020801cff22c091688d651cea9cfe04713cda97bec0bacd6a5acc479580521a6

Sharing

Copy URL Twitter E-mail

General

Target

020801cff22c091688d651cea9cfe04713cda97bec0bacd6a5acc479580521a6
Size

180KB
MD5

bd5d912a77facf871b5d1df97949ead5
SHA1

d5ba212ec5d08c66660d4e097a245759801d6708
SHA256

020801cff22c091688d651cea9cfe04713cda97bec0bacd6a5acc479580521a6
SHA512

1c0bb4f0a6b078ef058e7377db6465734e14213eadbb55eae8be74bffabeeb84f0bdf1aa3eb599471d17997b884a03fa82f1babef0263f13c7aac366f8395796
SSDEEP

3072:FDuo1LfMTTrkwzmlKrWfsFjWa9QQzRn+klwWWsbn:FDuoLfhwSll4RYW

Score

N/A

Malware Config

Signatures

Files

020801cff22c091688d651cea9cfe04713cda97bec0bacd6a5acc479580521a6
.dll windows x86

b9020cad9184c4bb6f00474f7b649210

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
WritePrivateProfileStringA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
GetFileType
GetStdHandle
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
SetLastError
GetVersion
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
DeleteFileA
GetCurrentThreadId
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
OutputDebugStringA
GetDiskFreeSpaceA
WriteFile
GetModuleHandleA
GetModuleFileNameA
CreatePipe
CreateProcessA
WaitForSingleObject
PeekNamedPipe
CloseHandle
ReadFile
Sleep
GetTempPathA
SetStdHandle

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
SystemParametersInfoA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
IsIconic
GetWindowPlacement
SendMessageA
PostMessageA
PostQuitMessage
GetSystemMetrics
CharUpperA
wsprintfA
GetMenuState

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

avformat

ord297
ord52
ord42
ord33
ord18
ord139
ord296
ord25
ord306
ord57
ord43
ord28
ord55
ord63
ord40
ord38
ord22
ord309
ord32
ord19
ord20
ord81
ord61
ord311
ord48
ord46
ord62
ord17

avcodec

ord640
ord613
ord636
ord634
ord581
ord606
ord654
ord598
ord2066
ord599
ord630
ord660
ord658
ord657
ord597
ord604
ord568
ord573
ord621
ord576
ord620
ord622
ord593
ord629
ord631
ord570
ord641
ord656
ord582
ord2065
ord614
ord569
ord2063
ord618
ord633
ord646
ord635

avutil

ord26
ord21
ord29
ord30
ord53
ord41
ord23
ord60
ord42
ord24
ord52
ord27
ord50
ord35
ord61
ord14
ord62

Exports

Exports

AudioConvert
AudioPause
AudioReStart
AudioStop
DVDAudioConvert
GetAudioHeaderInfo
WAVAudioConvert
WAVGetSectorNum
WavGetSize

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9020cad9184c4bb6f00474f7b649210

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

avformat

avcodec

avutil

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 16KB - Virtual size: 13KB