39e4ff07009076e9a429858d772378e74ef89f63570aed0a0aa5263f61bde4d3

Sharing

Copy URL

Twitter E-mail

General

Target

39e4ff07009076e9a429858d772378e74ef89f63570aed0a0aa5263f61bde4d3
Size

644KB
MD5

3673553a7b20ad1dd5649dac0b106b49
SHA1

d6f05d15f8eb2f5832a8db527747daecd452579c
SHA256

39e4ff07009076e9a429858d772378e74ef89f63570aed0a0aa5263f61bde4d3
SHA512

6a2894dad7d2581127f162078d5ce2d17f268d7f7afb717cbdf7165643b03fa0f0aecf28f2d5e5e7275958dfd90cacdb6cac1f78c3a5091ad246cbbf6602e2f2
SSDEEP

6144:O970Wapg0Fk0aupNUa53JNVu8STZ2P4r68WXjqDnOGJUlI4YcTGAeEzC:o70Wau0Fk0pNUWGqjq1glFTGAe

Score

N/A

Malware Config

Signatures

Files

39e4ff07009076e9a429858d772378e74ef89f63570aed0a0aa5263f61bde4d3
.dll windows x86

eb64595ff53123f89a337bc43db2f4f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeKillEvent
timeSetEvent

kernel32

CreateFileA
SetFileAttributesA
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
GetTickCount
GetCommandLineA
GetModuleFileNameA
FreeLibrary
LCMapStringA
WriteFile
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetProcessHeap
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
FlushFileBuffers
UnmapViewOfFile
VirtualFreeEx
MapViewOfFile
CreateFileMappingA
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
SetWaitableTimer
CreateWaitableTimerA
CreateProcessA
OpenProcess
TerminateProcess
CloseHandle
RtlMoveMemory
Beep
GetCurrentThread
GetProcAddress
GetModuleHandleA
lstrcpyn
GetCurrentProcess
MulDiv
LoadLibraryA
SetProcessWorkingSetSize
GetVersionExA
ReadProcessMemory
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
RaiseException
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
lstrcatA
lstrcpyA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
SetFilePointer

user32

GetForegroundWindow
GetDC
ReleaseDC
GetWindowRect
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
MessageBeep
CreateWindowExA
GetCursorPos
GetSysColor
LoadBitmapA
RegisterHotKey
ReleaseCapture
PostMessageA
SendMessageA
SetCapture
SetWindowLongA
UnregisterHotKey
GetGUIThreadInfo
GetWindowThreadProcessId
CallWindowProcA
MsgWaitForMultipleObjects
ScreenToClient
GetClassNameA

gdi32

CreateCompatibleDC
CreateDIBitmap
LineTo
MoveToEx
DeleteObject
Rectangle
GetStockObject
CreateSolidBrush
SelectObject
CreatePen
CreateFontA
TranslateCharsetInfo
GetObjectA
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
CreateFontIndirectA
DeleteDC
CreateDCA

advapi32

RegQueryValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
OpenProcessToken
RegCloseKey

ole32

CoUninitialize
OleRun
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoInitialize

oleaut32

VariantChangeType
VariantInit
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

shell32

DragQueryFileA
DragAcceptFiles
DragFinish

comctl32

ord17
ImageList_EndDrag
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_Destroy
ImageList_Create
ImageList_BeginDrag
ImageList_Add
ImageList_DragShowNolock

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 516KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb64595ff53123f89a337bc43db2f4f8

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shell32

comctl32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 516KB - Virtual size: 574KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 516KB - Virtual size: 574KB

.data
Size: 12KB - Virtual size: 8KB