37825143402c347f63f21c1c3c7d86960d1caf47ea6074b66fe65e7ef8fadfde

Sharing

Copy URL

Twitter E-mail

General

Target

37825143402c347f63f21c1c3c7d86960d1caf47ea6074b66fe65e7ef8fadfde
Size

872KB
MD5

385fd7474300e07a494ce00bf65d23af
SHA1

498b4ba72be4c3b5b5ae69b78291b0c73057ecf8
SHA256

37825143402c347f63f21c1c3c7d86960d1caf47ea6074b66fe65e7ef8fadfde
SHA512

c27a283a94e05fb9b87454b62b382c02c4279106c8e5e70570c2f1f94fb1571a6877a4aa42401ce74d7bb85cec5e903667fae536d9914081e5faa9f4f3623099
SSDEEP

24576:Ft+YfwTjBvg3YQG5yro/xZ+U/kazGhc2goglgggcgKgggygbgNgLgwTgxgWgcg7s:Ft+YfwTjBvQoyXdazf2D8

Score

N/A

Malware Config

Signatures

Files

37825143402c347f63f21c1c3c7d86960d1caf47ea6074b66fe65e7ef8fadfde
.exe windows x86

facbfa307ee91c74e8bf12903c675494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitThread
lstrcatA
lstrlenA
WaitForMultipleObjects
CreateEventA
MapViewOfFile
OpenFileMappingA
GetCurrentProcessId
DeleteFileA
GetTickCount
TerminateThread
CreateToolhelp32Snapshot
SetFilePointer
VirtualAlloc
ReleaseMutex
CreateDirectoryA
Sleep
VirtualProtect
VirtualFree
ReadFile
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
CreateFileA
lstrcpyA
LoadLibraryA
GetOEMCP
WideCharToMultiByte
GetProcAddress
HeapReAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetCurrentProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetSystemInfo
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
SetEndOfFile
HeapSize
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
GlobalLock
GetACP
GlobalUnlock
IsDBCSLeadByte
Process32First
Process32Next
SetEnvironmentVariableA
CompareStringW
CompareStringA
FreeEnvironmentStringsA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW
GetCPInfo
OpenProcess
TerminateProcess
GetEnvironmentStrings
FlushFileBuffers
SetStdHandle
RtlUnwind
GetEnvironmentStringsW

user32

SetWindowTextA
RegisterClassA
LoadCursorA
LoadIconA
UpdateWindow
SetWindowPos
SetWindowLongA
CreateWindowExA
CloseClipboard
TranslateMessage
ShowWindow
AdjustWindowRectEx
SetRect
DispatchMessageA
BeginPaint
EndPaint
GetKeyState
LoadImageA
SetFocus
GetWindowRect
GetSystemMetrics
SetWindowRgn
GetWindowLongA
InvalidateRect
SetTimer
KillTimer
GetAsyncKeyState
DestroyWindow
PostQuitMessage
GetClientRect
OffsetRect
SendMessageA
DefWindowProcA
PeekMessageA
MessageBoxA
ReleaseDC
GetClipboardData
OpenClipboard
GetKeyboardLayout
GetDC
ClientToScreen
PostMessageA
ShowCursor
wsprintfA

gdi32

DeleteDC
CreateCompatibleDC
BitBlt
CreateFontA
GetDeviceCaps
TextOutA
SetTextColor
DeleteObject
SetBkMode
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateRectRgn

ddraw

DirectDrawCreate

dsound

ord1

winmm

mciSendCommandA
timeGetTime
mmioRead
mmioDescend
mmioOpenA
mmioClose
mmioAscend

dinput

DirectInputCreateA

wsock32

closesocket
send
WSAGetLastError
__WSAFDIsSet
recv
select
WSAStartup
WSACleanup
connect
gethostbyname
ioctlsocket
htons
inet_ntoa
recvfrom
sendto
socket
setsockopt

imm32

ImmAssociateContext
ImmCreateContext
ImmDestroyContext
ImmGetOpenStatus
ImmGetProperty
ImmSetOpenStatus
ImmGetConversionStatus
ImmGetDescriptionA
ImmIsIME
ImmGetCandidateListA
ImmGetCompositionStringA

Sections

.text
Size: 620KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 232KB - Virtual size: 74.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

facbfa307ee91c74e8bf12903c675494

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

dsound

winmm

dinput

wsock32

imm32

Sections

.text Size: 620KB - Virtual size: 616KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 232KB - Virtual size: 74.1MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 620KB - Virtual size: 616KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 232KB - Virtual size: 74.1MB

.rsrc
Size: 8KB - Virtual size: 5KB