8021a199f4dd63405396523a4c4d9d49f51a9bc18e2509a1924ab0bbc625c903

Sharing

Copy URL Twitter E-mail

General

Target

8021a199f4dd63405396523a4c4d9d49f51a9bc18e2509a1924ab0bbc625c903
Size

810KB
MD5

e31c09896ad1b59e5b20cab03e23ca48
SHA1

6e1f9b05121e6192ae049bbff134b14b0e964990
SHA256

8021a199f4dd63405396523a4c4d9d49f51a9bc18e2509a1924ab0bbc625c903
SHA512

41c20178dbfd338122b2da9656b3e7254b8a8c5545203ef47b4accbd6c7f60bdf6cb6bcb585b1127e1f1eb9cf553d69c11a53bc94260e2198d7f0fe499f4652c
SSDEEP

24576:+uCLw4SPfvH9B+Tnz8h8/IS+PrZ7S6AMnJF:+uCLw4SPfvHj+z48/ISqrZvnJ

Score

N/A

Malware Config

Signatures

Files

8021a199f4dd63405396523a4c4d9d49f51a9bc18e2509a1924ab0bbc625c903
.exe windows x86

a03928cdc1b9b575effc75f5776bc22e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHCopyKeyW
StrNCatA
StrRChrA
PathUnquoteSpacesW
PathBuildRootA
PathRemoveBackslashW
UrlApplySchemeA
StrIsIntlEqualW
PathSearchAndQualifyA
PathAddBackslashW
ColorHLSToRGB
PathFindNextComponentW
UrlCombineW
StrChrNW
SHQueryInfoKeyW
IntlStrEqWorkerW
PathCombineW
StrRStrIW
StrCmpLogicalW
StrChrIW
StrCmpNIW
PathUnmakeSystemFolderA
StrChrW
PathSetDlgItemPathA
SHCreateStreamOnFileA
SHQueryInfoKeyA
StrCmpNIA
PathCommonPrefixA
SHQueryValueExA
StrTrimW
PathIsRelativeW
SHQueryValueExW

kernel32

GetCommState
WideCharToMultiByte
GetNativeSystemInfo
LoadLibraryA
lstrlenA
GlobalUnfix
GetTimeZoneInformation
ReplaceFileW
GetTickCount
GetConsoleFontInfo
GetLocaleInfoW
Heap32First
SetTapePosition
GetSystemDefaultLCID
GetProcessIoCounters
VirtualQueryEx
MoveFileWithProgressA
SetWaitableTimer
UnregisterConsoleIME
GetEnvironmentStringsA
CloseProfileUserMapping
GetConsoleAliasesLengthA
GetComputerNameExW
WaitForMultipleObjectsEx
GetFileSizeEx
DebugSetProcessKillOnExit
LZClose
AddLocalAlternateComputerNameA
LockFile
GetStringTypeW
CreateTimerQueueTimer
LoadResource
HeapValidate
WritePrivateProfileSectionW
GetBinaryType
GetProfileStringW
VirtualAlloc

user32

GetClassLongW
IsHungAppWindow
LoadCursorA
CreateDialogParamA
LoadKeyboardLayoutA
GetWindow
DdeQueryStringA
GetTopWindow
DdeCreateStringHandleW
GetKeyNameTextW
SendNotifyMessageW
AnyPopup
LoadKeyboardLayoutW
SetCursorContents
TranslateAcceleratorA
CharNextW
OpenWindowStationA
GetMenuItemRect
FindWindowExW
GetWindowThreadProcessId
UnregisterHotKey
UnregisterClassA
RecordShutdownReason
GetWindowRgnBox
User32InitializeImmEntryTable
VkKeyScanA
GrayStringA
TranslateMDISysAccel
wsprintfA
PostMessageA

winmm

mciExecute
mixerGetLineControlsA
GetDriverModuleHandle
mmioInstallIOProcW
mciSendCommandA
joyReleaseCapture
waveOutGetDevCapsA
joyGetPos
WOW32DriverCallback
mci32Message
joyGetDevCapsA
mixerGetLineControlsW
mixerGetControlDetailsA
midiOutGetErrorTextW
timeSetEvent
waveOutOpen
mixerGetDevCapsA
joyGetNumDevs
mixerClose
OpenDriver
mmioAscend
waveOutPause
waveOutSetPlaybackRate
waveOutUnprepareHeader
midiInGetDevCapsW
waveOutGetPitch
midiOutShortMsg
midiOutCachePatches
mmioFlush
mmioRenameW
mmioSeek
timeGetSystemTime
mmioWrite
midiOutOpen

Sections

.text
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a03928cdc1b9b575effc75f5776bc22e

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

winmm

Sections

.text Size: 340KB - Virtual size: 339KB

.rdata Size: 119KB - Virtual size: 119KB

.data Size: 169KB - Virtual size: 1.6MB

.rsrc Size: 178KB - Virtual size: 178KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 340KB - Virtual size: 339KB

.rdata
Size: 119KB - Virtual size: 119KB

.data
Size: 169KB - Virtual size: 1.6MB

.rsrc
Size: 178KB - Virtual size: 178KB

.reloc
Size: 1KB - Virtual size: 1KB