560cfa59ff68eb4c4ea8551d1192e50589d10311cc083ba5768752a0d8127fd4

Sharing

Copy URL Twitter E-mail

General

Target

560cfa59ff68eb4c4ea8551d1192e50589d10311cc083ba5768752a0d8127fd4
Size

227KB
MD5

339fbb498b87577b94f7b2ec559c4ae0
SHA1

6d4ae346b7d24b84a6dec8c37dbcf94eebb8a2ef
SHA256

560cfa59ff68eb4c4ea8551d1192e50589d10311cc083ba5768752a0d8127fd4
SHA512

e7b4e9b2f222e7adafd74315186065b23b940000a11e6b0f69a858b97c438c1c79fabd4e37089845c61a105a750ac6f02f1be31667c9488c94f0c7a0bac8ce02
SSDEEP

6144:tlPAFTDbH9coVfSRaxGuxo8q7ZIdzJZzVTIMt+:fAFTXfSRaY18AwJjt+

Score

N/A

Malware Config

Signatures

Files

560cfa59ff68eb4c4ea8551d1192e50589d10311cc083ba5768752a0d8127fd4
.exe windows x86

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msdart

??0CReaderWriterLock@@QAE@XZ
?IsReadLocked@CLKRLinearHashTable@@QBE_NXZ
?SetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGXN@Z
?IsWriteLocked@CLKRLinearHashTable@@QBE_NXZ
?SetSpinCount@CFakeLock@@QAE_NG@Z
?Clear@CLKRLinearHashTable@@QAEXXZ
?ConvertExclusiveToShared@CLKRHashTable@@QBEXXZ
?RemoveHead@CLockedDoubleList@@QAEQAVCListEntry@@XZ
?TryReadLock@CReaderWriterLock2@@QAE_NXZ
?_CurrentThreadId@CSpinLock@@CGJXZ
?_LockSpin@CReaderWriterLock2@@AAEX_N@Z
?ReadLock@CCritSec@@QAEXXZ
?WriteLock@CReaderWriterLock@@QAEXXZ
?ConvertExclusiveToShared@CReaderWriterLock3@@QAEXXZ
?IsReadLocked@CSmallSpinLock@@QBE_NXZ
?IsWriteLocked@CSmallSpinLock@@QBE_NXZ
?GetDefaultSpinAdjustmentFactor@CReaderWriterLock3@@SGNXZ
?_WriteLockSpin@CReaderWriterLock3@@AAEXXZ
?BucketSize@CLKRHashTableStats@@SGJJ@Z
?IsWinNT4@CMdVersionInfo@@SAHXZ
??1CSpinLock@@QAE@XZ

winmm

waveOutMessage
midiOutReset
mciSendStringW
mciDriverNotify
mmioSetInfo
mixerGetLineControlsA
mmioAdvance
mmioInstallIOProcW
auxGetNumDevs
mciGetDeviceIDFromElementIDW
waveOutSetPlaybackRate
midiInClose
NotifyCallbackData
mciDriverYield
midiOutMessage

kernel32

lstrcpyn
ResetEvent
SetLocalTime
LoadLibraryW
PeekConsoleInputW
FreeUserPhysicalPages
GetLocaleInfoW
RegisterWowExec
GetEnvironmentStringsA
SetLastError
TransmitCommChar
GetMailslotInfo

user32

GetUpdateRgn
GetThreadDesktop
GetRawInputData
RegisterDeviceNotificationA
ChangeMenuA
GetWindowTextLengthW
BroadcastSystemMessageA
DefMDIChildProcW
ChildWindowFromPointEx
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetRectEmpty
LoadMenuIndirectA
AdjustWindowRectEx
MessageBoxIndirectA

wininet

InternetAutodialHangup
SetUrlCacheEntryInfoA
InternetTimeFromSystemTime
InternetUnlockRequestFile
InternetWriteFileExA
InternetCrackUrlW
UnlockUrlCacheEntryFile
DeleteUrlCacheEntryA
FtpPutFileW
FtpCommandA
InternetQueryOptionA
FtpRenameFileA
HttpQueryInfoW
InternetReadFileExA
HttpEndRequestA

icmp

IcmpSendEcho
IcmpCloseHandle
register_icmp
do_echo_req
IcmpSendEcho2
IcmpParseReplies
IcmpCreateFile
do_echo_rep

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba150ae69b2c42b48474bbb366f993ee

Headers

File Characteristics

Imports

msdart

winmm

kernel32

user32

wininet

icmp

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 124KB - Virtual size: 123KB

.data Size: 61KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 124KB - Virtual size: 123KB

.data
Size: 61KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 1KB