d32988d489cb5da3b30f77e5d4697f1a0126a04beaf324e8808a48a26e26bfc1

Sharing

Copy URL Twitter E-mail

General

Target

d32988d489cb5da3b30f77e5d4697f1a0126a04beaf324e8808a48a26e26bfc1
Size

961KB
MD5

56d1599f9a0cbbb62c5fdf95f4bfb69e
SHA1

6c0755732dfa0966f998fbdff2b66a613239fc1e
SHA256

d32988d489cb5da3b30f77e5d4697f1a0126a04beaf324e8808a48a26e26bfc1
SHA512

2d201ca30ebec90c0a7f794cefc38216ba67cd122a5390aac0dace891c1b206f57b5c8a3953604234e07a245ab5be2ce0f75ea19915a229b321fd3b6727438a1
SSDEEP

24576:RwMg47hrMecYnSpT7ympx4DyeYQvWBiyQqquylflVMz:OMEecZxg594quc+

Score

N/A

Malware Config

Signatures

Files

d32988d489cb5da3b30f77e5d4697f1a0126a04beaf324e8808a48a26e26bfc1
.dll windows x86

db57e0b0607afb5b7f773fdcef37f429

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

comdlg32

GetSaveFileNameA

winmm

sndPlaySoundA

wsock32

WSACleanup

Exports

Exports

caoniba
caonidi
caonigong
caonijie
caonijiu
caonilao
caonima
caonimei
caonimu
caoninai
caonishu
caoniye
caonizu

Sections

CODE
Size: - Virtual size: 597KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 291B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp2
Size: 954KB - Virtual size: 954KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db57e0b0607afb5b7f773fdcef37f429

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

comctl32

comdlg32

winmm

wsock32

Exports

Exports

Sections

CODE Size: - Virtual size: 597KB

DATA Size: - Virtual size: 12KB

BSS Size: - Virtual size: 16KB

.idata Size: - Virtual size: 9KB

.edata Size: - Virtual size: 291B

.vmp0 Size: - Virtual size: 46KB

.rsrc Size: 5KB - Virtual size: 107KB

.vmp1 Size: - Virtual size: 517KB

.vmp2 Size: 954KB - Virtual size: 954KB

.reloc Size: 512B - Virtual size: 108B

CODE
Size: - Virtual size: 597KB

DATA
Size: - Virtual size: 12KB

BSS
Size: - Virtual size: 16KB

.idata
Size: - Virtual size: 9KB

.edata
Size: - Virtual size: 291B

.vmp0
Size: - Virtual size: 46KB

.rsrc
Size: 5KB - Virtual size: 107KB

.vmp1
Size: - Virtual size: 517KB

.vmp2
Size: 954KB - Virtual size: 954KB

.reloc
Size: 512B - Virtual size: 108B