0a8b85b043754aa4af0be6bd9b5ae4a8c6a198359962d2661eb975f44173ff56

Sharing

Copy URL

Twitter E-mail

General

Target

0a8b85b043754aa4af0be6bd9b5ae4a8c6a198359962d2661eb975f44173ff56
Size

99KB
MD5

194f36b24ef9f20f9ce2d8bb608bceec
SHA1

2b9883e10768105910e2d50a8c34469cb479a1ed
SHA256

0a8b85b043754aa4af0be6bd9b5ae4a8c6a198359962d2661eb975f44173ff56
SHA512

03b6f0ea048dacf63de3e2c1de6003cd2dea2cd5fc166995ef9ad767bf63953f84e735a151e75a17cfe24b232a6bd57ec8dff25b0c0e6706026669705676576f
SSDEEP

3072:ki4sC6UGttnZxq9v0GIwz1Qu364Lyf22:kfOttnZxpGNC

Score

N/A

Malware Config

Signatures

Files

0a8b85b043754aa4af0be6bd9b5ae4a8c6a198359962d2661eb975f44173ff56
.exe windows x86

812c0307989be11d0fb411a0f0c9a805

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
InterlockedExchange
GlobalFree
GetStartupInfoA
DeleteFileW
GetThreadPriority
GetFileSize
ResetEvent
GetCurrentProcess
SetEndOfFile
GlobalAlloc
ReadFile
SetLastError
SetFilePointer
GetCurrentThread
CreateThread
GetProcAddress
SetThreadPriority
InterlockedDecrement
GlobalHandle
GetDiskFreeSpaceW
MulDiv
GetPrivateProfileStringW
MultiByteToWideChar
lstrlenA
HeapAlloc
QueryPerformanceCounter
IsBadCodePtr
ReleaseSemaphore
IsBadWritePtr
SetUnhandledExceptionFilter
GetSystemInfo
CloseHandle
CreateIoCompletionPort
DeleteCriticalSection
WideCharToMultiByte
GetACP
GetFileAttributesW
GetQueuedCompletionStatus
VirtualFree
CreateFileW
LoadLibraryW
lstrcmpiW
IsBadReadPtr
HeapFree
GlobalLock
lstrcpyW
GetFullPathNameW
GetTickCount
lstrlenW
WaitForMultipleObjects
lstrcmpW
SetEvent
GetProcessHeap
GetCurrentProcessId
WaitForSingleObject
GetProfileIntA
FreeLibrary
GetLocaleInfoW
InterlockedIncrement
lstrcpynW
GlobalMemoryStatus
lstrcpyA
GetVersionExW
GetLastError
GetModuleFileNameA
InitializeCriticalSection
CreateEventW
GetSystemTimeAsFileTime
PostQueuedCompletionStatus
WriteFile
GlobalUnlock
EnterCriticalSection
CreateSemaphoreW

gdi32

GetStockObject
GetTextExtentPoint32W
GetObjectW
SelectObject
PatBlt
GetPaletteEntries

mydocs

DllCanUnloadNow
DllGetClassObject
PerUserInit

nddeapi

NDdeIsValidAppTopicListA
NDdeGetTrustedShareA
NDdeIsValidAppTopicListW
NDdeGetShareSecurityW
NDdeGetShareSecurityA
NDdeGetErrorStringA
NDdeIsValidShareNameA
NDdeGetTrustedShareW

winmm

OpenDriver
mixerGetID
waveInPrepareHeader
mixerGetControlDetailsW
waveInUnprepareHeader
CloseDriver
mixerOpen
mixerGetLineControlsW
waveInAddBuffer
waveInStart
mixerClose
waveInOpen
SendDriverMessage
waveInStop
mixerSetControlDetails
waveInClose
mixerGetLineInfoW
waveInReset
waveInGetDevCapsW

user32

SendMessageW
GetDlgItemInt
LoadStringW
LoadCursorW
SetCursor
GetDC
GetDesktopWindow
PeekMessageW
CreateDialogParamW
SetWindowLongW
SetDlgItemTextW
EnableWindow
wsprintfW
DispatchMessageW
GetWindowRect
GetDlgItem
InvalidateRect
ReleaseDC
CheckRadioButton
ClientToScreen
SetDlgItemInt
IsWindowVisible
DefWindowProcW
GetClientRect
TranslateMessage
GetAsyncKeyState
CheckDlgButton
IsRectEmpty
GetWindowLongW
DestroyWindow
MoveWindow
ShowWindow
IsWindow

ole32

CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoTaskMemFree

msvfw32

ICCompress
ICClose
ICGetInfo
ICDecompress
ICSendMessage
ICOpen
ICLocate

ncobjapi

WmiCreateObjectWithFormat
WmiEventSourceDisconnect
WmiAddObjectProp
WmiDestroyObject
WmiIsObjectActive
WmiEventSourceConnect
WmiCommitObject
WmiCreateObjectWithProps
WmiCreateObject
WmiSetAndCommitObject

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

812c0307989be11d0fb411a0f0c9a805

Headers

File Characteristics

Imports

kernel32

gdi32

mydocs

nddeapi

winmm

user32

ole32

msvfw32

ncobjapi

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 123KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 123KB

.rsrc
Size: 24KB - Virtual size: 23KB