ced795d6c5e942985eceedfe62cb8c11ee811758e685d2fbbba329d6e11a98bd

Sharing

Copy URL Twitter E-mail

General

Target

ced795d6c5e942985eceedfe62cb8c11ee811758e685d2fbbba329d6e11a98bd
Size

108KB
MD5

06e9a8a8082a8a5d4525dac2b9bf9457
SHA1

564e1dc9df5a95fb0dca572bf583bf12f2ab4357
SHA256

ced795d6c5e942985eceedfe62cb8c11ee811758e685d2fbbba329d6e11a98bd
SHA512

bf5776da15ca055211969d829a2fb4b502481c5293c2269f83abb8190924cf2ae88a349fd82b3876b34fd2fe8ec20589bacf25cc9edf091f29d9a3d8c9a1c1f6
SSDEEP

3072:n4RGTpc5+sowLg7mQOrJW2b4t9nJL6ktp:L+IwLemzbut16k

Score

N/A

Malware Config

Signatures

Files

ced795d6c5e942985eceedfe62cb8c11ee811758e685d2fbbba329d6e11a98bd
.dll windows x86

0a5bc16ab1201b95d0cf3b044063bac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

WOW32DriverCallback
midiInStart
midiOutSetVolume
mmioInstallIOProcA
mod32Message
timeBeginPeriod
timeKillEvent
waveInGetDevCapsA
waveInStart
waveOutRestart
waveOutUnprepareHeader
PlaySoundW

dinput

DirectInputCreateW

user32

BeginDeferWindowPos
CharLowerBuffA
CharLowerW
DefWindowProcA
UpdateWindow
TranslateMessage
ShowWindow
SetUserObjectSecurity
SetSystemCursor
SetRect
RemoveMenu
RegisterWindowMessageW
RegisterShellHookWindow
RegisterClassA
PeekMessageA
OpenClipboard
MsgWaitForMultipleObjects
MessageBoxW
GetTopWindow
GetKeyState
GetForegroundWindow
GetCaretPos
EnumPropsA
EmptyClipboard
DispatchMessageA
DialogBoxParamA
CreateWindowExA
CharToOemA

shell32

SHGetSpecialFolderPathW
ShellExecuteA
SHFileOperationW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

lstrcmpA
WaitForMultipleObjectsEx
TlsGetValue
SetFileTime
SetEnvironmentVariableA
ReadFile
OpenJobObjectW
OpenEventW
MulDiv
HeapCreate
HeapAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
GetTimeZoneInformation
GetTempPathW
GetSystemInfo
GetSystemDefaultLangID
GetStringTypeExA
GetPrivateProfileSectionW
GetModuleHandleA
GetFileAttributesExA
GetCurrentProcessId
GetConsoleOutputCP
GetConsoleAliasA
GetCommandLineA
GetBinaryTypeA
FormatMessageA
FlushConsoleInputBuffer
FindNextVolumeW
FindAtomW
FindAtomA
Beep
BindIoCompletionCallback
CloseHandle
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnumTimeFormatsA
ExitProcess

ole32

PropVariantClear
IsEqualGUID

ws2_32

htons
WSCDeinstallProvider
closesocket
WSAGetLastError
socket
WSAUnhookBlockingHook
gethostbyname
connect

advapi32

SetUserFileEncryptionKey
SetSecurityDescriptorDacl
RegisterEventSourceA
RegQueryValueExA
OpenTraceW
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LookupPrivilegeNameW
I_ScSetServiceBitsA
GetTrusteeNameW
GetSecurityDescriptorDacl
GetAclInformation
BuildExplicitAccessWithNameW
FileEncryptionStatusA
GetAce
AddAccessDeniedAce

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a5bc16ab1201b95d0cf3b044063bac1

Headers

File Characteristics

Imports

winmm

dinput

user32

shell32

version

kernel32

ole32

ws2_32

advapi32

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB