d477ff09aa8811ce1cef968e25633e372aa6db68f5f435d8afd72dda48849095

Sharing

Copy URL

Twitter E-mail

General

Target

d477ff09aa8811ce1cef968e25633e372aa6db68f5f435d8afd72dda48849095
Size

1.6MB
MD5

29ae189309eca76b77c732d4504518b4
SHA1

3d0130da078f993c6fb597645b5f55c3e0ccf003
SHA256

d477ff09aa8811ce1cef968e25633e372aa6db68f5f435d8afd72dda48849095
SHA512

fe17cbede82f93bca12593b035dc7105317ce09ff2d19ba3a2de811c1e9de8ff81c1d10aeeea848727d61ecec4794b4934530b6bdc3461ec4ccdc1c7eb6a92e1
SSDEEP

24576:mIKY5FNszRntSCDtnIbEDiUvcCXScaMKNHo+jUIwMTb+5VFWwoRMNAscvQcgX:YEPMBvWdFfjNwMTC7Ww0MNSvzY

Score

N/A

Malware Config

Signatures

Files

d477ff09aa8811ce1cef968e25633e372aa6db68f5f435d8afd72dda48849095
.exe windows x86

b106b233dbf7b654ffa860a900aef8fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
GetProcAddress
ExpandEnvironmentStringsA
IsProcessorFeaturePresent
LoadLibraryA
TerminateProcess
ExitProcess
CreateEventA
WaitForSingleObject
GetExitCodeThread
GetCurrentProcessId
DuplicateHandle
LocalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
FindNextFileA
CreateFileW
GetCurrentProcess
lstrlenA
lstrcpyA
CreateFileMappingA
FindFirstFileA
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
CreateFileA
WriteFile
CreateDirectoryA
CreateThread
CloseHandle
FindClose
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
Sleep
GetTickCount
FlushFileBuffers
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetFileSize
VirtualQuery
GetModuleHandleA
TerminateThread
SetThreadPriority
lstrcatA
SetEvent
ResetEvent
VirtualProtect
GetSystemDefaultLangID
LCMapStringW
LCMapStringA
GetSystemInfo
InterlockedExchange
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetEndOfFile
SetFilePointer
SetStdHandle
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCPInfo
GetOEMCP
GetModuleFileNameA
GetACP
HeapSize
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCurrentThreadId
QueryPerformanceCounter
CreateMutexA
GetLastError
ReleaseMutex
_lclose
_llseek
_lread
_lopen
HeapFree
HeapAlloc
GetProcessHeap
IsDBCSLeadByte
RemoveDirectoryA
SetFileAttributesA
lstrcmpiA
GetFileAttributesA
OutputDebugStringA
RtlUnwind
RaiseException
HeapReAlloc
ReadFile
GetFileType
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA

user32

CreateWindowExA
ScreenToClient
GetWindowRect
RegisterClassExA
UnregisterClassA
DestroyWindow
SetWindowRgn
DefWindowProcA
MoveWindow
PtInRect
SetRect
UpdateWindow
RegisterClassA
LoadCursorA
ReleaseDC
GetDC
PostMessageA
PostQuitMessage
GetAsyncKeyState
AdjustWindowRect
GetDlgItem
SendMessageA
LoadCursorFromFileA
GetSystemMetrics
SetWindowPos
PeekMessageA
SetCursor
ShowWindow
SetClassLongA
LoadIconA
MessageBoxA
wsprintfA
CreateDialogParamA
BeginPaint
EndPaint
LoadBitmapA
GetWindowTextA
SetFocus
DispatchMessageA
TranslateMessage
GetMessageA
GetWindowLongA
GetKeyboardLayout
PostMessageW
GetFocus
ClientToScreen
GetClientRect
ChangeDisplaySettingsA
EnumDisplaySettingsA
SetWindowLongA
ReleaseCapture
SetCapture
AdjustWindowRectEx
GetMenu
MessageBoxW

gdi32

CreateFontA
SetBkMode
SetTextColor
TextOutW
CreateDCA
CreateCompatibleBitmap
StretchBlt
DeleteDC
GetObjectA
CreateDIBSection
BitBlt
DeleteObject
GetStockObject
CreateRoundRectRgn
ExtTextOutA
ExtTextOutW
GetTextExtentPoint32A
GetTextExtentPointW
SetPixel
GetPixel
SelectObject
CreateCompatibleDC
GetObjectW
GetTextMetricsA
GetGlyphOutlineA
GetCharacterPlacementA
GetCharacterPlacementW
SetBkColor
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
MoveToEx

advapi32

RegOpenKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance
CoInitialize
OleRun
OleInitialize

oleaut32

SysAllocString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
GetErrorInfo
SysFreeString

winmm

timeGetTime

imm32

ImmGetCompositionStringA
ImmNotifyIME
ImmAssociateContext
ImmGetCandidateListA
ImmGetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmSetOpenStatus
ImmGetContext
ImmReleaseContext

urlmon

URLDownloadToFileA

ws2_32

WSAGetLastError
connect
WSAAsyncSelect
inet_addr
htons
socket
WSAStartup
recv
WSACleanup
closesocket
send
inet_ntoa
getsockname
select
ioctlsocket

fmodex

FMOD_System_Create
?getSoftwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getHardwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH00@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z

cwebpage

DisplayHTMLPage
EmbedBrowserObject
UnEmbedBrowserObject

ddraw

DirectDrawCreate

d3d9

Direct3DCreate9

Exports

Exports

fcEXP

Sections

.text
Size: 964KB - Virtual size: 961KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b106b233dbf7b654ffa860a900aef8fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

winmm

imm32

urlmon

ws2_32

fmodex

cwebpage

ddraw

d3d9

Exports

Exports

Sections

.text Size: 964KB - Virtual size: 961KB

.rdata Size: 172KB - Virtual size: 169KB

.data Size: 116KB - Virtual size: 4.9MB

.rsrc Size: 220KB - Virtual size: 216KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 964KB - Virtual size: 961KB

.rdata
Size: 172KB - Virtual size: 169KB

.data
Size: 116KB - Virtual size: 4.9MB

.rsrc
Size: 220KB - Virtual size: 216KB

.text
Size: 112KB - Virtual size: 112KB