fe6b8d7301c8387e5a1e1a91fab97b9bddc1279c22d69f199189fc5d92028431

Sharing

Copy URL Twitter E-mail

General

Target

fe6b8d7301c8387e5a1e1a91fab97b9bddc1279c22d69f199189fc5d92028431
Size

752KB
MD5

0b323056a69c3def997569666db5508a
SHA1

4d142b71aec3e26d280ca47c930072fccd6aca77
SHA256

fe6b8d7301c8387e5a1e1a91fab97b9bddc1279c22d69f199189fc5d92028431
SHA512

21094a268ffb3320c61da886198aa47df91ab4d90e4073352af03001c71c01f53d977705bbe7e58c276596228f3fdf345ec9fca5a1feff65798f76f66475b913
SSDEEP

12288:jNR7dsjpmQtci9Hu/UxL8L3qCV6M++RsN1f1Ot/fP8LVjs3lNVu7I:jNR7dslmQ79Oqqquy+RsnLVjs3lNQ8

Score

N/A

Malware Config

Signatures

Files

fe6b8d7301c8387e5a1e1a91fab97b9bddc1279c22d69f199189fc5d92028431
.exe windows x86

c4715d66be6c8746cd7727839c007ae9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfoW
SHGetFolderPathW
DragQueryFileW
DragAcceptFiles
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderPathW
DragFinish

comdlg32

GetSaveFileNameW
PrintDlgW
GetOpenFileNameW

dsound

ord1

kernel32

CopyFileExW
CreateEventW
WaitForSingleObject
SetEvent
GetCommandLineW
LocalFree
LocalAlloc
lstrcmpiW
WritePrivateProfileStringW
WriteFile
OutputDebugStringW
SetLastError
GlobalReAlloc
LoadLibraryA
GetModuleHandleW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
FileTimeToSystemTime
GetDiskFreeSpaceW
GetSystemTime
lstrcmpiA
GetFileSize
SetFilePointer
CreateThread
OpenProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetStartupInfoW
GetModuleHandleA
MoveFileW
SetFileAttributesW
TerminateProcess
WaitNamedPipeW
SetNamedPipeHandleState
GetEnvironmentVariableW
GetFileTime
SetErrorMode
GetLogicalDrives
GetWindowsDirectoryW
GlobalSize
GetVersionExA
GetCurrentThreadId
GetTickCount
GetPrivateProfileIntW
SetThreadExecutionState
Sleep
GetPrivateProfileStringW
SetPriorityClass
SetThreadPriority
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
GetLocalTime
GetVersionExW
GetModuleFileNameW
ReleaseMutex
GetLastError
CreateMutexW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
MulDiv
lstrlenW
lstrcpynW
GetDriveTypeW
GetFileAttributesExW
lstrcatW
GlobalFree
GlobalUnlock
lstrcpyW
GlobalLock
GlobalAlloc
DeleteFileW
CloseHandle
CreateFileW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetProcAddress
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
lstrlenA
SetCurrentDirectoryW
GetCurrentDirectoryW
lstrcmpW
CopyFileW
CreateDirectoryW
ReadFile
GetTempFileNameW
GetTempPathW
DeviceIoControl
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection

user32

ClientToScreen
ScreenToClient
UpdateWindow
InvalidateRect
SetTimer
SetWindowPos
IsZoomed
ShowWindow
IsWindowEnabled
SetCapture
SetFocus
GetScrollPos
GetClassInfoExW
LoadCursorW
EqualRect
UnregisterClassW
GetAsyncKeyState
GetKeyState
MoveWindow
InvalidateRgn
GetDesktopWindow
GetWindowTextW
MessageBoxA
SetRect
GetWindowRect
GetSystemMetrics
ReleaseDC
GetDC
wsprintfW
SystemParametersInfoW
SetForegroundWindow
IsWindowVisible
FindWindowW
LoadStringW
CharNextW
SetWindowRgn
IsWindow
SetRectEmpty
MessageBoxW
CharUpperW
SendMessageW
GetActiveWindow
CloseDesktop
SwitchDesktop
OpenDesktopW
SetWindowLongW
GetWindowLongW
PostMessageW
MapWindowPoints
GetClientRect
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
GetWindow
GetParent
DestroyWindow
ReleaseCapture
GetSystemMenu
GetCapture
MonitorFromRect
DefWindowProcW
SetWindowsHookExW
CreateDialogIndirectParamW
DialogBoxIndirectParamW
UnhookWindowsHookEx
IsDialogMessageW
CallNextHookEx
RegisterClipboardFormatW
GetScrollInfo
IntersectRect
FillRect
GetIconInfo
DrawIconEx
InflateRect
RedrawWindow
GetWindowDC
IsRectEmpty
DrawTextW
GetDlgItem
SetDlgItemTextW
GetSysColor
EndPaint
BeginPaint
GetFocus
RegisterClassW
LoadBitmapW
PtInRect
EnableScrollBar
EnableWindow
BringWindowToTop
SetScrollInfo
EndDialog
SetCursor
GetCursor
SetWindowTextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgCtrlID
DeleteMenu
CopyRect
CallWindowProcW
KillTimer
PostQuitMessage
CreateWindowExW
RegisterClassExW
LoadImageW
LoadIconW
ShowCursor
GetDoubleClickTime

gdi32

BitBlt
SetWindowOrgEx
GetClipBox
GetBkMode
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
SelectPalette
RealizePalette
CreateBrushIndirect
DPtoLP
FillRgn
FrameRgn
SetBkMode
CreateRoundRectRgn
CreatePolygonRgn
CreateBitmap
SetTextColor
GetDIBits
GetTextMetricsW
StretchDIBits
SetBkColor
ExtTextOutW
CreateFontIndirectW
CreateCompatibleDC
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
DeleteDC
OffsetRgn
GetStockObject
SelectObject
GetTextExtentPoint32W
GetDeviceCaps
CreateEllipticRgn
CreateDCW
SetDIBitsToDevice
Rectangle
LPtoDP
SetMapMode
CreateSolidBrush

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegDeleteValueW

ole32

CLSIDFromProgID
OleRun
CLSIDFromString
CoInitialize
CoUninitialize
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
OleInitialize
CoCreateInstance
OleUninitialize

oleaut32

SysAllocStringByteLen
SysStringLen
VariantCopy
VariantChangeType
VarUI4FromStr
GetErrorInfo
SysStringByteLen
VariantInit
SysFreeString
SysAllocString
VariantClear

msvcp71

?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
?_Nomemory@std@@YAXXZ
??0_Lockit@std@@QAE@XZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??1_Lockit@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z

shlwapi

PathAddBackslashW
PathCompactPathExW
StrTrimW

comctl32

ImageList_ReplaceIcon
ord17
ImageList_LoadImageW
ImageList_SetBkColor
InitCommonControlsEx

magcore

Mag0GetType
Mag0GetObjDataC
Mag0LoadModuleDllW
Mag0Release
Mag0Retain
Mag0FreeModuleDll
Mag0UninitCore
Mag0RetainCount
Mag0RegisterClass
Mag0InitCore
Mag0CopyObject
Mag0CreateObj
Mag0UnregisterClass
Mag0Inter

magpltfm

magHeapFree
magHeapLock
magHeapAlloc
magStrLen
magHeapUnlock

maguiengine

Mag0GetEngineConfig
Mag0GetGValue
Mag0SetGValue
Mag0ConfigEngine
Mag0InitEngine
Mag0UninitEngine

maguiimage

Mag0UninitImage
Mag0InitImage

maguiinter

Mag0EventKind
Mag0EndUseEvent
Mag0UninitInter
Mag0SMDetachSurface
Mag0DispatchEvent
Mag0SMCreateSurfaceW
Mag0SMGetEnvironment
Mag0SMGetSurfaceManage
Mag0InitInter

imgctrl

ord1
ord2

toolsctrl

ToolsCtrlUninit
ToolsCtrlInit

winmm

timeGetTime
waveOutGetNumDevs

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

uezdll

EzDibResampleHQ
EzDibGetSize
EzOpenFileThumbnail
EzLoadPsdFileAsImage
EzLoadBmpFileThumbnail
EzSaveFile
LLGetBCUIntervals
EzImageDelete
GetJpgSize
EzOpenFile

extrasctrl

ExtrasCtrl_HandleMenu
ExtrasCtrl_Init

rawengine

ispDisposeRawImage

umediaclub

SMVNewTranscoder
SMVInitialize
MIReleaseMediaObject
MIIsAudio
MICreateMediaObject
MIGetDurations
MIInitialize
MIUnInitialize
SMVUnInitialize
MPSetCurAudioStream
MPSetCurVideoStream
MPSetSubtitleEnable
SMVTranscode
MPGetOGGStreamsInfo
MPPlayGetCurrPosition
MPPlayGetState
MPPlayResetWindow
MPPlayStop
SMVStopTranscode
SMVCloseTranscoder
MIGetMediaObjectInfomation
MIGetQuickTimeVersion
MIAudioSeekTo
MESavingStart
MESavingEnd
MESavingRelease
MISetDvdInfo
MISetAudioState
MESavingGetSampleRequirement
MESavingGetCurrVideoTime
MESavingUpdateVideo
MESavingGetCurrAudioTime
MIGetAudioData
MESavingUpdateAudio
MISetCurAudioStream
MISetCurVideoStream
MISetCurSubtitle
MIIsDvd
MPSetCurSubtitle
MIGetDvdInfo
MICalSelItemDuration
MIVideoSeekTo
MISetVideoState
MIGetVideoFrameData
MIGetMediaObjectInfo
MPPlaySetPosition
MPPlayStart
MPPlayFile
MPPlaySetStrechMode
MPPlayGetDuration
MPPlayRelease
MPPlayPause
MPGetTSStreamsInfo

udxpubtool

ord23
ord24
?CreateDIB@@YAPAXHHH@Z

umediainfo

MFI_OpenFile
MFI_GetProperty
MFI_GetFileInfo
MFI_Close

magpcmac

Mag0FSExpCreateExp
Mag0FSExpRelease
Mag0FSRRelease
Mag0FSExpCalculateFSRCreate

msvcr71

swscanf
wcslen
wcscat
_wcslwr
wcscpy
_except_handler3
free
??_V@YAXPAX@Z
_wtoi
_wsplitpath
_wcsicmp
_snwprintf
tolower
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
wcsncpy
_wcsnicmp
wcscmp
swprintf
wcschr
_itow
wcsstr
wcstok
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
iswdigit
vswprintf
wcsrchr
_ltow
atof
wcscspn
realloc
_stricmp
_cwprintf
fread
fseek
malloc
fclose
_wfopen
_wtol
_strnicmp
wcstod
wcsncmp
_wcsupr
_purecall
_wmakepath
_callnewh
memset
strchr
_ftol
iswalpha
_waccess
ftell
fwrite
rand
srand
time
memcmp
strlen
fgetws
fopen
atol
difftime
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
_controlfp
strncpy

arcmdm

CreateAMTManagerEx
ReleaseAMTManagerEx

psapi

EnumProcesses
GetModuleBaseNameA

magautotest

Mag0UninitTestMagWin
Mag0InitTestMagWin

magappframework

?ClearCallBacks@CMagCallbackMap@@IAEXXZ
??0CMagCallbackMap@@QAE@XZ
?RegisterCallBacks@CMagCallbackMap@@MAEXXZ
?InitCallBack@CMagCallbackMap@@QAEXPAVMagPanel@PubMagic@@@Z
??1CMagCallbackMap@@UAE@XZ

Sections

.text
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c4715d66be6c8746cd7727839c007ae9

Headers

File Characteristics

Imports

shell32

comdlg32

dsound

kernel32

user32

gdi32

advapi32

ole32

oleaut32

msvcp71

shlwapi

comctl32

magcore

magpltfm

maguiengine

maguiimage

maguiinter

imgctrl

toolsctrl

winmm

version

uezdll

extrasctrl

rawengine

umediaclub

udxpubtool

umediainfo

magpcmac

msvcr71

arcmdm

psapi

magautotest

magappframework

Sections

.text Size: 468KB - Virtual size: 467KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 128KB - Virtual size: 155KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 468KB - Virtual size: 467KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 128KB - Virtual size: 155KB

.rsrc
Size: 80KB - Virtual size: 80KB