f01a66920ac702c58984f380f7608a909adf3f955673350ddbf9b42d854946b1

Sharing

Copy URL Twitter E-mail

General

Target

f01a66920ac702c58984f380f7608a909adf3f955673350ddbf9b42d854946b1
Size

88KB
MD5

c453c1d4575938bf69d2d6274496646e
SHA1

6aa9133cfa4c9875d7dc2f507bd979feed1a3816
SHA256

f01a66920ac702c58984f380f7608a909adf3f955673350ddbf9b42d854946b1
SHA512

0c1a66893678f760f2b61879e599a6aaf5c2a07176634931305be2db37f89bcb17732368ec75854ed31b90d55051381c39a1724568e3967d01e5bad63e05c9b2
SSDEEP

1536:7TkMZPaqa6kgIUACusDvOj1vMwqO6qtkOJSbkSsTAFBk9ZFOVH0ask:7T3PaykoyftwYRmkiH0l

Score

N/A

Malware Config

Signatures

Files

f01a66920ac702c58984f380f7608a909adf3f955673350ddbf9b42d854946b1
.dll windows x86

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiInGetID
auxGetVolume
waveInGetDevCapsA
waveInPrepareHeader
waveOutSetPlaybackRate
mixerOpen
mmioCreateChunk
mmioClose
waveInUnprepareHeader
mmioAscend
mciSendCommandA
midiInOpen
midiOutReset
midiOutCachePatches
midiOutMessage
midiStreamOut
midiOutGetNumDevs
mmioWrite
midiOutGetErrorTextA
mmioSeek
joyReleaseCapture
mixerGetID
joySetCapture
mixerMessage
timeGetDevCaps
mixerClose
midiInAddBuffer
mciSendStringA
mmioRead
mciGetCreatorTask
midiInGetNumDevs
joyGetPos
midiInGetErrorTextA
auxOutMessage
midiInPrepareHeader
waveOutGetPosition
midiOutUnprepareHeader
timeBeginPeriod
midiStreamProperty
auxGetNumDevs
joySetThreshold
CloseDriver
midiOutPrepareHeader
waveOutSetVolume
waveInOpen
waveOutSetPitch
mixerGetLineControlsA
joyGetPosEx
midiDisconnect
waveOutUnprepareHeader
midiInStart
waveInGetID
auxGetDevCapsA
midiStreamPosition
midiInMessage
waveOutGetPitch
mmioFlush
timeGetSystemTime
waveOutPause
waveOutGetNumDevs
mciSetYieldProc
joyGetDevCapsA
waveOutBreakLoop
waveInGetPosition
midiOutOpen
mixerGetNumDevs
waveInAddBuffer
midiConnect
midiOutLongMsg
timeEndPeriod
waveOutRestart
midiOutGetID

kernel32

GetVersion
LoadLibraryA
GetSystemTime
IsValidLocale
VirtualAlloc
GetProcAddress
GetHandleInformation
GetModuleHandleA

shell32

SHLoadInProc
FindExecutableA
SHAddToRecentDocs
Shell_NotifyIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHFreeNameMappings
ShellExecuteExA

comctl32

ImageList_AddMasked
ImageList_Destroy

version

GetFileVersionInfoSizeW

winspool.drv

DeletePrintProcessorA
DeletePrinterDriverExA
EndDocPrinter
EnumPrinterDataExA

msvcrt

_adjust_fdiv
malloc
__dllonexit
_onexit
printf
ftell
fseek
fclose
fread
fwrite
memset
fopen
sprintf
free
_unlink
_initterm

Exports

Exports

vcnhggupjh

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

874a08facd0d57f86657ade1df62556b

Headers

File Characteristics

Imports

winmm

kernel32

shell32

comctl32

version

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 49KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 49KB

.reloc
Size: 4KB - Virtual size: 3KB