426e55b1ac3245923a65cda116ca4f180db72de266e08de4b4c675f31ef13d80

Sharing

Copy URL Twitter E-mail

General

Target

426e55b1ac3245923a65cda116ca4f180db72de266e08de4b4c675f31ef13d80
Size

5.6MB
MD5

bb126e54a1470325ba1dac73fa8fff99
SHA1

b126e7b614e742cedbca2f801c29fa59ab1c8fb1
SHA256

426e55b1ac3245923a65cda116ca4f180db72de266e08de4b4c675f31ef13d80
SHA512

7da6ff8e42e7dc3dec2ec53726ab4139a4318c2d63509401ff0a80f375a828081ec7d20da04fbb7a1ed520b7773f657cf4313bd27d2ea54bf8a12aa04736c1f5
SSDEEP

98304:FwLr3PtIP3TMuIis/bm75qWOvGNN7txeD5q1Md4C:FgeTdK/bGqWOvGNNRo

Score

N/A

Malware Config

Signatures

Files

426e55b1ac3245923a65cda116ca4f180db72de266e08de4b4c675f31ef13d80
.exe windows x86

5661ef03c8a9d7448f1cd4fd48c01c22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

kernel32

FindClose
GetComputerNameA
WriteFile
SetFilePointer
GetLocalTime
SuspendThread
ResumeThread
GetCurrentThreadId
CreateDirectoryA
CopyFileA
DeleteCriticalSection
TerminateThread
GetExitCodeThread
WaitForSingleObject
SetThreadPriority
_lwrite
_lclose
_lcreat
CompareFileTime
GlobalFree
GlobalAlloc
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
IsDBCSLeadByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
TerminateProcess
LocalFree
LocalAlloc
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleFileNameA
SetUnhandledExceptionFilter
SetEndOfFile
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
VirtualProtect
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FindNextFileA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
GetLastError
TlsGetValue
TlsSetValue
SetLastError
TlsFree
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
QueryPerformanceCounter
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetFileSize
GetCurrentProcessId
lstrcpyA
lstrcatA
CreateThread
GetCurrentThread
GetTickCount
Sleep
EnterCriticalSection
LeaveCriticalSection
ExitThread
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
CloseHandle
FindFirstFileA
CreateFileA
ReadFile
GetACP
InterlockedExchange
InitializeCriticalSection
DeleteFileA
OutputDebugStringA
FreeEnvironmentStringsW
lstrcmpA

user32

OffsetRect
ClientToScreen
GetClientRect
MessageBoxA
GetDesktopWindow
GetKeyState
LoadCursorA
FindWindowA
GetWindowRect
SetWindowPos
CharLowerA
RegisterClassA
CreateWindowExA
LoadIconA
wsprintfA
DrawTextA
CallWindowProcA
GetWindowTextA
SendMessageA
SetWindowTextA
DefWindowProcA
PostMessageA
PostQuitMessage
SetFocus
ReleaseDC
LoadBitmapA
GetDC
DispatchMessageA
TranslateMessage
PeekMessageA
SetTimer
SetWindowLongA
ShowCursor
ShowWindow
UpdateWindow
GetSystemMetrics

gdi32

CreateDCA
GetObjectA
GetDIBits
CreateCompatibleBitmap
GetTextExtentPoint32A
GetStockObject
CreateCompatibleDC
BitBlt
DeleteDC
TextOutA
DeleteObject
CreateFontA
SelectObject
SetBkMode
SetTextColor

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

ddraw

DirectDrawCreate

winmm

timeKillEvent
timeEndPeriod
timeGetTime
timeSetEvent
timeBeginPeriod
mixerSetControlDetails
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
mixerGetDevCapsA
mixerOpen
mixerClose
mmioGetInfo
mmioAdvance
mmioSetInfo
mmioSeek
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose

shlwapi

PathFileExistsA

wininet

HttpQueryInfoA
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

imm32

ImmSetConversionStatus
ImmGetContext
ImmSetCompositionWindow
ImmSetOpenStatus

wsock32

WSACleanup
accept
setsockopt
socket
ioctlsocket
connect
WSAAsyncSelect
send
htons
inet_ntoa
recv
closesocket
WSAStartup
gethostbyname
inet_addr

urlmon

URLDownloadToFileA

Exports

Exports

SetExtChangeZip
UnZipData
UnZipDataToDirectory
UnZipDataToFile
UnZipFile
ZipData
ZipFile
_CloseD3d@0
_InitD3D@4
_smPlayD3D@24

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 62.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5661ef03c8a9d7448f1cd4fd48c01c22

Headers

File Characteristics

Imports

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

ddraw

winmm

shlwapi

wininet

imm32

wsock32

urlmon

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 208KB - Virtual size: 205KB

.data Size: 1.4MB - Virtual size: 62.6MB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 208KB - Virtual size: 205KB

.data
Size: 1.4MB - Virtual size: 62.6MB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB