936625f6e8abd9d94f37fa6da6f0e82a89c75c60267512504f8f1a74e6e50335

Sharing

Copy URL Twitter E-mail

General

Target

936625f6e8abd9d94f37fa6da6f0e82a89c75c60267512504f8f1a74e6e50335
Size

315KB
MD5

17d3ee009317555adbde2f0dd1ee4590
SHA1

7c934ef9989ad8360d657afca53e4cf4214c2b88
SHA256

936625f6e8abd9d94f37fa6da6f0e82a89c75c60267512504f8f1a74e6e50335
SHA512

b24d4b1fd19cf528e2c9e39469f7f4a04384ad655aee93e6fc9c40acb5b93f5a54ce52d189968fa9b45c2dedc40b4ea24b44d0fa8715960dc6f840846b7e8751
SSDEEP

6144:Mi8ZfXStG2IHypdyTvsJI2aZy6S+KEwSJggRE7JY:Mi8ZfX92ZdyzsJbaZXZwSJDz

Score

N/A

Malware Config

Signatures

Files

936625f6e8abd9d94f37fa6da6f0e82a89c75c60267512504f8f1a74e6e50335
.exe windows x86

c462e49979a1fa1c23a3dc5853dc8738

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetPrivateProfileIntW
GetLastError
lstrcmpiA
LocalAlloc
LocalFree
IsProcessorFeaturePresent
HeapReAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
RtlUnwind
LoadLibraryW
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetPrivateProfileStringW
GetTickCount
GetModuleHandleW
GetCurrentProcess
GetStdHandle
WriteFile
ExitProcess
HeapFree
GetProcAddress
InterlockedDecrement
GetCurrentThreadId
SetLastError
HeapAlloc
EnterCriticalSection
InterlockedIncrement
TlsFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
HeapSize

user32

SetDlgItemTextA
GetShellWindow
CreateWindowExA
GetDlgItemTextA
EnableWindow
GetClassNameA
IsIconic
GetParent
LoadIconA
GetClientRect
SetFocus
EnumWindows
SendMessageW
SetDlgItemInt
GetDlgItem
SetWindowLongW
EndDialog
DefWindowProcA
SendDlgItemMessageW
LoadAcceleratorsA
ShowWindow
IsDlgButtonChecked
IsWindow
CreateWindowExW
ReleaseCapture
SetDlgItemTextW

winspool.drv

EndPagePrinter

shell32

SHGetFolderLocation
ord155
SHGetFileInfoA

winmm

midiOutSetVolume
midiOutGetDevCapsA
midiOutOpen
midiOutClose

comctl32

ord410

opengl32

glEnd

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c462e49979a1fa1c23a3dc5853dc8738

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

winspool.drv

shell32

winmm

comctl32

opengl32

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 29KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 29KB

.rsrc
Size: 18KB - Virtual size: 18KB