FreeConsole
CreateToolhelp32Snapshot
lstrcmpiA
GetCurrentThreadId
CreateRemoteThread
OpenProcess
Module32Next
Module32First
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateThread
ResumeThread
CreateEventA
SetEvent
WaitForSingleObject
DeleteFileA
LoadLibraryA
RaiseException
GetProcAddress
lstrcpyA
CloseHandle
UnmapViewOfFile

gdi32

DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
BitBlt
DeleteObject
GetStockObject

shell32

SHGetSpecialFolderPathA
SHGetFileInfoA

shlwapi

SHDeleteKeyA

msvcrt

memmove
ceil
_ftol
strlen
strstr
memcmp
strcpy
_except_handler3
strcmp
free
malloc
strrchr
strcat
strncpy
fclose
fwrite
fopen
realloc
_vsnprintf
__CxxFrameHandler
strncmp
sprintf
strncat
strchr
atol
wcstombs
_beginthreadex
_snprintf
calloc
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_strnicmp
_stricmp
_strrev
_strnset
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
memset
_strcmpi

winmm

waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveOutOpen
waveOutPrepareHeader

userenv

GetProfilesDirectoryA
GetUserProfileDirectoryA

msvcp60

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

imm32

ImmGetCompositionStringA
ImmGetContext
ImmReleaseContext

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory
WTSQueryUserToken

Exports

Exports

CodeMain
CodeService
MainCode
MainService
ServiceCode
ServiceMain
main

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0256282ab2f0d16edfc2fd165541f285

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

shlwapi

msvcrt

winmm

userenv

msvcp60

imm32

msvfw32

wtsapi32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 15KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 15KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB