d3ad45cbf5e9de12dacf3507dcbd8de803736e770ecaedc58c9ae3a3b22f8594

Sharing

Copy URL Twitter E-mail

General

Target

d3ad45cbf5e9de12dacf3507dcbd8de803736e770ecaedc58c9ae3a3b22f8594
Size

991KB
MD5

a23bcbd0e7f714e1dc35fcb25ee0e0c9
SHA1

de02add4ae2009ce2cba281ffea6f30e8f4d7906
SHA256

d3ad45cbf5e9de12dacf3507dcbd8de803736e770ecaedc58c9ae3a3b22f8594
SHA512

16cde3215eb99ec4cc3ba14943c6efc0c55423b00d9748054c74a667dde2e4ac9872ffa5bb87a55451d641f9555f28fc9b371443219542ef66e9ddf2a5154d2e
SSDEEP

12288:DiyDfxVw7V0Uk591V7AIG9EVAN+aYvEaxaRK9JNBM5VyWHDEuQjq1LfS1kOR3kkn:myLxVEV0UM5Ab9EVaYvEaxa6eVhHDTp

Score

N/A

Malware Config

Signatures

Files

d3ad45cbf5e9de12dacf3507dcbd8de803736e770ecaedc58c9ae3a3b22f8594
.dll windows x86

8ea6df1f01961a3991fafc27415082d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutUnprepareHeader
midiStreamOut
midiOutMessage
timeGetSystemTime
midiOutShortMsg
mmioClose
midiOutGetVolume
waveOutReset
mmioStringToFOURCCW
midiInStop
waveOutGetVolume
mixerGetID
auxGetNumDevs
waveInAddBuffer
waveOutOpen
midiOutUnprepareHeader
midiInClose
waveInPrepareHeader
timeGetTime
midiOutLongMsg
waveInOpen
mciGetDeviceIDFromElementIDW
WOW32DriverCallback
mmioInstallIOProcW
timeEndPeriod
mmioWrite
midiOutGetDevCapsW

comctl32

DestroyPropertySheetPage
ShowHideMenuCtl
FlatSB_GetScrollPos
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_Remove
ImageList_Read
ImageList_SetBkColor
ImageList_GetImageInfo
DrawStatusTextW
GetMUILanguage
ImageList_AddIcon
ImageList_Duplicate
LBItemFromPt
InitMUILanguage
UninitializeFlatSB

shlwapi

StrCSpnIW
PathAddBackslashA
SHRegisterValidateTemplate
StrFormatByteSize64A
SHDeleteValueW
SHRegGetPathA
SHSetValueA
UrlCanonicalizeW
ChrCmpIA
PathQuoteSpacesW
SHRegQueryInfoUSKeyW
PathSetDlgItemPathA
PathRenameExtensionA
StrRStrIA
SHQueryInfoKeyA
StrCmpNA
SHOpenRegStreamA
PathIsSameRootW
SHRegCreateUSKeyW
SHRegDeleteEmptyUSKeyW
wvnsprintfW
SHEnumKeyExA
StrTrimW
PathFindSuffixArrayW
SHRegEnumUSKeyA
SHIsLowMemoryMachine
SHRegDuplicateHKey
SHDeleteEmptyKeyW
SHRegQueryUSValueA
PathUnquoteSpacesW
SHCopyKeyA

kernel32

FileTimeToSystemTime
GetFileInformationByHandle
InterlockedCompareExchange
CallNamedPipeW
CreateFileMappingA
GetModuleFileNameW
GetProcessPriorityBoost
DeleteFileW

secur32

LsaRegisterPolicyChangeNotification
SaslGetProfilePackageW
InitializeSecurityContextW
SealMessage
AddCredentialsW
SaslInitializeSecurityContextA
LsaEnumerateLogonSessions
DecryptMessage
EncryptMessage
QueryContextAttributesW
LsaRegisterLogonProcess
DeleteSecurityPackageA
ApplyControlToken
GetComputerObjectNameW
QueryCredentialsAttributesA
AcquireCredentialsHandleA
LsaCallAuthenticationPackage
TranslateNameW
LsaFreeReturnBuffer
ImportSecurityContextA
InitializeSecurityContextA
LsaLookupAuthenticationPackage
UnsealMessage
QueryCredentialsAttributesW
LsaLogonUser

Exports

Exports

@@Land@Finalize
@@Land@Initialize
CPlApplet
_AppletModule1AppletModule
___CPPdebugHook

Sections

.text
Size: 600KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.arch
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 902KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ea6df1f01961a3991fafc27415082d7

Headers

File Characteristics

Imports

winmm

comctl32

shlwapi

kernel32

secur32

Exports

Exports

Sections

.text Size: 600KB - Virtual size: 599KB

.arch Size: 13KB - Virtual size: 13KB

.data Size: 51KB - Virtual size: 902KB

.rdata Size: 11KB - Virtual size: 11KB

.rsrc Size: 308KB - Virtual size: 307KB

.reloc Size: 6KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.text
Size: 600KB - Virtual size: 599KB

.arch
Size: 13KB - Virtual size: 13KB

.data
Size: 51KB - Virtual size: 902KB

.rdata
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 308KB - Virtual size: 307KB

.reloc
Size: 6KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB