dca2ae71608cf552a6fb3caae629adb3673ec45c4b33ac7e60f6a07aa9e96c59

Sharing

Copy URL

Twitter E-mail

General

Target

dca2ae71608cf552a6fb3caae629adb3673ec45c4b33ac7e60f6a07aa9e96c59
Size

529KB
MD5

3594c79f5d49960a6e913b7098b9b660
SHA1

cd59ef1cf2897a6608a8d58ed2860211db509876
SHA256

dca2ae71608cf552a6fb3caae629adb3673ec45c4b33ac7e60f6a07aa9e96c59
SHA512

177bbae73ab0301a22ba6e90e7be45695953347ca036c74ccbb8a01d65aff51285bf7fdeda8c370998eb3f139e8683955105c92b000573c402f083abb207a18c
SSDEEP

12288:hXfQNZrufCgivkmabDFit+hoordH6h2sWsiCCaWarCARxs3mI762cd1iENrSsPdu:FfyrOCdvraXAD9WUsz7d0QorSog

Score

N/A

Malware Config

Signatures

Files

dca2ae71608cf552a6fb3caae629adb3673ec45c4b33ac7e60f6a07aa9e96c59
.exe windows x86

29886ed5393e6577eecbcf8223593fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipDisposeImage
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipFree
GdipImageRotateFlip
GdiplusStartup
GdipCloneImage
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth

dsound

ord1

winmm

mmioAscend
mmioDescend
mmioOpenA
mmioSetInfo
mmioAdvance
mmioGetInfo
mmioRead
PlaySoundA
mmioClose

kernel32

FlushFileBuffers
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetCurrentDirectoryW
CreateFileA
PeekNamedPipe
GetFileInformationByHandle
GetModuleFileNameW
HeapSize
HeapReAlloc
HeapCreate
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
GetTickCount
FindFirstFileA
FindClose
DeleteFileA
RemoveDirectoryA
FindNextFileA
CopyFileA
GetLastError
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetVersionExA
Sleep
InitializeCriticalSection
QueryPerformanceFrequency
DeleteCriticalSection
ExitThread
GetCommandLineA
GetStdHandle
AllocConsole
WriteConsoleA
lstrcpyA
LoadLibraryW
GlobalLock
GlobalAlloc
LocalFree
FormatMessageA
WriteFile
SetFilePointer
GetFileType
SetHandleCount
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStartupInfoW
HeapSetInformation
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
DecodePointer
EncodePointer
GetFullPathNameA
GetDriveTypeW
CloseHandle
CreateThread
GetCurrentThreadId
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapAlloc
HeapFree
GetLocalTime
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetStdHandle
WriteConsoleW
SetEndOfFile
CompareStringW
GetProcessHeap
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
CreateFileW
GlobalUnlock
CreateDirectoryA
RtlUnwind

user32

PtInRect
MessageBoxA
IntersectRect
PostMessageA
UpdateWindow
MoveWindow
GetClientRect
GetDC
ShowWindow
GetWindowRect
FlashWindow
EndPaint
BeginPaint
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
ReleaseDC
DestroyWindow
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wvsprintfA
UnionRect
GetKeyState
SetRect
LoadIconA
LoadCursorA
RegisterClassExA
SystemParametersInfoA
OffsetRect

gdi32

BitBlt
GetTextExtentPoint32A
SetBkColor
CreateDIBSection
CreateCompatibleDC
SelectObject
SetBkMode
DeleteDC
GetDeviceCaps
TextOutA
CreateFontA
SetTextColor
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA
SHGetFolderPathA

ole32

CoInitialize
StringFromGUID2

shlwapi

PathAppendA

ws2_32

ntohs
inet_addr
gethostbyname
recv
__WSAFDIsSet
send
closesocket
WSAStartup
connect
htons
ioctlsocket
setsockopt
socket
WSAGetLastError
inet_ntoa
htonl
select

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29886ed5393e6577eecbcf8223593fc4

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

dsound

winmm

kernel32

user32

gdi32

comdlg32

shell32

ole32

shlwapi

ws2_32

Sections

.text Size: 365KB - Virtual size: 365KB

.rdata Size: 75KB - Virtual size: 74KB

.data Size: 12KB - Virtual size: 2.1MB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 72KB - Virtual size: 71KB

.text
Size: 365KB - Virtual size: 365KB

.rdata
Size: 75KB - Virtual size: 74KB

.data
Size: 12KB - Virtual size: 2.1MB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 72KB - Virtual size: 71KB