b8644c05aed7834ef9a63a9c5006cfc83cd0ceb2a3d3a12364b7f80c867ba883

Sharing

Copy URL Twitter E-mail

General

Target

b8644c05aed7834ef9a63a9c5006cfc83cd0ceb2a3d3a12364b7f80c867ba883
Size

1.2MB
MD5

05cc0f7b1e23eabd4b30661af4e95a40
SHA1

a7b2e7e46f822828352b516eb167a8b56f68ed02
SHA256

b8644c05aed7834ef9a63a9c5006cfc83cd0ceb2a3d3a12364b7f80c867ba883
SHA512

282716b33477a36e3363358c464046d754fa554547b7a2e91cc0fd03c0d2052ed3246b7ef59122f9a02e2ffd842e8cf8438e5e53ddb66cee18b858d2d98a1563
SSDEEP

24576:NlQPxheuBDr8zsDtoN+2k30EqO0wohRIvLdYA3Wve2HICRT2PIT1m8dt6oyNv/fE:NlQPxheHetoN+2k30hwohB82HhRT2PIU

Score

N/A

Malware Config

Signatures

Files

b8644c05aed7834ef9a63a9c5006cfc83cd0ceb2a3d3a12364b7f80c867ba883
.exe windows x86

5cb3a071e412cbc83022dd7d347d9cb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetVolumeInformationA
GetCurrentDirectoryA
IsBadReadPtr
VirtualQuery
SetEvent
WaitForSingleObject
MapViewOfFile
CreateFileMappingA
GetSystemInfo
OpenEventA
GetVersionExA
OutputDebugStringA
_lcreat
_lopen
_lclose
_llseek
_lread
_lwrite
DeleteFileA
FindFirstFileA
GetTempPathA
CloseHandle
RaiseException
HeapFree
RtlUnwind
GetLastError
CreateDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
FindClose
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetFilePointer
GetCPInfo
GetDriveTypeA
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
CreateEventA
Sleep
ResetEvent
ExitThread
WaitForMultipleObjects
CreateThread
ExitProcess
HeapReAlloc
FindNextFileA
HeapAlloc
GetACP
GetTickCount
GetCurrentProcessId

user32

GetWindowTextA
SetWindowLongA
GetWindowLongA
AdjustWindowRectEx
SetWindowPos
GetWindowRect
GetMenu
GetSystemMetrics
DefWindowProcA
ShowWindow
DestroyWindow
LoadCursorA
RegisterClassA
CreateWindowExA
FillRect
UpdateWindow
SetFocus
CharNextA
WaitMessage
DispatchMessageA
CharPrevA
MessageBoxA
wsprintfA
SystemParametersInfoA
GetKeyboardLayout
PeekMessageA
TranslateMessage
LoadStringA
SetClassLongA
LoadIconA
PostQuitMessage
ClientToScreen
GetClientRect
SetRect
ShowCursor
GetKeyState

ole32

CoCreateInstance
CLSIDFromString
CoUninitialize
CoInitialize

dsound

ord1

winmm

mmioGetInfo
mmioSetInfo
mmioSeek
waveOutGetNumDevs
mmioOpenA
mmioDescend
mciSendCommandA
mmioRead
auxGetVolume
mmioAscend
mmioClose
timeSetEvent
timeKillEvent
timeGetTime
waveOutSetVolume
mmioAdvance
auxGetDevCapsA
waveOutGetVolume
auxGetNumDevs
auxSetVolume
waveOutGetDevCapsA

gdi32

DeleteObject
SelectObject
CreateFontIndirectA
GetStockObject
GetBitmapBits
SetStretchBltMode
SetBkColor
TextOutA
GetObjectA
GetTextExtentPoint32A
SetTextColor
DeleteDC
CreateCompatibleDC
StretchBlt
CreateCompatibleBitmap

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

ddraw

DirectDrawEnumerateA
DirectDrawCreate

avifil32

AVIStreamTimeToSample
AVIFileGetStream
AVIFileOpenA
AVIFileExit
AVIStreamRelease
AVIFileRelease
AVIFileInit
AVIStreamRead
AVIStreamSampleToTime
AVIStreamReadFormat
AVIStreamInfoA
AVIStreamStart
AVIStreamLength

msvfw32

ICSendMessage
ICDecompress
ICLocate
ICClose

Exports

Exports

?CDAPFN0506_CDAPFN0506_X_SafeDiskTestFunc@@3UCDAPFN_PROPERTIES@@A
?CDAPFN0506_SafeDiskTestFunc@@3UCDAPFN_PROPERTIES@@A

Sections

.text
Size: 1004KB - Virtual size: 1000KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5cb3a071e412cbc83022dd7d347d9cb1

Headers

File Characteristics

Imports

kernel32

user32

ole32

dsound

winmm

gdi32

advapi32

ddraw

avifil32

msvfw32

Exports

Exports

Sections

.text Size: 1004KB - Virtual size: 1000KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 72KB - Virtual size: 180KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 48KB - Virtual size: 48KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 1004KB - Virtual size: 1000KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 72KB - Virtual size: 180KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 48KB - Virtual size: 48KB

.rmnet
Size: 60KB - Virtual size: 60KB