a43e0a285b29fd7ad240519b27597ab4a7a2fa9260d6324a41c8f63e881be490

Sharing

Copy URL

Twitter E-mail

General

Target

a43e0a285b29fd7ad240519b27597ab4a7a2fa9260d6324a41c8f63e881be490
Size

143KB
MD5

49095374267fc2f8031d5e19e854c03f
SHA1

7a3cfb2bec0c826bcbe77b568b00c36847f539c7
SHA256

a43e0a285b29fd7ad240519b27597ab4a7a2fa9260d6324a41c8f63e881be490
SHA512

16e136035d9a32449a92796fd474a1073008e922a66ddab9e5984dcb36ee8ada50d01cc779552b5d32e18d49047e94986ff6f88a608a627858bcaf9e1e83714b
SSDEEP

3072:ZBlP2WIgCw9cj2KO8tA+j4dsFbT32jYCd3Eazj:PlXgwOjbO85jk8T32UCd3Es

Score

N/A

Malware Config

Signatures

Files

a43e0a285b29fd7ad240519b27597ab4a7a2fa9260d6324a41c8f63e881be490
.dll windows x86

999056f15a566c720a19bef3f1f8879a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
calloc
_beginthreadex
wcsncat
wcscat
_wcsnicmp
wcschr
_snprintf
_errno
strncpy
strncmp
wcstombs
fputs
wcsrchr
_except_handler3
free
wcsstr
_wcsupr
wcsncpy
fgets
fclose
mbstowcs
wcscpy
atoi
realloc
strcmp
malloc
strchr
strcat
sprintf
_CxxThrowException
memcmp
strcpy
strstr
strlen
_ftol
_strnicmp
ceil
memmove
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
fopen

user32

GetWindowRect
MoveWindow
GetCursorInfo
GetCursorPos
ReleaseDC
GetDesktopWindow
GetDC
GetSystemMetrics
SetRect
MapVirtualKeyW
DestroyCursor
ShowWindow
MessageBoxW
CharNextW
FindWindowW
PostMessageW
GetProcessWindowStation
OpenWindowStationW
SetProcessWindowStation
CloseDesktop
SetThreadDesktop
OpenInputDesktop
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW
GetUserObjectInformationW
GetThreadDesktop
OpenDesktopW
CreateWindowExW
CloseWindow
SendMessageW
IsWindow
LoadCursorW

kernel32

lstrcpyW
OutputDebugStringW
GetVersionExW
GetPrivateProfileStringA
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileSectionNamesA
CancelIo
ResetEvent
VirtualAlloc
VirtualFree
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
CreateEventW
CreateProcessW
ExitProcess
SetUnhandledExceptionFilter
CopyFileW
SetFileAttributesW
GetSystemDirectoryW
LoadLibraryW
FreeConsole
LocalFree
lstrcmpW
LocalReAlloc
LocalAlloc
SetLastError
GetLocalTime
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
LocalSize
GetCurrentProcess
lstrcmpiW
Sleep
GetFileAttributesW
DeleteFileA
GetFileSize
lstrcatW
lstrlenW
GetTickCount
SetErrorMode

advapi32

LsaRetrievePrivateData
LsaOpenPolicy
LsaFreeMemory
LookupAccountNameA
IsValidSid
LsaClose

shell32

SHGetSpecialFolderPathA

winmm

waveOutOpen
waveOutPrepareHeader
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
waveOutGetNumDevs

ws2_32

inet_ntoa
getsockname
inet_addr
bind
getpeername
accept
listen
sendto
gethostname
__WSAFDIsSet
ioctlsocket
WSASocketW
WSAStartup
WSACleanup
WSAIoctl
recvfrom
setsockopt
connect
send
select
closesocket
recv
ntohs
socket
gethostbyname
htons

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSQuerySessionInformationA

iphlpapi

GetAdaptersInfo

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICCompressorFree
ICSeqCompressFrameEnd

msvcp60

??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEPBGXZ

Exports

Exports

DDD_DDDInfo
End_DDDInfo
Get_DDDInfo
MMM_DDDInfo
Run_DDDInfo
ServiceMain
aaa_DDDInfo
axxx_DDDInfo
cxxx_DDDInfo
eee_DDDInfo
exxx_DDDInfo
www_DDDInfo
xxx_DDDInfo
zzz_DDDInfo

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

999056f15a566c720a19bef3f1f8879a

Headers

File Characteristics

Imports

shlwapi

msvcrt

user32

kernel32

advapi32

shell32

winmm

ws2_32

wtsapi32

iphlpapi

msvfw32

msvcp60

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB