f010fd27675c0ed8f5b7d2d506287cb286887132e94966fd67dabe9f2093a670

Sharing

Copy URL

Twitter E-mail

General

Target

f010fd27675c0ed8f5b7d2d506287cb286887132e94966fd67dabe9f2093a670
Size

196KB
MD5

81d580655c99cee12c819480f5bc17bc
SHA1

563af4f6a972d4a713a4a22ee3993a1323d20cfb
SHA256

f010fd27675c0ed8f5b7d2d506287cb286887132e94966fd67dabe9f2093a670
SHA512

6d88f6cfd8fb5f38b45a57c9bd4c123ae303e5e0736cf1b2c16fbf02f516351fa832536c258756ab47bfcdd3b7d5b674311046884e5a0f1d1a74333ef6b1eae2
SSDEEP

3072:NS7mCaXbg4aIDBzmxWk9nczFk+pjlhbJ/9hxiEakOVy3A6rh6xYqqDtVQRO+6Yk8:NSrAEVPR6RlhlrpUyQ6roxYrb+SGh

Score

N/A

Malware Config

Signatures

Files

f010fd27675c0ed8f5b7d2d506287cb286887132e94966fd67dabe9f2093a670
.dll windows x86

a6089df2236280878a72c26b8d7df9cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrIA

kernel32

WritePrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileStringA
GetVersionExA
CloseHandle
FindClose
VirtualAllocEx
DisableThreadLibraryCalls
lstrcmpiA
FindFirstFileA
GetFileAttributesA
ReadProcessMemory
VirtualFreeEx
GetPrivateProfileIntA
OpenProcess
lstrcpynA
lstrlenA
FindNextFileA

user32

IsWindowUnicode
GetDlgItem
MessageBoxA
SetWindowLongA
CreateIcon
GetDC
GetIconInfo
CreateIconIndirect
PtInRect
RegisterWindowMessageA
SendMessageA
SetFocus
CharPrevA
LoadIconA
SetForegroundWindow
GetKeyState
DrawTextA
SendDlgItemMessageA
SetActiveWindow
GetWindowRect
GetClassNameA
SetWindowLongW
EndDialog
GetCursorPos
CheckDlgButton
EnumChildWindows
IsDlgButtonChecked
IsWindow
SetWindowTextA
LoadImageA
MapWindowPoints
EnableWindow
CallWindowProcA
FindWindowA
GetDlgItemTextA
DestroyIcon
GetWindowThreadProcessId
CopyRect
SetDlgItemTextA
ReleaseDC

gdi32

GetObjectA
GetPixel
DeleteObject
CreateBitmap
SetPixel
GetCurrentObject
CreateFontIndirectA
StretchBlt
DeleteDC
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
SetStretchBltMode
SelectObject

comdlg32

GetOpenFileNameA

shell32

Shell_NotifyIconA

nscrt

_vsnprintf

Exports

Exports

winampGetGeneralPurposePlugin

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6089df2236280878a72c26b8d7df9cf

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

shell32

nscrt

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 172KB - Virtual size: 173KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 172KB - Virtual size: 173KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB