ab3209372eb58832ef39cb732d6a8c381e6528ef9320716fdcc23092ffc3bf1d

Sharing

Copy URL Twitter E-mail

General

Target

ab3209372eb58832ef39cb732d6a8c381e6528ef9320716fdcc23092ffc3bf1d
Size

11.1MB
MD5

fe5df3a4026f7e38f3c2ca10d3aafbbd
SHA1

7184ab289b0206d66fb57fcc994a9f7fc7a3620a
SHA256

ab3209372eb58832ef39cb732d6a8c381e6528ef9320716fdcc23092ffc3bf1d
SHA512

ce7b55871d2e1ec6bd649b6f1321d3e3fbbd9831b1ff473e085e142e6697be5b288f0e0538881973e2ac5336398e5a313d5e7e819a2da1faa8e8d0456eb295d6
SSDEEP

3072:+i5lbSyxWhiPopsGfqasUm/Yd7hkhkqdc7s2:+ylbSyxWhr6as9khok4c7s2

Score

N/A

Malware Config

Signatures

Files

ab3209372eb58832ef39cb732d6a8c381e6528ef9320716fdcc23092ffc3bf1d
.dll windows x86

0377644617c7814cebd868a8e3038cdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strcmpi
_strnicmp
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
calloc
_beginthreadex
strncat
_errno
sprintf
strncmp
strcat
_strupr
wcstombs
atoi
realloc
strrchr
_except_handler3
free
strcmp
strcpy
malloc
strchr
_CxxThrowException
memcmp
strstr
strlen
_ftol
ceil
memmove
__CxxFrameHandler
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
strncpy
memset

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame
ICClose

kernel32

GetCurrentThreadId
lstrcmpiA
GetTickCount
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
UnmapViewOfFile
HeapAlloc
GetProcessHeap
HeapFree
CreateFileMappingA
MapViewOfFile
GetLocalTime
InterlockedExchange
CreateToolhelp32Snapshot
InitializeCriticalSection
DeleteCriticalSection
CreateThread
GetCurrentProcess
FreeConsole
SetUnhandledExceptionFilter
SetErrorMode
GlobalMemoryStatus
lstrlenA
DeviceIoControl
DeleteFileA
lstrcmpA
FreeLibrary
ResumeThread
LoadLibraryA
GetProcAddress
LocalAlloc
RaiseException
GetLastError
CloseHandle

Exports

Exports

ServiceMain
we2
wt1

Sections

Audio
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0377644617c7814cebd868a8e3038cdc

Headers

File Characteristics

Imports

msvcrt

msvcp60

msvfw32

kernel32

Exports

Exports

Sections

Audio Size: 3KB - Virtual size: 2KB

.text Size: 96KB - Virtual size: 95KB

PAGE1 Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 6KB - Virtual size: 5KB

Audio
Size: 3KB - Virtual size: 2KB

.text
Size: 96KB - Virtual size: 95KB

PAGE1
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 6KB - Virtual size: 5KB