990385f5a4ddd64bbd0de5569ab8c042aa2dea2aceca549bf68c74849bc246ed

Sharing

Copy URL Twitter E-mail

General

Target

990385f5a4ddd64bbd0de5569ab8c042aa2dea2aceca549bf68c74849bc246ed
Size

484KB
MD5

121cc502f0549106905582976d806cf0
SHA1

3d7c66382eb21b277d28ebd3c0b96902df4d3962
SHA256

990385f5a4ddd64bbd0de5569ab8c042aa2dea2aceca549bf68c74849bc246ed
SHA512

fa9cc03554aedfd7023fb53423d16a4cd8287a63c6c518529442d4b9e2cc2cdb4c014e5f13ef64c55bf9324bd4bf228e4cc2340743592517d297cb8d406c2a30
SSDEEP

6144:75YEjQPeiy1cWGCpTEIqLmRwPEWYwQG44rOKkk+cIPoGf7AqJzj9PF:7hj71zGCpTE3CYfGkKJ9F

Score

N/A

Malware Config

Signatures

Files

990385f5a4ddd64bbd0de5569ab8c042aa2dea2aceca549bf68c74849bc246ed
.dll windows x86

5a203c132bc953f02e8901db5799857a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
PathIsURLW

kernel32

CloseHandle
TerminateThread
Sleep
DeleteCriticalSection
GetFileAttributesW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcatW
lstrcatA
QueryPerformanceCounter
FindClose
FindNextFileW
FindFirstFileW
LeaveCriticalSection
EnterCriticalSection
SetThreadPriority
DeleteFileW
MoveFileW
GetPrivateProfileStringA
lstrcpynW
InitializeCriticalSection
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetSystemInfo
GetProcAddress
GetVersionExA
LoadLibraryW
GetModuleHandleW
SetPriorityClass
WritePrivateProfileStringW
OpenProcess
GetLastError
WritePrivateProfileStringA
QueryPerformanceFrequency
lstrcpynA
CreateDirectoryW
GetModuleFileNameW
LockResource
LoadResource
FindResourceA
VirtualQuery
VirtualFree
VirtualAlloc
lstrlenW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
InterlockedCompareExchange
RaiseException
InterlockedExchange
LocalAlloc
lstrlenA
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
GetShortPathNameW
MultiByteToWideChar
GetPriorityClass
lstrcpyA

user32

CreatePopupMenu
TrackPopupMenu
FindWindowExA
CallWindowProcA
CharNextW
keybd_event
SetCursor
PostQuitMessage
TrackPopupMenuEx
IsWindowVisible
RegisterClassA
GetSysColor
GetSubMenu
DefWindowProcA
wsprintfW
GetWindow
CheckMenuItem
DestroyMenu
LoadIconA
LoadCursorA
RegisterClassW
CreateWindowExA
AdjustWindowRect
FindWindowA
GetClientRect
ClientToScreen
SetActiveWindow
SetForegroundWindow
OffsetRect
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindowThreadProcessId
PeekMessageA
TranslateMessage
DispatchMessageA
GetIconInfo
DestroyIcon
UnregisterClassA
SystemParametersInfoA
GetDC
ReleaseDC
SetWindowTextW
EndDialog
SetDlgItemTextW
SetFocus
GetWindowLongA
SetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
EnableWindow
DestroyWindow
EnumDisplaySettingsA
UnionRect
EqualRect
IntersectRect
DefWindowProcW
GetCursorPos
PostMessageA
GetFocus
GetParent
SendDlgItemMessageA
GetKeyState
SendMessageA
SendMessageW
CloseClipboard
GetWindowTextA
SetWindowTextA
CheckDlgButton
GetWindowTextW
MessageBoxW
GetDlgItem
ShowWindow
SetRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData

gdi32

CreateFontW
EnumFontsA
CreateFontA
CreateFontIndirectA
GetDIBits
GetDCOrgEx
GetClipBox
GetStockObject
DeleteObject

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetMalloc
SHGetDesktopFolder
ShellExecuteExA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteW

msvcr90

_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
memmove
atof
isdigit
atoi
calloc
toupper
strtoul
isspace
isalnum
_strnicmp
realloc
asin
atan
ceil
_atoi_l
_except_handler3
_swscanf_l
acos
__vswprintf_l
strncpy
_purecall
strncpy_s
memcmp
_wcsicmp
strcpy
ftell
fgets
rand
fprintf
wcsncmp
swscanf
strcmp
_beginthreadex
fread
fseek
strncmp
sscanf
_endthreadex
_wcsnicmp
_sscanf_l
_wfopen
fgetc
fclose
wcscpy
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
_strdup
_initterm
sprintf
??_V@YAXPAX@Z
__clean_type_info_names_internal
_stricmp
srand
_vsnwprintf
malloc
free
wcsrchr
strrchr
strchr
_vswprintf
pow
??3@YAXPAX@Z
wcscmp
wcsncpy
??2@YAPAXI@Z
__CxxFrameHandler3
strlen
wcslen
strstr
fabs
atan2
cos
exp
floor
log
sin
sqrt
_controlfp
memcpy
memset
??_U@YAPAXI@Z

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

Exports

Exports

winampVisGetHeader

Sections

.text
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a203c132bc953f02e8901db5799857a

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

msvcr90

winmm

Exports

Exports

Sections

.text Size: 235KB - Virtual size: 235KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 7KB - Virtual size: 4.2MB

.rsrc Size: 132KB - Virtual size: 132KB

.reloc Size: 26KB - Virtual size: 25KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 235KB - Virtual size: 235KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 7KB - Virtual size: 4.2MB

.rsrc
Size: 132KB - Virtual size: 132KB

.reloc
Size: 26KB - Virtual size: 25KB

.rmnet
Size: 56KB - Virtual size: 60KB