0436ae08b543ce56649443ec4546feaec3de1e647efea7897334e09f5cd0c3de

Sharing

Copy URL Twitter E-mail

General

Target

0436ae08b543ce56649443ec4546feaec3de1e647efea7897334e09f5cd0c3de
Size

144KB
MD5

7e674c308898c04a6581db4ca5c1c4dc
SHA1

0b2fa5b726a3dfd56dd8579fe3144d6ea4e9496e
SHA256

0436ae08b543ce56649443ec4546feaec3de1e647efea7897334e09f5cd0c3de
SHA512

d9345bf2cd011da22a43a536b3fcba476da09a8c7428cec0ce2b2bc655144f744ae78c96dd85e4ef217109d85e2559ba7db60994480f2e7c5624840ba83e6d71
SSDEEP

3072:FpPqmxs3c+xgvZk12VEk2EYfBP1vd60+ZIcXnby2LzN5vlD9+vbYYE:nymxs31gfUE6tvd60+ZIchPve

Score

N/A

Malware Config

Signatures

Files

0436ae08b543ce56649443ec4546feaec3de1e647efea7897334e09f5cd0c3de
.dll windows x86

ed19822b54f4cd0df5a89beb2a2ab91f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wmvcore

WMCreateWriter
WMCreateProfileManager
WMCreateReader

mfc42

ord5300
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2818
ord1200
ord823
ord922
ord939
ord941
ord5302
ord2725
ord656
ord609
ord2514
ord6467
ord2645
ord5265
ord4376
ord4853
ord4998
ord6052
ord1775
ord5280
ord4425
ord3597
ord4407
ord3610
ord2575
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord3346
ord772
ord641
ord1089
ord5261
ord2446
ord2124
ord5277
ord3402
ord4627
ord3574
ord567
ord500
ord324
ord2370
ord2302
ord4234
ord6334
ord6197
ord5860
ord6215
ord2860
ord2078
ord6880
ord665
ord858
ord2820
ord547
ord3180
ord354
ord6779
ord4710
ord6453
ord795
ord692
ord1771
ord825
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord3721
ord2301
ord2339
ord3092
ord6199
ord4129
ord3874
ord3797
ord535
ord940
ord3803
ord3317
ord2864
ord909
ord4185
ord696
ord801
ord6883
ord2614
ord1168
ord394
ord541
ord3435
ord3663
ord5440
ord6383
ord5450
ord6394
ord1228
ord537
ord540
ord2396
ord5199
ord2512
ord3922
ord5731
ord6375
ord2554
ord4486
ord5194
ord4274
ord533
ord2808
ord5778
ord6407
ord860
ord1997
ord798
ord5065
ord800
ord1727
ord6376
ord3749
ord6366
ord1243
ord1197
ord1176
ord1575
ord1570
ord1182
ord342
ord1577
ord826
ord600
ord269
ord1116
ord1578
ord1255
ord1253

msvcrt

wcslen
malloc
realloc
memmove
_mbscmp
wcsstr
wcspbrk
_mbsicmp
atoi
isdigit
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_CxxThrowException
_ftol
_initterm
_adjust_fdiv
_strcmpi
_purecall
__CxxFrameHandler

kernel32

WaitForSingleObject
ResetEvent
DeleteFileA
InterlockedIncrement
Beep
WideCharToMultiByte
CloseHandle
CreateEventA
GetFileTime
MultiByteToWideChar
CreateFileA
GetLastError
GetFileSize
LockResource
LoadResource
MulDiv
FindResourceA
LocalFree
SizeofResource
LocalAlloc
SetEvent
InterlockedDecrement

user32

GetWindowTextA
GetWindow
GetClassNameA
SendMessageA
wsprintfA
GetClientRect
GetWindowRect
GetWindowLongA
AdjustWindowRect
IsWindow
MessageBoxA
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
SetWindowLongA
SetWindowTextA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

Exports

Exports

NERO_PLUGIN_GetPrimaryAudioObject
NERO_PLUGIN_ReadyToFinish

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed19822b54f4cd0df5a89beb2a2ab91f

Headers

File Characteristics

Imports

wmvcore

mfc42

msvcrt

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 68KB - Virtual size: 70KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 68KB - Virtual size: 70KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 5KB