b3bf72b27d3e64ada3275f9bb391a5990bf2449ccdd8dfb13d4f036b5ae81109

Sharing

Copy URL

Twitter E-mail

General

Target

b3bf72b27d3e64ada3275f9bb391a5990bf2449ccdd8dfb13d4f036b5ae81109
Size

208KB
MD5

3ac6b31b21e1c4509e48f01f3411df53
SHA1

0218a31ddd7f2f06fe8679f28ad85fda7ddde7f2
SHA256

b3bf72b27d3e64ada3275f9bb391a5990bf2449ccdd8dfb13d4f036b5ae81109
SHA512

519677ed35ac72179d3535eea8fc3d3ca3408517eec534770355b0837aaab0d5c9b106a1b34bc78e7ada6f2f2634ff60fe1be515f73e2c194698365932d256ee
SSDEEP

6144:vRzoVpB4O78tNaYbCOBFyGqFtOVxoLnb7S9:doVpBXgyciLOVxoXW

Score

N/A

Malware Config

Signatures

Files

b3bf72b27d3e64ada3275f9bb391a5990bf2449ccdd8dfb13d4f036b5ae81109
.exe windows x86

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

WaitForUserPolicyForegroundProcessing
DeleteProfileA
RsopSetPolicySettingStatus
UnregisterGPNotification
UnloadUserProfile
WaitForMachinePolicyForegroundProcessing

winmm

SendDriverMessage
mixerSetControlDetails
waveInUnprepareHeader
mixerGetLineInfoW
waveInStart
waveInClose
waveInStop
mixerOpen
mixerGetID
OpenDriver
waveInReset
mixerGetControlDetailsW
mixerClose
waveInPrepareHeader
mixerGetLineControlsW
waveInOpen
waveInAddBuffer
waveInGetDevCapsW

user32

GetDlgItem
DefWindowProcW
ShowWindow
GetDC
TranslateMessage
LoadStringW
SetDlgItemTextW
CheckRadioButton
IsRectEmpty
CreateDialogParamW
GetAsyncKeyState
PeekMessageW
EnableWindow
IsWindowVisible
GetDesktopWindow
GetWindowLongW
DestroyWindow
SendMessageW
SetWindowLongW
GetClientRect
ReleaseDC
DispatchMessageW
LoadCursorW
CheckDlgButton
InvalidateRect
ClientToScreen
GetWindowRect
GetDlgItemInt
SetCursor
SetDlgItemInt
MoveWindow
IsWindow

kernel32

GetCurrentProcessId
InterlockedIncrement
GlobalFree
SetEndOfFile
ReleaseSemaphore
GlobalAlloc
GetTickCount
GetFileSize
GetFileAttributesW
GetTimeZoneInformation
GetDiskFreeSpaceW
CreateEventW
lstrcpynW
GetProcAddress
GetSystemDefaultLangID
lstrcmpW
WaitForMultipleObjects
GetProfileIntA
GetLocaleInfoA
MultiByteToWideChar
lstrlenA
QueryPerformanceCounter
SetThreadPriority
GetSystemTimeAsFileTime
GetModuleFileNameA
SetEvent
InterlockedExchange
IsBadReadPtr
CreateFileW
lstrlenW
WideCharToMultiByte
lstrcpyA
CreateIoCompletionPort
IsBadWritePtr
GetVersionExW
GetLastError
OutputDebugStringW
SetUnhandledExceptionFilter
DeleteFileW
WriteFile
IsBadCodePtr
PostQueuedCompletionStatus
GetProcessHeap
HeapFree
EnterCriticalSection
GetFullPathNameW
CreateThread
GetQueuedCompletionStatus
LeaveCriticalSection
WaitForSingleObject
GetCurrentProcess
GetSystemInfo
ResetEvent
GlobalUnlock
GlobalHandle
VirtualFree
GetACP
GlobalMemoryStatus
ReadFile
MulDiv
GetPrivateProfileStringW
GetThreadPriority
FreeLibrary
lstrcpyW
SetFilePointer
CreateSemaphoreW
lstrcmpiW
InterlockedDecrement
InitializeCriticalSection
GlobalLock
DeleteCriticalSection
GetCurrentThread
HeapAlloc
LoadLibraryW
CloseHandle

ole32

CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries
StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize

ncobjapi

WmiEventSourceDisconnect
WmiCommitObject
WmiCreateObjectWithProps
WmiAddObjectProp
WmiSetAndCommitObject
WmiDestroyObject
WmiCreateObjectWithFormat
WmiCreateObject
WmiIsObjectActive
WmiEventSourceConnect

gdi32

GetObjectW
GetTextExtentPoint32W
SelectObject
PatBlt
GetPaletteEntries
GetStockObject

nddeapi

NDdeIsValidAppTopicListW
NDdeGetShareSecurityA
NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetTrustedShareW
NDdeIsValidShareNameA
NDdeGetErrorStringA
NDdeIsValidAppTopicListA

msvfw32

ICSendMessage
ICDecompress
ICClose
ICLocate
ICGetInfo
ICOpen

usp10

ScriptGetCMap
ScriptGetFontProperties
ScriptGetGlyphABCWidth
ScriptFreeCache
ScriptApplyLogicalWidth
ScriptCacheGetHeight
ScriptCPtoX
ScriptBreak
LpkPresent

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8552f38505fc29f1b30b0ac4d03494c9

Headers

File Characteristics

Imports

userenv

winmm

user32

kernel32

ole32

ncobjapi

gdi32

nddeapi

msvfw32

usp10

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 28KB - Virtual size: 477KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 1024B - Virtual size: 904B

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 28KB - Virtual size: 477KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1024B - Virtual size: 904B