df103e9e58b38a5a9ebcc3b01527e98f5bdb0727d51f48aa7f7974d8a2f4b745

Sharing

Copy URL Twitter E-mail

General

Target

df103e9e58b38a5a9ebcc3b01527e98f5bdb0727d51f48aa7f7974d8a2f4b745
Size

227KB
MD5

2fda1db9b97996d64bffea6c7e411a76
SHA1

9888ba3adddb31441bc0dcf5a9946ceac8e88095
SHA256

df103e9e58b38a5a9ebcc3b01527e98f5bdb0727d51f48aa7f7974d8a2f4b745
SHA512

f5c6cd10f45af6a96320d230736964eb28aa4b7633eeaa81a1585defd88f710fcdb48452ee8adb11f3b318dbdce85d76cde94ed4b9a9850479dbc0029cb3f9d2
SSDEEP

6144:tlPAFTDbH9coVfSRaxGuxo8q7ZIdzJZzVTIMt2:fAFTXfSRaY18AwJjt2

Score

N/A

Malware Config

Signatures

Files

df103e9e58b38a5a9ebcc3b01527e98f5bdb0727d51f48aa7f7974d8a2f4b745
.exe windows x86

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

??0CReaderWriterLock@@QAE@XZ
?IsReadLocked@CLKRLinearHashTable@@QBE_NXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?IsWriteLocked@CLKRLinearHashTable@@QBE_NXZ
?SetSpinCount@CFakeLock@@QAE_NG@Z
?Clear@CLKRLinearHashTable@@QAEXXZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?RemoveHead@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
?_LockSpin@CReaderWriterLock2@@AAEX_N@Z
?ReadLock@CCritSec@@QAEXXZ
?WriteLock@CReaderWriterLock@@QAEXXZ
?ConvertExclusiveToShared@CReaderWriterLock3@@QAEXXZ
?IsReadLocked@CSmallSpinLock@@QBE_NXZ
?IsWriteLocked@CSmallSpinLock@@QBE_NXZ
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGNXZ
?_WriteLockSpin@CReaderWriterLock3@@AAEXXZ
?BucketSize@CLKRHashTableStats@@SGJJ@Z
?IsWinNT4@CMdVersionInfo@@SAHXZ
??1CSpinLock@@QAE@XZ

winmm

waveOutMessage
midiOutReset
mciSendStringW
mciDriverNotify
mmioSetInfo
mixerGetLineControlsA
mmioAdvance
mmioInstallIOProcW
auxGetNumDevs
mciGetDeviceIDFromElementIDW
waveOutSetPlaybackRate
midiInClose
NotifyCallbackData
mciDriverYield
midiOutMessage

kernel32

lstrcpyn
ResetEvent
SetLocalTime
LoadLibraryW
PeekConsoleInputW
FreeUserPhysicalPages
GetLocaleInfoW
RegisterWowExec
GetEnvironmentStringsA
SetLastError
TransmitCommChar
GetMailslotInfo

user32

GetUpdateRgn
GetThreadDesktop
GetRawInputData
RegisterDeviceNotificationA
ChangeMenuA
GetWindowTextLengthW
BroadcastSystemMessageA
DefMDIChildProcW
ChildWindowFromPointEx
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetRectEmpty
LoadMenuIndirectA
AdjustWindowRectEx
MessageBoxIndirectA

wininet

InternetAutodialHangup
SetUrlCacheEntryInfoA
InternetTimeFromSystemTime
InternetUnlockRequestFile
InternetWriteFileExA
InternetCrackUrlW
UnlockUrlCacheEntryFile
DeleteUrlCacheEntryA
FtpPutFileW
FtpCommandA
InternetQueryOptionA
FtpRenameFileA
HttpQueryInfoW
InternetReadFileExA
HttpEndRequestA

icmp

IcmpSendEcho
IcmpCloseHandle
register_icmp
do_echo_req
IcmpSendEcho2
IcmpParseReplies
IcmpCreateFile
do_echo_rep

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

Imports

msdart

winmm

kernel32

user32

wininet

icmp

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 1KB