05f8e6cc9390c88c2d0c21755c9ac8f310699bf2861182e32ad97b5c27adf667

Sharing

Copy URL Twitter E-mail

General

Target

05f8e6cc9390c88c2d0c21755c9ac8f310699bf2861182e32ad97b5c27adf667
Size

88KB
MD5

c7d26e9a6db25483d432b012e78328e4
SHA1

07daaa9361d24da6b61d7825916d1c984244cdf4
SHA256

05f8e6cc9390c88c2d0c21755c9ac8f310699bf2861182e32ad97b5c27adf667
SHA512

154a22ff192dbdb12bea82ccc8b8d15b5a7c94236f4a31081d33778228f290d63355a0058b91e695c2aab17d5d77da464f892fff6544797e2d93e1bc82fe0570
SSDEEP

1536:7YkZMEaqa6kgI7HusDKOj1vMwqO6qtkOJSbkSsTAFBk9ZFOVH0ask:7YVEayk9XftwYRmkiH0l

Score

N/A

Malware Config

Signatures

Files

05f8e6cc9390c88c2d0c21755c9ac8f310699bf2861182e32ad97b5c27adf667
.dll windows x86

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiInGetID
auxGetVolume
waveInGetDevCapsA
waveInPrepareHeader
waveOutSetPlaybackRate
mixerOpen
mmioCreateChunk
mmioClose
waveInUnprepareHeader
mmioAscend
mciSendCommandA
midiInOpen
midiOutReset
midiOutCachePatches
midiOutMessage
midiStreamOut
midiOutGetNumDevs
mmioWrite
midiOutGetErrorTextA
mmioSeek
joyReleaseCapture
mixerGetID
joySetCapture
mixerMessage
timeGetDevCaps
mixerClose
midiInAddBuffer
mciSendStringA
mmioRead
mciGetCreatorTask
midiInGetNumDevs
joyGetPos
midiInGetErrorTextA
auxOutMessage
midiInPrepareHeader
waveOutGetPosition
midiOutUnprepareHeader
timeBeginPeriod
midiStreamProperty
auxGetNumDevs
joySetThreshold
CloseDriver
midiOutPrepareHeader
waveOutSetVolume
waveInOpen
waveOutSetPitch
mixerGetLineControlsA
joyGetPosEx
midiDisconnect
waveOutUnprepareHeader
midiInStart
waveInGetID
auxGetDevCapsA
midiStreamPosition
midiInMessage
waveOutGetPitch
mmioFlush
timeGetSystemTime
waveOutPause
waveOutGetNumDevs
mciSetYieldProc
joyGetDevCapsA
waveOutBreakLoop
waveInGetPosition
midiOutOpen
mixerGetNumDevs
waveInAddBuffer
midiConnect
midiOutLongMsg
timeEndPeriod
waveOutRestart
midiOutGetID

kernel32

GetVersion
LoadLibraryA
GetSystemTime
IsValidLocale
VirtualAlloc
GetProcAddress
GetHandleInformation
GetModuleHandleA

shell32

SHLoadInProc
FindExecutableA
SHAddToRecentDocs
Shell_NotifyIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHFreeNameMappings
ShellExecuteExA

comctl32

ImageList_AddMasked
ImageList_Destroy

version

GetFileVersionInfoSizeW

winspool.drv

DeletePrintProcessorA
DeletePrinterDriverExA
EndDocPrinter
EnumPrinterDataExA

msvcrt

_adjust_fdiv
malloc
__dllonexit
_onexit
printf
ftell
fseek
fclose
fread
fwrite
memset
fopen
sprintf
free
_unlink
_initterm

Exports

Exports

rzwpmwsyyls

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

Imports

winmm

kernel32

shell32

comctl32

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 4KB - Virtual size: 3KB