9425dedfa937d0db01d87734065b92247380c0d677bee40bdcdcdd811e397114

Sharing

Copy URL

Twitter E-mail

General

Target

9425dedfa937d0db01d87734065b92247380c0d677bee40bdcdcdd811e397114
Size

556KB
MD5

440a268423babb6ef4e7389a9d782b20
SHA1

53a663b3a14e079fe2e3a80b56024dd47656a6d5
SHA256

9425dedfa937d0db01d87734065b92247380c0d677bee40bdcdcdd811e397114
SHA512

555a4e775d38a0411bbb3eaebc2b2df7838eaceb500f144fc51e268835e6a3e999942bdc629898d164c1c9eb3a43ed50d2144fa7b40a7930eae1f9de65850de7
SSDEEP

12288:is+rkQV0yK9KynMREf2OPSBUEskY2XYzfE/AdPaGH:iPwd2DBJ3Y2XMCAdPaGH

Score

N/A

Malware Config

Signatures

Files

9425dedfa937d0db01d87734065b92247380c0d677bee40bdcdcdd811e397114
.exe windows x86

3906abd2ccacadeed058d053c11e9021

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc
GdipDisposeImage
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipFree
GdiplusStartup
GdipCloneImage
GdipCreateBitmapFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth

dsound

ord1

winmm

mmioClose
mmioDescend
mmioAdvance
mmioGetInfo
PlaySoundA
mmioAscend
mmioRead
mmioSetInfo
mmioOpenA

kernel32

IsValidCodePage
GetOEMCP
GetCPInfo
LoadLibraryA
FlushFileBuffers
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
SetStdHandle
CreateFileA
FreeEnvironmentStringsA
GetModuleFileNameA
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetConsoleMode
GetConsoleCP
GetTickCount
FindFirstFileA
FindClose
DeleteFileA
RemoveDirectoryA
FindNextFileA
GetLastError
MultiByteToWideChar
lstrlenA
LeaveCriticalSection
EnterCriticalSection
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
Sleep
ExitThread
GetCommandLineA
CopyFileA
GetStdHandle
AllocConsole
WriteConsoleA
lstrcpyA
GetConsoleOutputCP
GlobalLock
GlobalAlloc
LocalFree
FormatMessageA
WideCharToMultiByte
WriteFile
SetFilePointer
GetFileType
SetHandleCount
ReadFile
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetSystemTimeAsFileTime
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetProcessHeap
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
CloseHandle
CreateThread
GetCurrentThreadId
HeapReAlloc
HeapAlloc
HeapFree
GetLocalTime
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
CreateDirectoryA
RtlUnwind
GetVersionExA
GetThreadLocale
GetLocaleInfoA
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GlobalUnlock
GetACP
InterlockedExchange

user32

FlashWindow
ReleaseDC
GetDC
PtInRect
IntersectRect
MessageBoxA
PostMessageA
UpdateWindow
MoveWindow
GetClientRect
DestroyWindow
ShowWindow
GetWindowRect
EndPaint
BeginPaint
DefWindowProcA
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
SystemParametersInfoA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
wvsprintfA
UnionRect
GetKeyState
SetRect
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

BitBlt
GetTextExtentPoint32A
SetBkColor
SetTextColor
CreateDIBSection
SelectObject
SetBkMode
DeleteDC
GetDeviceCaps
TextOutA
CreateFontA
CreateCompatibleDC
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA

ole32

CoInitialize
StringFromGUID2

ws2_32

inet_addr
gethostbyname
htons
connect
ioctlsocket
ntohs
select
__WSAFDIsSet
send
closesocket
WSAStartup
setsockopt
socket
WSAGetLastError
inet_ntoa
htonl
recv

Sections

.text
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3906abd2ccacadeed058d053c11e9021

Headers

File Characteristics

Imports

gdiplus

dsound

winmm

kernel32

user32

gdi32

comdlg32

shell32

ole32

ws2_32

Sections

.text Size: 420KB - Virtual size: 417KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 16KB - Virtual size: 2.1MB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 420KB - Virtual size: 417KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 16KB - Virtual size: 2.1MB

.rsrc
Size: 40KB - Virtual size: 39KB