a718bc1450c7e2e1391c5943defb32030450193315d78b6e8d827d04579db4c6

Sharing

Copy URL

Twitter E-mail

General

Target

a718bc1450c7e2e1391c5943defb32030450193315d78b6e8d827d04579db4c6
Size

1.8MB
MD5

45e8e4288cb4a3793cbfc404c4df6379
SHA1

6cbd393052f1814070126757498eb06c163b4c4a
SHA256

a718bc1450c7e2e1391c5943defb32030450193315d78b6e8d827d04579db4c6
SHA512

01c61a8a160b6d6f7a01f32360eed22fa1be128e91d9496ff5efe2decf1cfce521858e44065064d2003c78fd09dbb83ea552441f0742e08adc74bd2557a1555e
SSDEEP

49152:VS4+6dXVnwvjpYPLogAFtCugiYxVra/MHEzFagg:L+MOjKPLCSPm/MHsg

Score

N/A

Malware Config

Signatures

Files

a718bc1450c7e2e1391c5943defb32030450193315d78b6e8d827d04579db4c6
.cab
10054_~1.EXE
.exe windows x86

b527cd8232804813a6a28b042e232951

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PulseEvent
LoadLibraryA
VirtualAlloc
LockFile
EnterCriticalSection
GetCurrentDirectoryA
GetSystemDefaultLCID
WritePrivateProfileSectionA
GetCommandLineA
SleepEx
CreatePipe
VirtualFree
EndUpdateResourceA
GetLastError
ExitProcess
ReplaceFileA
GetLongPathNameW
GetDiskFreeSpaceA
GetProfileStringA
OutputDebugStringA
GetModuleHandleA
LocalReAlloc
ReplaceFileW
GetFileType
LocalHandle

msvcrt

putc
memcpy
tanh
_wfindfirsti64
mbtowc
is_wctype
_atoi64
ispunct
_mbsnbcmp
_mkdir

gdi32

CreateDIBSection
GetTextExtentPoint32W
SetDIBitsToDevice
GetObjectW
GetTextExtentExPointW
GetDIBits
SetMapMode
GetDeviceCaps
CreateCompatibleDC
GetCurrentObject
CreateFontIndirectW

user32

LoadCursorW
FindWindowW
GetDlgItemTextW
LoadImageW
LoadCursorFromFileA
GetMenu
CreateDialogParamW
GetClassLongW
IntersectRect
IsWindowEnabled
PostQuitMessage
MoveWindow
DefWindowProcW
EndDialog
InsertMenuItemW

winmm

aux32Message
waveInStop
midiInGetErrorTextW
mixerOpen
mmTaskSignal
mmDrvInstall
waveOutGetPitch
DrvGetModuleHandle
waveOutMessage
midiStreamPause
timeGetDevCaps
SendDriverMessage
waveOutWrite
midiStreamPosition

Exports

Exports

XfbLfvk
RdWlpejJsastZg
OrpWfowleaBqtmoLyhmrlHla

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RAR-PA~1.EXE
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b527cd8232804813a6a28b042e232951

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

winmm

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 512B - Virtual size: 52B

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 512B - Virtual size: 52B

CODE
Size: 36KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB