c23b2c5801352f7fcd2c0c9b8b303cc7350979358f3592204a52e6d6f37c9a1e

Sharing

Copy URL Twitter E-mail

General

Target

c23b2c5801352f7fcd2c0c9b8b303cc7350979358f3592204a52e6d6f37c9a1e
Size

819KB
MD5

6501094f834723c3490ec7fa32dd05cf
SHA1

9424e2c227c5df5d1db7f63510983cfaa5e83644
SHA256

c23b2c5801352f7fcd2c0c9b8b303cc7350979358f3592204a52e6d6f37c9a1e
SHA512

97f6552399ab55ac832d212b8549c53dbd0bf5d95172dfc5a93040b0517b9044ff791015be59ac3e5c3f4596384606563373d7ef40bba66e19068aba6e6a2a10
SSDEEP

12288:GYrdSt5Md9WPm9Jn8Pgv9BFgvgrMek8KOxvzejL8mt03ikAg4KZqD0HorU7hncV7:hrdh9WPm/fv9BKvNsxG/C3tXXw4Tg7Q

Score

N/A

Malware Config

Signatures

Files

c23b2c5801352f7fcd2c0c9b8b303cc7350979358f3592204a52e6d6f37c9a1e
.exe windows x86

8329c8e545f3e46667156c6d90a0cff9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

duser

DUserGetAlphaPRID
DUserRegisterSuper
GetGadgetProperty
SetGadgetMessageFilter
UtilDrawOutlineRect
GetStdColorBrushF
GetStdColorF
RemoveGadgetProperty
DUserInstanceOf
SetGadgetRootInfo
GetGadgetSize
UnregisterGadgetMessage
PeekMessageExA
UtilDrawBlendRect
CreateGadget
DetachWndProc
FindGadgetMessages
DUserGetScalePRID
UnregisterGadgetMessageString
UtilBuildFont
GetGadgetMessageFilter
GetStdColorBrushI
GetGadgetCenterPoint
AttachWndProcA
AddGadgetMessageHandler
SetGadgetRotation
LookupGadgetTicket
FindStdColor
SetGadgetScale
RemoveGadgetMessageHandler

msvcrt

??0exception@@QAE@XZ
_finite
tolower
__CxxDetectRethrow
_scprintf
_pgmptr
_findnexti64
_fmode
__iscsym
_yn
__p__winmajor
__p__daylight
cos
wcsrchr
__p___mb_cur_max
_errno
_setjmp3
memmove
??_Gbad_typeid@@UAEPAXI@Z
_cwprintf
??_Fbad_typeid@@QAEXXZ
frexp
_hypot
_scalb
_pipe
_CItan
??_Ebad_cast@@UAEPAXI@Z
strncat
_getwch
fwprintf
??0exception@@QAE@ABQBD@Z
__iob_func
_acmdln
_ismbcalpha
__CxxCallUnwindDtor

winmm

midiOutLongMsg
mmioStringToFOURCCA
midiInGetErrorTextA
mmioInstallIOProcA
mixerGetControlDetailsA
waveInGetNumDevs
waveInMessage
waveOutSetVolume
waveOutGetPitch
mciGetDeviceIDFromElementIDW
midiStreamPosition
timeEndPeriod
PlaySoundA
timeKillEvent
mixerGetNumDevs
DefDriverProc
midiOutMessage
waveOutClose
midiStreamProperty
OpenDriver
midiOutGetID
waveOutGetID
midiInAddBuffer
CloseDriver
auxGetVolume
mmDrvInstall
mmioSeek
mmTaskYield
waveOutRestart
midiStreamOpen
WOW32DriverCallback
mmioSendMessage
mmioRead
waveOutGetVolume
midiInGetID

ntdll

NtPulseEvent
RtlSetThreadPoolStartFunc
NtEnumerateValueKey
NtUnloadDriver
ZwDeleteBootEntry
ZwResumeThread
NtLockRegistryKey
DbgUiIssueRemoteBreakin
RtlAddAuditAccessAce
vsprintf
ZwReadRequestData
RtlFindClearBitsAndSet
RtlEnlargedUnsignedDivide
NtVdmControl
RtlGetGroupSecurityDescriptor
RtlComputeCrc32
ZwLockFile
RtlFindLeastSignificantBit
_allrem
ZwCreateDebugObject
RtlInitializeContext
NtSuspendThread
ZwAccessCheck
RtlGetAce
NtAccessCheckByTypeResultListAndAuditAlarm
DbgPrintReturnControlC

kernel32

WriteFileEx
VirtualAlloc
LZStart
GetVolumePathNamesForVolumeNameA
GetDefaultCommConfigA
SetupComm
SetPriorityClass
MoveFileWithProgressW
CreateActCtxA
GetCPInfoExA
CloseHandle
FindNextFileA
WaitForMultipleObjectsEx
GetModuleHandleA
EnumerateLocalComputerNamesW
CreateJobObjectW
LocalCompact
FindAtomA
GetTapeParameters
GetPrivateProfileSectionNamesW
LoadLibraryA
CommConfigDialogW
lstrcmpiW
WaitForSingleObjectEx
SetHandleInformation
QueryDepthSList
FindNextChangeNotification
GlobalGetAtomNameA
GetModuleHandleW
GetModuleFileNameA
GetStartupInfoA
ChangeTimerQueueTimer
GetLastError
EnumSystemLanguageGroupsA
GlobalDeleteAtom
GetExitCodeThread
lstrcmpi
LZClose
GetStartupInfoW
GetTickCount
CreateFileW
lstrlenW

clusapi

GetClusterResourceNetworkName
RemoveClusterResourceDependency
ClusterNodeOpenEnum
ClusterRegEnumKey
SetClusterGroupName
GetClusterFromResource
GetClusterGroupKey
OpenClusterNode
GetClusterNodeId
ClusterResourceEnum
ClusterNodeGetEnumCount
DeleteClusterResource
ClusterNetworkControl
ClusterRegQueryInfoKey
ClusterResourceGetEnumCount
ClusterControl
OpenClusterGroup
ClusterRegGetKeySecurity
SetClusterGroupNodeList
ClusterEnum
GetNodeClusterState
ClusterRegCreateKey
CreateClusterGroup
ClusterRegEnumValue
EvictClusterNode
GetClusterFromNetwork
ClusterRegQueryValue

user32

EndDialog

Sections

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8329c8e545f3e46667156c6d90a0cff9

Headers

DLL Characteristics

File Characteristics

Imports

duser

msvcrt

winmm

ntdll

kernel32

clusapi

user32

Sections

.text Size: 378KB - Virtual size: 377KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 154KB - Virtual size: 1.5MB

.rsrc Size: 163KB - Virtual size: 163KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 378KB - Virtual size: 377KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 154KB - Virtual size: 1.5MB

.rsrc
Size: 163KB - Virtual size: 163KB

.reloc
Size: 1KB - Virtual size: 1KB