72b6dd365b7a7f094101e52ebb71d49fe5f741bcafe0eb25ffa506a9039896bb

Sharing

Copy URL

Twitter E-mail

General

Target

72b6dd365b7a7f094101e52ebb71d49fe5f741bcafe0eb25ffa506a9039896bb
Size

100KB
MD5

1cebf5456c1e4b1078dd8067587f7f04
SHA1

161b28e5060ef9b53550e5064b0f1de7b91936e9
SHA256

72b6dd365b7a7f094101e52ebb71d49fe5f741bcafe0eb25ffa506a9039896bb
SHA512

7473f7541a23e304fe132b4353fffae5a9a9a34511c7def48ede91593a6d727ba4f07384b183e10408838198fea71f2e0c293703d43ed40fadc79bf553a512aa
SSDEEP

1536:20b5lpPb/4eTNjLW8nbk239FR/5iKPxb8/aQbQ4l2AjlWSrDjJy:201fPb/4e9LW8Q2NFRLxb87Q4RrD9y

Score

N/A

Malware Config

Signatures

Files

72b6dd365b7a7f094101e52ebb71d49fe5f741bcafe0eb25ffa506a9039896bb
.exe windows x86

849e4ac9357115153715d2e31570b490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveInReset
waveInOpen
mixerSetControlDetails
waveInUnprepareHeader
mixerGetLineControlsW
waveInClose
mixerGetLineInfoW
mixerClose
waveInStart
mixerGetID
mixerOpen
waveInStop
SendDriverMessage
CloseDriver
waveInGetDevCapsW
waveInAddBuffer
mixerGetControlDetailsW
OpenDriver
waveInPrepareHeader

kernel32

GetACP
lstrcpynW
GlobalFree
GetSystemInfo
GetLastError
IsBadCodePtr
CreateEventW
GetProfileIntA
LoadLibraryW
PostQueuedCompletionStatus
lstrcmpW
GetProcessHeap
GlobalAlloc
SetEvent
FreeLibrary
CreateIoCompletionPort
ReadFile
SetLastError
InitializeCriticalSection
GetPrivateProfileStringW
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
lstrcpyA
EnterCriticalSection
VirtualFree
IsBadWritePtr
WaitForMultipleObjects
GetCurrentProcess
GetSystemTimeAsFileTime
GetQueuedCompletionStatus
GlobalHandle
GetModuleFileNameA
GetLocaleInfoW
CreateFileW
IsBadReadPtr
GetDiskFreeSpaceW
GetCurrentProcessId
InterlockedExchange
DeleteCriticalSection
InterlockedIncrement
HeapAlloc
lstrlenA
HeapFree
lstrcmpiW
CloseHandle
GetCurrentThread
CreateThread
LeaveCriticalSection
SetFilePointer
SetThreadPriority
DeleteFileW
GetFileAttributesW
lstrcpyW
ReleaseSemaphore
QueryPerformanceCounter
GetThreadPriority
CreateSemaphoreW
WriteFile
WaitForSingleObject
GetFullPathNameW
SetUnhandledExceptionFilter
GetProcAddress
GetVersionExW
SetEndOfFile
InterlockedDecrement
GetFileSize
GlobalUnlock
GlobalLock
ResetEvent
GetTickCount
MulDiv
GetStartupInfoA
GlobalMemoryStatus

nddeapi

NDdeGetTrustedShareA
NDdeGetShareSecurityW
NDdeGetTrustedShareW
NDdeIsValidShareNameA
NDdeIsValidAppTopicListA
NDdeIsValidAppTopicListW
NDdeGetErrorStringA
NDdeGetShareSecurityA

user32

GetWindowRect
SetCursor
InvalidateRect
SetDlgItemTextW
IsWindow
SetDlgItemInt
SetWindowLongW
GetWindowLongW
EnableWindow
TranslateMessage
IsWindowVisible
GetDlgItem
CheckRadioButton
GetAsyncKeyState
SendMessageW
LoadCursorW
PeekMessageW
GetDC
CheckDlgButton
MoveWindow
CreateDialogParamW
wsprintfW
DefWindowProcW
ReleaseDC
GetDesktopWindow
LoadStringW
DispatchMessageW
DestroyWindow
GetDlgItemInt
ClientToScreen
ShowWindow
IsRectEmpty
GetClientRect

msvfw32

ICLocate
ICOpen
ICDecompress
ICGetInfo
ICClose
ICSendMessage
ICCompress

gdi32

GetPaletteEntries
GetStockObject
GetObjectW
PatBlt
GetTextExtentPoint32W
SelectObject

mydocs

PerUserInit
DllCanUnloadNow
DllGetClassObject

ncobjapi

WmiAddObjectProp
WmiCreateObjectWithProps
WmiEventSourceDisconnect
WmiIsObjectActive
WmiSetAndCommitObject
WmiDestroyObject
WmiEventSourceConnect
WmiCommitObject
WmiCreateObject
WmiCreateObjectWithFormat

ole32

CoInitialize
StringFromGUID2
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

849e4ac9357115153715d2e31570b490

Headers

File Characteristics

Imports

winmm

kernel32

nddeapi

user32

msvfw32

gdi32

mydocs

ncobjapi

ole32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 130KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 130KB

.rsrc
Size: 24KB - Virtual size: 23KB