f24931171cd1df3684625ff7dffba3fc2e32dcf79a394392fe90f953d4f4bd2b

Sharing

Copy URL Twitter E-mail

General

Target

f24931171cd1df3684625ff7dffba3fc2e32dcf79a394392fe90f953d4f4bd2b
Size

1.9MB
MD5

48eb03e81ec7b51aa9447d4e688432ad
SHA1

345024458609388dcb7d2fea371eaa8784d5a238
SHA256

f24931171cd1df3684625ff7dffba3fc2e32dcf79a394392fe90f953d4f4bd2b
SHA512

da6b15733bbd1e8fc6b6a61235652a4529f57e16f3a7c04f60e0f4c88170333968bc2f679c24a3a9c9660fdc5b3474de3c5bb2c277f9c0b7923bbdee8bd930ea
SSDEEP

24576:TH7m2pkBqBCiEsytGkf4PrqXFnbQH4+rsXv3bARd882o6OZZr9i3WoTkkalPCn:l0qBgXXGTsXvrW12KZr0

Score

1^/10

Malware Config

Signatures

Files

f24931171cd1df3684625ff7dffba3fc2e32dcf79a394392fe90f953d4f4bd2b
.exe windows x86

a84c390281a28d7d3460fc7783202c13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
GetVersionExA
GetModuleHandleA
CloseHandle
GetSystemDefaultLangID
GetLastError
GetTickCount
ReadFile
GetFileSize
CreateFileA
lstrcatA
DeleteFileA
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
RaiseException
HeapAlloc
GetStartupInfoA
GetVersion
ExitProcess
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetSystemTimeAsFileTime
WriteFile
SetFilePointer
SetHandleCount
GetStdHandle
FreeLibrary
LoadLibraryA
GetCurrentProcess
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
SetEndOfFile
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetExitCodeProcess
IsProcessorFeaturePresent
CreateEventA
SetEvent
WaitForSingleObjectEx
GetProcAddress
QueryPerformanceCounter
lstrcpyA
QueryPerformanceFrequency
Sleep
GetLocalTime
OutputDebugStringA
InterlockedExchange
CreateProcessA
GetCommandLineA
GetFileType
TerminateProcess
HeapFree
SetEnvironmentVariableA

user32

GetDC
ChangeDisplaySettingsA
GetWindowRect
ClientToScreen
LoadStringA
LoadBitmapA
DestroyWindow
ReleaseDC
SetCursorPos
MessageBoxA
SetRectEmpty
EnumDisplaySettingsA
FillRect
ScreenToClient
GetCursorPos
GetWindowLongA
GetClientRect
SetWindowPos
ClipCursor
GetAsyncKeyState
GetKeyState
RegisterWindowMessageA
GetForegroundWindow
PostThreadMessageA
GetMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
BeginPaint
EndPaint
SetCursor
SetCapture
ReleaseCapture
LoadCursorA
LoadIconA
RegisterClassExA
GetSystemMetrics
SetRect
ShowWindow
CreateWindowExA
GetClassLongA
SetWindowLongA
SendMessageA
UnregisterClassA
UpdateWindow
ShowCursor
WaitForInputIdle

d3d8

Direct3DCreate8

winmm

mixerGetLineInfoA
mixerGetLineControlsA
auxGetNumDevs
waveOutGetNumDevs
auxGetDevCapsA
mixerGetControlDetailsA
mixerGetNumDevs
mixerSetControlDetails
timeBeginPeriod
timeGetDevCaps
timeEndPeriod
timeKillEvent
timeSetEvent
waveOutClose
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader
waveOutOpen
waveOutReset
mciSendCommandA
timeGetTime
mciGetErrorStringA

ddfix

DirectDrawCreate
DirectDrawEnumerateA

dinput

DirectInputCreateA
DirectInputCreateEx

dsound

ord1

avifil32

AVIFileInit

gdi32

CreateFontIndirectA
TextOutW
SetBkColor
CreateDCA
CreateCompatibleBitmap
CreateSolidBrush
CreateFontA
GetGlyphOutlineA
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
SetPixel
GetPixel
GetObjectA
SetTextColor
SetBkMode
TextOutA
DeleteObject
CreateDIBSection

asengine

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

ws2_32

inet_addr
ntohl
inet_ntoa
htonl
gethostbyname
gethostname
getsockname
socket
bind
connect
WSAGetLastError
select
ioctlsocket
setsockopt
WSACleanup
WSAStartup
recvfrom
htons
sendto
recv
ntohs
send
closesocket

snmpapi

SnmpUtilOidCpy
SnmpUtilOidNCmp
SnmpUtilVarBindFree

Sections

.text
Size: 1.7MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84c390281a28d7d3460fc7783202c13

Headers

File Characteristics

Imports

kernel32

user32

d3d8

winmm

ddfix

dinput

dsound

avifil32

gdi32

asengine

ole32

ws2_32

snmpapi

Sections

.text Size: 1.7MB - Virtual size: 1.6MB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 72KB - Virtual size: 2.2MB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 1.7MB - Virtual size: 1.6MB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 72KB - Virtual size: 2.2MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 15KB