569dc455427dda718403212f33637ba821caabea18ebadcbb9f850489686de5e

Sharing

Copy URL Twitter E-mail

General

Target

569dc455427dda718403212f33637ba821caabea18ebadcbb9f850489686de5e
Size

101KB
MD5

fe3cf78ad7ab1eee8e6113c21bb8ba31
SHA1

d7608473cf10d11f6638d3b2402e486af7015524
SHA256

569dc455427dda718403212f33637ba821caabea18ebadcbb9f850489686de5e
SHA512

08952b85864a5fd4f9720374f7dc27c5b596e6926d03866dc0fe92e20f26bdfcc83fa7f757e2fb403022ec3a117e4f2f0e76d99802358c5fe234d98aa2cf7af9
SSDEEP

3072:+Y8oT8tmsUmd0j8l+sbGpDBn1tzMsu0SlyS6MJzJ:+OgmsUW0j8lmn1t6TJ

Score

N/A

Malware Config

Signatures

Files

569dc455427dda718403212f33637ba821caabea18ebadcbb9f850489686de5e
.exe windows x86

6bed8d445b69cdc117ab7ed4c6072cd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetThreadPriority
SetLastError
GetCurrentProcess
SetEvent
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
LeaveCriticalSection
CreateIoCompletionPort
GetLastError
GlobalLock
DeleteCriticalSection
CreateSemaphoreW
QueryPerformanceCounter
GetModuleFileNameA
lstrlenW
GlobalHandle
HeapFree
LoadLibraryW
GetDiskFreeSpaceW
DeleteFileW
GetStartupInfoA
WriteFile
PostQueuedCompletionStatus
ResetEvent
SetFilePointer
CloseHandle
GetFileSize
GetFullPathNameW
VirtualFree
InitializeCriticalSection
lstrcmpW
GetCurrentThread
GetProcAddress
IsBadReadPtr
WaitForMultipleObjects
GetFileAttributesW
GetProfileIntA
GetSystemInfo
GetQueuedCompletionStatus
IsBadCodePtr
SetThreadPriority
SetEndOfFile
WaitForSingleObject
EnterCriticalSection
GetLocaleInfoW
CreateEventW
GlobalFree
GlobalAlloc
ReadFile
CreateFileW
lstrcpynW
GlobalMemoryStatus
CreateThread
GetTickCount
IsBadWritePtr
GlobalUnlock
ReleaseSemaphore
HeapAlloc
lstrcpyA
lstrcpyW
GetSystemTimeAsFileTime
GetPrivateProfileStringW
lstrlenA
WideCharToMultiByte
GetACP
SetUnhandledExceptionFilter
MultiByteToWideChar
GetProcessHeap
GetVersionExW
MulDiv
InterlockedExchange

msvfw32

ICDecompress
ICOpen
ICClose
ICGetInfo
ICCompress
ICLocate
ICSendMessage

gdi32

PatBlt
SelectObject
GetStockObject
GetTextExtentPoint32W
GetObjectW
GetPaletteEntries

winmm

waveInUnprepareHeader
waveInAddBuffer
mixerGetID
CloseDriver
mixerClose
OpenDriver
waveInPrepareHeader
mixerGetLineControlsW
mixerGetLineInfoW
waveInOpen
SendDriverMessage
waveInStop
waveInGetDevCapsW
mixerOpen
mixerGetControlDetailsW
waveInClose
mixerSetControlDetails
waveInReset
waveInStart

user32

wsprintfW
ClientToScreen
CheckRadioButton
GetAsyncKeyState
CreateDialogParamW
TranslateMessage
GetWindowRect
GetDC
PeekMessageW
ReleaseDC
EnableWindow
SetDlgItemInt
SendMessageW
GetClientRect
IsWindow
LoadCursorW
InvalidateRect
GetWindowLongW
DestroyWindow
SetCursor
SetWindowLongW
IsRectEmpty
LoadStringW
SetDlgItemTextW
DispatchMessageW
GetDesktopWindow
IsWindowVisible
CheckDlgButton
ShowWindow
GetDlgItemInt
DefWindowProcW
MoveWindow
GetDlgItem

ole32

CoTaskMemAlloc
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize

nddeapi

NDdeIsValidShareNameA
NDdeGetShareSecurityA
NDdeGetShareSecurityW
NDdeIsValidAppTopicListW
NDdeIsValidAppTopicListA
NDdeGetErrorStringA
NDdeGetTrustedShareW
NDdeGetTrustedShareA

ncobjapi

WmiEventSourceDisconnect
WmiCreateObject
WmiCreateObjectWithFormat
WmiDestroyObject
WmiCreateObjectWithProps
WmiAddObjectProp
WmiSetAndCommitObject
WmiCommitObject
WmiIsObjectActive
WmiEventSourceConnect

mydocs

DllGetClassObject
DllCanUnloadNow
PerUserInit

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bed8d445b69cdc117ab7ed4c6072cd8

Headers

File Characteristics

Imports

kernel32

msvfw32

gdi32

winmm

user32

ole32

nddeapi

ncobjapi

mydocs

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 69KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 69KB

.rsrc
Size: 24KB - Virtual size: 23KB