c9979fbc35f7bd5dde41c3f66525b58e6400c46251810b8ed300c589a9d3e9d0

Sharing

Copy URL

Twitter E-mail

General

Target

c9979fbc35f7bd5dde41c3f66525b58e6400c46251810b8ed300c589a9d3e9d0
Size

4.8MB
MD5

0d5877818eae22b4ece1884f68964eee
SHA1

7df64650c43e0309d9d8a9342fa10aa024ab1289
SHA256

c9979fbc35f7bd5dde41c3f66525b58e6400c46251810b8ed300c589a9d3e9d0
SHA512

3067839f1ebe6db23b1e362de332e874e50cfa50a0fbcb19a253f8933e79cf1d34f7577eea608eaa2d57cfeaf1d69f4897552a3ad943c94644240107f7bc8ab8
SSDEEP

24576:QgXWc099oY5IdmtP21xhMbeRs2co3ctvcUd/ZwiP4zwzJgXgMtSQ:qc09KYi6mMY33ctFd/ZVLJ2

Score

N/A

Malware Config

Signatures

Files

c9979fbc35f7bd5dde41c3f66525b58e6400c46251810b8ed300c589a9d3e9d0
.exe windows x86

eda7a3913b280c27d0247b936c3dc47d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetLogicalDriveStringsA
InterlockedExchange
Sleep
GetTickCount
GetDiskFreeSpaceA
LoadLibraryA
GetModuleHandleA
_lread
_lopen
FindClose
GetCurrentDirectoryA
FindResourceA
GlobalFree
GlobalAlloc
_lclose
LoadResource
GlobalLock
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
HeapAlloc
LockResource
DeleteFileA
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetCurrentProcess
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
SetPriorityClass
GetCurrentThread
SetThreadPriority
FindNextFileA
FindFirstFileA
HeapFree
ReadFile
SetFilePointer
GetLocalTime
UnmapViewOfFile
CreateFileA
CreateFileMappingA
MapViewOfFile
OutputDebugStringA
OpenMutexA
CloseHandle
CreateMutexA
MultiByteToWideChar
GetLastError
FormatMessageA
GetVersionExA
GlobalMemoryStatus
GetComputerNameA
GetSystemTime
SetErrorMode
GetSystemInfo
UnhandledExceptionFilter
GetPriorityClass
GetThreadPriority
GetModuleFileNameA
TerminateProcess
GlobalHandle
GlobalUnlock

user32

GetParent
ClientToScreen
GetClientRect
SystemParametersInfoA
GetCursorPos
DestroyIcon
DestroyCursor
LoadImageA
LoadCursorFromFileA
LoadIconA
PostQuitMessage
GetUpdateRect
ValidateRect
SetCapture
ReleaseCapture
SetCursor
GetDC
ReleaseDC
DefWindowProcA
PeekMessageA
ShowWindow
GetKeyboardType
TranslateMessage
RegisterClassA
GetWindowRect
SetCursorPos
CreateDialogParamA
DialogBoxParamA
SendDlgItemMessageA
GetDlgItem
SetFocus
GetDlgItemTextA
EndDialog
KillTimer
FlashWindow
SetTimer
LoadCursorA
wsprintfA
DestroyWindow
GetSystemMetrics
CreateWindowExA
SendMessageA
DrawTextA
IsWindow
IsDialogMessageA
DispatchMessageA
SetWindowTextA
SetWindowPos
MessageBoxA
GetUpdateRgn
SetDlgItemTextA

gdi32

CreateRectRgn
GetRegionData
DeleteObject
CreateFontIndirectA
GetStockObject
SetTextColor
SetBkColor
SetBkMode
TextOutA
SelectObject
SetViewportOrgEx
SetSystemPaletteUse
GetSystemPaletteEntries
SelectPalette
AnimatePalette
SetDIBColorTable
RealizePalette
GetBkMode
GetBkColor
GetTextColor
CreateCompatibleDC
DeleteDC
CreateDIBSection
StretchDIBits
CreatePalette
BitBlt
GetObjectA
GetSystemPaletteUse
SetPixel
GetPixel
GdiFlush
GetDeviceCaps

advapi32

RegFlushKey
RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
GetUserNameA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

DragAcceptFiles
Shell_NotifyIconA
DragQueryFileA

ole32

CoCreateInstance
CoInitialize

winmm

mmioSetInfo
timeSetEvent
timeKillEvent
midiOutGetDevCapsA
midiOutGetNumDevs
midiOutGetVolume
midiOutSetVolume
mciSendStringA
mmioClose
mmioAscend
mmioRead
mmioDescend
mmioOpenA
mmioSeek
timeGetTime
mmioAdvance
mmioGetInfo
mmioWrite
mmioCreateChunk
timeBeginPeriod
timeEndPeriod

dinput

DirectInputCreateA

dplayx

ord1
ord2

dsound

DirectSoundEnumerateA
DirectSoundCreate

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODESEG
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATASEG
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eda7a3913b280c27d0247b936c3dc47d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comdlg32

shell32

ole32

winmm

dinput

dplayx

dsound

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

CODESEG Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 214KB - Virtual size: 3.7MB

DATASEG Size: 1024B - Virtual size: 720B

.rsrc Size: 27KB - Virtual size: 27KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 1.6MB - Virtual size: 1.6MB

CODESEG
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 214KB - Virtual size: 3.7MB

DATASEG
Size: 1024B - Virtual size: 720B

.rsrc
Size: 27KB - Virtual size: 27KB

.rmnet
Size: 56KB - Virtual size: 60KB