834d0ebc8d520fc0821fdd67fb73bdd648f1e34e248d0509a8c63e704ec9da0b

Sharing

Copy URL

Twitter E-mail

General

Target

834d0ebc8d520fc0821fdd67fb73bdd648f1e34e248d0509a8c63e704ec9da0b
Size

112KB
MD5

caef91f1ad9e469ed21cc34eff073605
SHA1

4ffee73ebbcd31fa298b554486a54f8f639cd6fa
SHA256

834d0ebc8d520fc0821fdd67fb73bdd648f1e34e248d0509a8c63e704ec9da0b
SHA512

c49f6bfeaaf39430993e27278d36b786294627c3559eef31b0dcabb865b7b50cf7fbd4a4ecf62255a7b4cfae2ab4e51b4e6563108bacf99ea82308e3bb916503
SSDEEP

3072:rCEX5vAX/C4PozyoKykVA4c6f61BWWJcbLggB:rt5AX6aoM5q4c62WxAw

Score

N/A

Malware Config

Signatures

Files

834d0ebc8d520fc0821fdd67fb73bdd648f1e34e248d0509a8c63e704ec9da0b
.dll windows x86

42ee21a3b3a1558a6599599e3cfd0a4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
GetFileInformationByHandle
GetLogicalDriveStringsW
GetModuleHandleA
GetSystemInfo
GetTempPathW
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
HeapAlloc
HeapCreate
HeapFree
GetConsoleMode
LocalLock
GetExitCodeProcess
MulDiv
ReadFile
RemoveDirectoryW
SearchPathW
SetEnvironmentVariableA
SetEvent
SignalObjectAndWait
TlsGetValue
WaitForMultipleObjectsEx
lstrcmpA
GetConsoleAliasA
GetCommandLineA
GetBinaryTypeA
FormatMessageA
LocalShrink
GetCurrentProcessId
FlushConsoleInputBuffer
FindNextVolumeW
FindAtomA
ExitProcess
EraseTape
EnumTimeFormatsW
EnumTimeFormatsA
DuplicateHandle
DeleteCriticalSection
CreateSemaphoreA
CreateHardLinkW
CloseHandle
BindIoCompletionCallback
LocalHandle
BeginUpdateResourceA

ws2_32

WSAGetLastError
WSAInstallServiceClassA
WSASetEvent
socket
listen
htons
gethostbyname
connect
WSAUnhookBlockingHook

winmm

PlaySoundW
joyGetPos
midiInUnprepareHeader
mixerClose
waveOutRestart
waveOutClose
waveInStart
waveInGetDevCapsA
timeKillEvent
timeBeginPeriod
mmioInstallIOProcA
waveInReset

advapi32

CancelOverlappedAccess
GetTraceEnableFlags
GetTrusteeNameW
ImpersonateNamedPipeClient
LsaClearAuditLog
LsaRemoveAccountRights
LsaSetInformationTrustedDomain
OpenTraceW
RegOpenKeyExA
RegQueryValueExA
SetNamedSecurityInfoExW
SetSecurityDescriptorDacl
SetUserFileEncryptionKey
GetAclInformation
GetAce
EqualSid
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl

dinput

DirectInputCreateW

ole32

StgPropertyLengthAsVariant
PropVariantClear
IsEqualGUID

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shell32

ShellExecuteA
SHGetSpecialFolderPathW
SHFileOperationW

user32

DestroyWindow
DialogBoxParamA
DispatchMessageA
EmptyClipboard
EnumPropsA
GetForegroundWindow
GetMonitorInfoW
LoadIconA
MapWindowPoints
MessageBoxW
MsgWaitForMultipleObjects
OpenClipboard
RegisterClassA
RegisterShellHookWindow
RemoveMenu
SetDebugErrorLevel
SetRect
SetSystemCursor
DefWindowProcA
CreateWindowExA
CharToOemA
CharLowerBuffA
ActivateKeyboardLayout
SetUserObjectSecurity
TranslateMessage
UpdateWindow
ShowWindow

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42ee21a3b3a1558a6599599e3cfd0a4c

Headers

File Characteristics

Imports

kernel32

ws2_32

winmm

advapi32

dinput

ole32

version

shell32

user32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB