b395e2d868af49aa0495332b9f2d0c18c03f3f74b1946a917684a70046216e2f

Sharing

Copy URL Twitter E-mail

General

Target

b395e2d868af49aa0495332b9f2d0c18c03f3f74b1946a917684a70046216e2f
Size

324KB
MD5

8fe6da40b60dfa327213b417c2febb25
SHA1

c682c0cf9a456f29a55fe575a0727c309d849e9b
SHA256

b395e2d868af49aa0495332b9f2d0c18c03f3f74b1946a917684a70046216e2f
SHA512

3d3ee9ed4d35ae79c939531521b5cbfdfc657373a3e401e4d429c8d68db186b12e6050e6c23381991c098beb770a1884bd9bd673aa15e589725af85c6b690c1d
SSDEEP

6144:SHx0iqWXbhRhD/bl78xdZEeu6hw5odMEHI2V50bF:EtbL/gxdZEeu6hPDHrm

Score

N/A

Malware Config

Signatures

Files

b395e2d868af49aa0495332b9f2d0c18c03f3f74b1946a917684a70046216e2f
.exe windows x86

6bdde18e46621c8d953a24748ed57957

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutClose
waveOutOpen
waveOutGetErrorTextA
waveOutPrepareHeader

msvfw32

DrawDibEnd
DrawDibClose
DrawDibOpen
DrawDibBegin
DrawDibDraw

mfc42

ord2581
ord4401
ord3639
ord692
ord2450
ord5789
ord5785
ord924
ord2860
ord6215
ord1200
ord2818
ord5148
ord801
ord541
ord3920
ord2380
ord5861
ord6143
ord923
ord6663
ord6283
ord6282
ord2764
ord4234
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord641
ord326
ord3701
ord500
ord772
ord324
ord325
ord6142
ord4224
ord6197
ord6379
ord922
ord4710
ord2078
ord2243
ord2099
ord3874
ord4123
ord2642
ord5860
ord1168
ord3706
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord1134
ord3092
ord6199
ord6270
ord4538
ord4694
ord4220
ord2584
ord3654
ord2438
ord2863
ord1644
ord1146
ord1949
ord818
ord2152
ord1233
ord3810
ord1175
ord920
ord6458
ord5440
ord6383
ord4219
ord6394
ord2917
ord2803
ord958
ord6312
ord4177
ord3318
ord6010
ord5773
ord2601
ord3180
ord3183
ord3176
ord3507
ord3614
ord665
ord354
ord3742
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5282
ord2649
ord1665
ord4436
ord4427
ord3623
ord674
ord366
ord6380
ord4457
ord3573
ord5873
ord2092
ord5237
ord2448
ord6880
ord5678
ord5736
ord2827
ord941
ord5572
ord2841
ord2784
ord4129
ord4202
ord5856
ord4277
ord2754
ord940
ord2753
ord2763
ord4278
ord6662
ord5834
ord2044
ord2107
ord2567
ord5787
ord283
ord2688
ord3721
ord795
ord2302
ord3873
ord2256
ord1948
ord5303
ord4699
ord5715
ord817
ord518
ord565
ord2726
ord4226
ord4204
ord3499
ord2515
ord355
ord1576
ord6883
ord616
ord2370
ord3317
ord3876
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2024
ord2413
ord6366
ord1771
ord537
ord656
ord3610
ord4407
ord1088
ord6358
ord2122
ord2864
ord2379
ord4284
ord4275
ord809
ord567
ord556
ord609
ord3402
ord5277
ord5290
ord2575
ord823
ord470
ord323
ord1640
ord6648
ord926
ord939
ord5875
ord6172
ord2405
ord640
ord755
ord535
ord2859
ord2915
ord858
ord2414
ord3626
ord3663
ord825
ord540
ord1641
ord860
ord800
ord3619
ord3571
ord3574
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4396
ord1776
ord4078
ord6055
ord5450

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
fwrite
time
srand
rand
fopen
fclose
_cwait
_read
_lseek
_open
_close
_strdup
_getpid
perror
memmove
strchr
strrchr
exit
__CxxFrameHandler
malloc
_setmbcp
atoi
_ftol
strlen
sprintf
memset
_access
strcpy
atol
strcmp
memcpy
strstr
strncpy
putchar
printf
fflush
_iob
_tell
free
floor
_purecall
sscanf
_errno
fprintf
getenv
signal

kernel32

LocalFree
LocalAlloc
GetFileType
PurgeComm
GetOverlappedResult
WaitForMultipleObjects
WriteFile
GetCommState
WaitCommEvent
ClearCommError
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
GetCurrentThreadId
ResetEvent
GetVersionExA
FormatMessageA
GetModuleHandleA
GetStartupInfoA
GetCommProperties
GetCommMask
GetCommTimeouts
SetCommTimeouts
SetCommState
SetupComm
ExitThread
CreateEventA
CreateThread
SetThreadPriority
SetEvent
Sleep
WaitForSingleObject
GetVersion
OutputDebugStringA
SetCurrentDirectoryA
GetCurrentDirectoryA
DeleteFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalReAlloc
GetFullPathNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
ReleaseMutex
SetCommMask
TerminateThread
CreateMutexA
GetLastError

user32

LoadCursorA
DefWindowProcA
PostQuitMessage
DestroyWindow
SetWindowPos
SetWindowLongA
MoveWindow
PostThreadMessageA
MsgWaitForMultipleObjects
PeekMessageA
wvsprintfA
GetSysColor
EqualRect
CopyIcon
SetCursor
ScreenToClient
IsWindowVisible
LoadBitmapA
GetWindow
FillRect
BringWindowToTop
TranslateMessage
DispatchMessageA
wsprintfA
SetActiveWindow
DrawAnimatedRects
SetParent
FindWindowA
EnumChildWindows
SystemParametersInfoA
GetClassNameA
SetForegroundWindow
RegisterClassA
GetMenuItemID
SetMenuDefaultItem
IsWindow
RegisterWindowMessageA
LoadIconA
UpdateWindow
IsIconic
LoadMenuA
GetSubMenu
EnableMenuItem
DrawIcon
GetCursorPos
MessageBoxA
SetWindowRgn
LoadImageA
SetRect
PtInRect
OffsetRect
GetSystemMetrics
CopyRect
GetActiveWindow
GetParent
GetCapture
SetCapture
ClientToScreen
WindowFromPoint
ReleaseCapture
GetWindowLongA
SendMessageA
EnableWindow
GetWindowRect
DrawTextA
KillTimer
CreateWindowExA
ShowWindow
TrackPopupMenu
GetMessageA
GetClientRect
GetDC
SetTimer
InvalidateRect
ReleaseDC
PostMessageA
RedrawWindow

gdi32

PatBlt
CreateBitmap
CreateSolidBrush
FillRgn
FrameRgn
CreateRoundRectRgn
CreatePolygonRgn
SetTextColor
SetBkMode
SetTextAlign
TextOutA
CreateFontA
GetPixel
CreateHatchBrush
CreateRectRgn
CreateCompatibleBitmap
CreateDIBSection
ExtCreateRegion
CombineRgn
DeleteObject
DeleteDC
GetTextColor
GetCurrentObject
CreateCompatibleDC
SelectObject
BitBlt
GetTextExtentPoint32A
GetStockObject
GetObjectA
CreateFontIndirectA
StretchBlt

comdlg32

GetOpenFileNameA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA
SHAppBarMessage

comctl32

UninitializeFlatSB
FlatSB_SetScrollProp
FlatSB_EnableScrollBar
InitializeFlatSB

ole32

CreateStreamOnHGlobal

olepro32

ord251

wsock32

send
recv
getservbyport
ntohs
ntohl
connect
select
gethostbyaddr
getservbyname
gethostname
ioctlsocket
gethostbyname
htonl
inet_addr
socket
WSAGetLastError
htons
closesocket
WSACleanup
WSAStartup

Exports

Exports

strdup

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6bdde18e46621c8d953a24748ed57957

Headers

File Characteristics

Imports

winmm

msvfw32

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

ole32

olepro32

wsock32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 80KB - Virtual size: 391KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 80KB - Virtual size: 391KB

.rsrc
Size: 40KB - Virtual size: 40KB