b4d6be3aabc8e807c95b239a73309912b5e8629b1623e9b9f8f8e3266dd598f1

General

Target

b4d6be3aabc8e807c95b239a73309912b5e8629b1623e9b9f8f8e3266dd598f1
Size

184KB
MD5

aa6c281c943f92649f226680733c1c25
SHA1

c7be77873513c0b8482518b1e9e06e99bdb445c1
SHA256

b4d6be3aabc8e807c95b239a73309912b5e8629b1623e9b9f8f8e3266dd598f1
SHA512

6b624d4ea8f6b8a2d2cabc0216f5379e31e453a216656702c71035592ecbffe7539ae20174ed936f136e8455b933570ffdb29aad2acdd14213e21c5db98cd851
SSDEEP

3072:UMG272lHu4XDZBhdGt444BIQLKwL3s4YLmspSrqUnfBueARph4:U6iZXDZBhdGt444BRT3snLm/7nfBqpe

Score

N/A

Malware Config

Signatures

Files

b4d6be3aabc8e807c95b239a73309912b5e8629b1623e9b9f8f8e3266dd598f1
.exe windows x86

e25b3b14260773058c1a198149a01b67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

realloc
fprintf
exit
sprintf
remove
sscanf
fclose
fseek
fopen
fsetpos
ftell
fgetpos
clearerr
fread
malloc
strtoul
strtol
_errno
isxdigit
_HUGE
strtod
setlocale
fflush
fwrite
_chsize
_finite
floor
calloc
memmove
strncmp
strstr
time
gmtime
getenv
_iob
strtok
setbuf
free

kernel32

TlsFree
LoadLibraryA
GetProcAddress
InitializeCriticalSection
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
TlsGetValue
DeleteCriticalSection
VirtualAllocEx
GetCurrentProcessId
OpenProcess

winmm

waveOutGetDevCapsA
mciSendStringA
midiInPrepareHeader
mixerGetControlDetailsW
waveOutSetVolume
waveInMessage
mciLoadCommandResource
midiOutCacheDrumPatches
waveOutUnprepareHeader
mmioAdvance
midiOutLongMsg
midiStreamClose
mixerMessage
timeSetEvent
mmioSeek
midiInGetDevCapsW
joyReleaseCapture
mmioRenameW
midiStreamProperty
waveOutBreakLoop
timeEndPeriod
waveInOpen
tid32Message
mmsystemGetVersion
midiInGetNumDevs
mciFreeCommandResource
waveInGetDevCapsW
WOW32DriverCallback

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 18KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e25b3b14260773058c1a198149a01b67

Headers

File Characteristics

Imports

msvcrt

kernel32

winmm

Sections

.text Size: 12KB - Virtual size: 12KB

.bss Size: 18KB - Virtual size: 1.6MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 146KB - Virtual size: 385KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 12KB

.bss
Size: 18KB - Virtual size: 1.6MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 146KB - Virtual size: 385KB

.rsrc
Size: 3KB - Virtual size: 2KB