99a4ffca492f291439619386cb00f24ff0341c22a2eca5a42ca8458f59ff52c3

Sharing

Copy URL Twitter E-mail

General

Target

99a4ffca492f291439619386cb00f24ff0341c22a2eca5a42ca8458f59ff52c3
Size

2.5MB
MD5

02cf79d1bc4b9115a4ce0d9cd8e3318e
SHA1

444589a60800dc7a407f3d8ec7007943096b7c22
SHA256

99a4ffca492f291439619386cb00f24ff0341c22a2eca5a42ca8458f59ff52c3
SHA512

16da7c73e8cca2b2941265088f4a1d5acdac43f9a5c620742377e9989f06befcc8240beb097f2ed179d9fc6a5114ce0e7c34d1ae583e95a5c9fec6d4c6d09691
SSDEEP

24576:LQZ5mr2Ax4Vk9ktD2wFnnK2c+ggOIEm8BJrOgHGoAtNsCw6coOj923RWgjZmCFHA:LEmpkt7jJkGM6S4hWgYur6HZl

Score

N/A

Malware Config

Signatures

Files

99a4ffca492f291439619386cb00f24ff0341c22a2eca5a42ca8458f59ff52c3
.exe windows x86

323fee25b76f721dfd9762828191d044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

kernel32

GetCommandLineW
SetCurrentDirectoryA
GetPrivateProfileIntA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
OutputDebugStringA
GlobalAlloc
GlobalLock
GetModuleHandleA
ReadFile
WritePrivateProfileStringA
CloseHandle
CreateFileA
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleFileNameW
GetCurrentProcess
GetLastError
TerminateProcess
Sleep
CreateDirectoryA
GetFileAttributesA
GetSystemInfo
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
WaitForSingleObject
GetProcAddress
MultiByteToWideChar
FindFirstFileA
GetFileSize
InterlockedExchange
SuspendThread
TlsFree
TlsAlloc
GetSystemTimeAsFileTime
GetTickCount
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
HeapAlloc
GetModuleHandleW
SetErrorMode
VirtualAllocEx
SetUnhandledExceptionFilter
CreateEventW
SearchPathW
DuplicateHandle
GetCurrentProcessId
CreateProcessW
GetProcessHeap
CreateThread
SetLastError
InterlockedIncrement
WriteFile
GetModuleFileNameA
WideCharToMultiByte
InterlockedDecrement
GetPrivateProfileStringA
LoadLibraryA
FindNextFileA
FreeLibrary
FindClose
CreateEventA

user32

IsWindow
MessageBoxA
OpenClipboard
GetWindowRect
GetCursorPos
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
CharPrevA
DefWindowProcA
IsWindowVisible
RegisterClassA
GetWindowPlacement
SetWindowRgn
SetWindowLongA
ShowWindow
CreateDialogParamA
SetMenuItemInfoA
UnregisterClassA
DispatchMessageA
AppendMenuA
GetFocus
SystemParametersInfoA
GetSystemMenu
LoadImageA
ShowCursor
PeekMessageA
UpdateWindow
PostQuitMessage
CreateWindowExA
DestroyWindow
MoveWindow
RegisterClassExA
TranslateMessage

gdi32

CreatePolygonRgn
ExtCreateRegion

advapi32

RegSetValueExA
RegEnumKeyExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA
CommandLineToArgvW

ole32

CoDisconnectObject
StringFromCLSID
CoTaskMemFree
CoUninitialize
CoInitialize
CLSIDFromString
CoRegisterClassObject
CoRevokeClassObject

d3dx9_36

D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateTextureFromFileExA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateFontIndirectA
D3DXCreateSprite
D3DXMatrixMultiply
D3DXCreateCubeTextureFromFileExA
D3DXMatrixTransformation2D
D3DXSaveSurfaceToFileA
D3DXGetPixelShaderProfile
D3DXGetVertexShaderProfile
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateTextureFromFileInMemory
D3DXGetImageInfoFromFileInMemory
D3DXCreateBuffer
D3DXVec4Transform
D3DXMatrixTranspose
D3DXMatrixInverse
D3DXGetShaderConstantTable
D3DXCompileShaderFromFileA
D3DXCompileShader
D3DXAssembleShaderFromFileA
D3DXAssembleShader
D3DXGetShaderVersion
D3DXGetShaderInputSemantics
D3DXCreateTextureFromFileInMemoryEx

gdiplus

GdiplusStartup
GdiplusShutdown

shlwapi

PathFileExistsA

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

msvcr80

_gmtime32
_time32
_mktime32
_difftime32
_localtime32
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_vsnprintf
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
wcsncpy
strcspn
strncat
strtod
strcoll
strtoul
_setjmp3
longjmp
ldexp
frexp
_isctype
__mb_cur_max
_pctype
strftime
clock
getenv
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
fopen
??2@YAPAXI@Z
??3@YAXPAX@Z
_stricmp
strcpy_s
wcstombs_s
strcat_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
memcpy_s
_purecall
strncpy
_snprintf_s
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
feof
strtok_s
atoi
fopen_s
fgets
fclose
sprintf_s
??_V@YAXPAX@Z
_vsnprintf_s
_splitpath_s
fread
fwrite
ftell
fseek
toupper
_itoa
_mbsrchr
_mbslen
_mbsnbcpy_s
_mbschr
vsprintf_s
srand
memchr
rand
atof
_CIatan2
exit
strchr
_mkdir
_localtime64
_time64
setvbuf
fgetc
fputc
fgetpos
ungetc
fflush
free
fsetpos
sprintf
fread_s
_snwprintf
wcsrchr
strrchr
??0exception@std@@QAE@ABQBDH@Z
_CxxThrowException
_strnicmp
memcpy
strstr
_getcwd
_aligned_malloc
_aligned_free
_aligned_realloc
realloc
_CIsqrt
strncpy_s
_CIacos
_CIasin
strpbrk
memset
_CIfmod
_CIsin
qsort
isdigit
_CItan
_CIcos
bsearch
strcmp
strlen
malloc
fprintf
__iob_func
printf
tolower
strncmp
ceil
floor
_CIatan
_CIpow
_CIexp
__CxxFrameHandler3
setlocale
__uncaught_exception
_invoke_watson
_fsopen
_wfsopen
_get_osplatform
mbstowcs_s
__crtLCMapStringA
__pctype_func
isupper
___lc_codepage_func
___lc_handle_func
_calloc_crt
islower
abort
_snprintf
_ftol
fputs
_iob
strerror
_errno
tmpfile
fscanf
getc
system
remove
rename
tmpnam

dinput8

DirectInput8Create

ws2_32

ntohl
htonl

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

323fee25b76f721dfd9762828191d044

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

d3dx9_36

gdiplus

shlwapi

msvcp80

msvcr80

dinput8

ws2_32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 24KB - Virtual size: 1.5MB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 24KB - Virtual size: 1.5MB

.rsrc
Size: 20KB - Virtual size: 18KB