da24b6f5f4f05949d6c44c0279f5abd791f415d9a1080022806f39cfc5e0cd65

Sharing

Copy URL Twitter E-mail

General

Target

da24b6f5f4f05949d6c44c0279f5abd791f415d9a1080022806f39cfc5e0cd65
Size

708KB
MD5

59b1ae48fc6ad482110e3d0a0db345b0
SHA1

fdf749a8427d2d8def87bd7098a2eb35402be8d9
SHA256

da24b6f5f4f05949d6c44c0279f5abd791f415d9a1080022806f39cfc5e0cd65
SHA512

4921254b57753c1930378ec8e475e0909b9d99a108f92b63335dca8fc97d91071b5dadac83558ed556d757241d348e34b427da866b71c6b3527e963badc6bc7b
SSDEEP

12288:AKOD5ZeNPgOz2QR6x+Sg9qDbHP8poVucVGfXvZudMB:AKz5oQRc/HPoZXvZkM

Score

N/A

Malware Config

Signatures

Files

da24b6f5f4f05949d6c44c0279f5abd791f415d9a1080022806f39cfc5e0cd65
.exe windows x86

b4a3624826670d9b10fc6d777f1a8847

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

dsound

ord1

mpg2decdll

?mpg2_info@@YAPBUmpeg2_info_s@@PAUmpeg2dec_s@@@Z
?mpg2_buffer@@YAXPAUmpeg2dec_s@@PAE1@Z
?mpg2_parse@@YA?AW4mpeg2_state_t@@PAUmpeg2dec_s@@@Z
?mpg2_close@@YAXPAUmpeg2dec_s@@@Z
?mpg2_init@@YAPAUmpeg2dec_s@@XZ

libac3dec

AC3_GetAudioInfo

blur

DeCSSParseIFO

libxml2

xmlNodeGetContent
xmlDocGetRootElement
xmlParseFile
xmlKeepBlanksDefault
xmlCleanupParser
xmlFreeDoc

turbodll

??1CTreeListCtrl@@UAE@XZ
??0CTreeListCtrl@@QAE@XZ
?SelectItem@CTreeListCtrl@@QAEXPAVCTreeListItem@@HH@Z
?GetChildItem@CTreeListCtrl@@QAEPAVCTreeListItem@@PAV2@@Z
?GetRootItem@CTreeListCtrl@@QAEPAVCTreeListItem@@XZ
?GetSelectedItem@CTreeListCtrl@@QAEPAVCTreeListItem@@XZ
?SetColumnWidth@CTreeListCtrl@@QAEHHHHH@Z
?InsertColumn@CTreeListCtrl@@QAEHPBDKHHHH@Z
?SetImageList@CTreeListCtrl@@QAEXPAVCImageList@@@Z
?SetStyle@CTreeListCtrl@@QAEKK@Z
?SetSelectionMark@CTreeListCtrl@@QAEHH@Z
?DeleteAllItems@CTreeListCtrl@@QAEHXZ
?Expand@CTreeListCtrl@@QAEHPAVCTreeListItem@@H@Z
?SetItemText@CTreeListCtrl@@QAEHPAVCTreeListItem@@PBDH@Z
?SetCheck@CTreeListItem@@QAEXH@Z
?SetItemImage@CTreeListCtrl@@QAEXPAVCTreeListItem@@HHHH@Z
?InsertItem@CTreeListCtrl@@QAEPAVCTreeListItem@@PBDPAV2@1@Z
?GetCheck@CTreeListItem@@QAEHXZ
?BeginModify@CTreeListCtrl@@QAEHPAVCTreeListItem@@H@Z
?GetNextItem@CTreeListCtrl@@QAEPAVCTreeListItem@@PAV2@I@Z

mfc42

ord1640
ord323
ord2379
ord4284
ord924
ord4129
ord5683
ord800
ord858
ord537
ord1768
ord6197
ord540
ord4710
ord823
ord6055
ord1776
ord5290
ord3402
ord4424
ord3721
ord3571
ord795
ord567
ord4275
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord755
ord2405
ord5785
ord2754
ord6194
ord6021
ord470
ord1146
ord5981
ord2864
ord3089
ord6453
ord5440
ord6383
ord5450
ord6394
ord860
ord535
ord2044
ord2448
ord2575
ord4396
ord3574
ord809
ord609
ord2122
ord556
ord3573
ord3693
ord3874
ord5788
ord5787
ord472
ord2859
ord1168
ord5834
ord2915
ord5710
ord941
ord2763
ord2582
ord4402
ord3640
ord686
ord384
ord2818
ord6696
ord3996
ord2862
ord2097
ord3286
ord4673
ord4274
ord6375
ord4486
ord5875
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord616
ord656
ord3610
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord922
ord5572
ord926
ord4299
ord6111
ord6334
ord6199
ord2642
ord940
ord3177
ord3499
ord355
ord2764
ord6663
ord6215
ord4694
ord2121
ord1644
ord1105
ord4224
ord793
ord3719
ord2370
ord3092
ord2574
ord3572
ord1793
ord4160
ord6358
ord1088
ord6157
ord6605
ord2452
ord939
ord2614
ord5856
ord1829
ord1109
ord3731
ord2096
ord2863
ord1862
ord4220
ord2584
ord3654
ord2438
ord816
ord562
ord2450
ord4083
ord283
ord812
ord5862
ord559
ord2860
ord3873
ord3797
ord3742
ord818
ord1270
ord1232
ord4133
ord4297
ord2380
ord6241
ord3706
ord2152
ord1233
ord1175
ord4400
ord3630
ord3692
ord682
ord2567
ord5791
ord6654
ord5053
ord613
ord289
ord3370
ord693
ord4243
ord6242
ord3301
ord6762
ord6007
ord3998
ord6907
ord3293
ord955
ord3021
ord3698
ord765
ord4267
ord4123
ord3138
ord6880
ord808
ord4269
ord3716
ord790
ord4287
ord1641
ord2414
ord640
ord3626
ord3619
ord3663
ord4234
ord2302
ord825
ord324
ord641
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord2554
ord1576

msvcrt

__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
exit
_stat
__set_app_type
rewind
fscanf
perror
realloc
isdigit
isalpha
isalnum
isprint
toupper
strncmp
memmove
_setmbcp
_open
_close
_lseek
_read
_mkdir
_access
__CxxFrameHandler
_ftol
sprintf
sscanf
fclose
fopen
fread
ftell
fseek
fwrite
printf
free
calloc
atoi
_mbscmp
_putenv
malloc
atof
_controlfp

kernel32

GetCurrentThreadId
MulDiv
GetWindowsDirectoryA
lstrcpynA
GetStartupInfoA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetVersionExA
SetEvent
TerminateThread
CreateEventA
WaitForMultipleObjects
OpenMutexA
CloseHandle
ResumeThread
LoadLibraryA
CreateProcessA
GetModuleHandleA
GetProcAddress
CreateMutexA
GetLastError
GetModuleFileNameA
FreeLibrary
Sleep

user32

DestroyWindow
GetMessagePos
MessageBoxA
ReleaseDC
GetSystemMetrics
DrawIcon
FindWindowA
SetTimer
LockWindowUpdate
SendMessageA
ClientToScreen
WindowFromPoint
CopyRect
OffsetRect
DrawStateA
GetSysColor
InflateRect
UpdateWindow
GetIconInfo
LoadIconA
GrayStringA
DrawTextA
TabbedTextOutA
GetKeyState
GetParent
PostMessageA
GetFocus
IsIconic
DefWindowProcA
SetRect
RegisterWindowMessageA
PtInRect
AppendMenuA
DrawFrameControl
DrawIconEx
DrawEdge
SystemParametersInfoA
ScreenToClient
GetSubMenu
GetDesktopWindow
GetWindowRect
IntersectRect
SetWindowsHookExA
TrackPopupMenuEx
UnhookWindowsHookEx
CallNextHookEx
GetClientRect
SetWindowRgn
LoadImageA
EnableWindow
DrawFocusRect
InvalidateRect
ReleaseCapture
LoadBitmapA
SetCapture
GetMenuItemCount
GetMenuItemInfoA
GetMenuStringA
MessageBeep
MapVirtualKeyA
GetKeyNameTextA
LoadCursorA
SetCursor
KillTimer
GetDC
DestroyIcon
CreatePopupMenu
SetWindowLongA
RedrawWindow
IsWindow
GetWindowLongA
GetClassInfoA

gdi32

SetPixel
CreateHalftonePalette
GetDIBColorTable
CreatePalette
GetTextExtentPoint32A
GetDeviceCaps
RealizePalette
GetCurrentObject
Polygon
SetBkColor
SetTextColor
DeleteDC
GetStockObject
CreateDIBitmap
PatBlt
GetTextColor
StretchBlt
SetStretchBltMode
StretchDIBits
CreateFontIndirectA
CreateSolidBrush
CreatePen
Rectangle
Ellipse
DeleteObject
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateBitmap
Escape
GetPixel
GetObjectA
LPtoDP
CreateCompatibleBitmap
GetMapMode
DPtoLP
GetBkColor
CreateRoundRectRgn
CreateRectRgn
CombineRgn
CreateCompatibleDC
SelectObject
BitBlt
CreateFontA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

comctl32

ImageList_GetBkColor
ImageList_SetBkColor
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_GetImageCount
_TrackMouseEvent

avformat

ord61

avcodec

ord641
ord626
ord625
ord656
ord640
ord620
ord653

avdevice

ord1

sdl

SDL_UnlockYUVOverlay
SDL_DisplayYUVOverlay
SDL_Init
SDL_CreateYUVOverlay
SDL_SetVideoMode
SDL_Quit
SDL_LockYUVOverlay
SDL_FreeYUVOverlay

msimg32

GradientFill

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4a3624826670d9b10fc6d777f1a8847

Headers

File Characteristics

Imports

ddraw

dsound

mpg2decdll

libac3dec

blur

libxml2

turbodll

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

avformat

avcodec

avdevice

sdl

msimg32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 16KB - Virtual size: 13KB

.rsrc Size: 388KB - Virtual size: 387KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 388KB - Virtual size: 387KB