AMS_Win32_3[.]3[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

AMS_Win32_3.3.zip
Size

11.5MB
MD5

686a33be5df64219d23480c8d4213337
SHA1

89a9e1ade2f322e59e8e95c26d0c18a736077352
SHA256

1d50763ffc8da82358b689ab07355ff1934c2148b61d6a4c5f0b2064efabf02b
SHA512

8be77fbe09d4fcf98928b53651306e0b4328aec5ea99c45056b670fd3883ccee38018a2c4bf9a34d95f686352782efc3d6955eeec2029419a2af017ad68c3f96
SSDEEP

196608:q3Bv80s/uIU36cdJ3ogvy2POS/C3r6cAiFpE1aC5wxQwbx+VML6iF7n37okrPKYz:Shw/I3vqgvy9GC3r6snC5ixTZ37omP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Advanced Mario Sequencer/Advanced Mario Sequencer Libs/XML.dll
unpack001/Advanced Mario Sequencer/Advanced Mario Sequencer.exe
unpack001/Advanced Mario Sequencer/fluidsynth.dll

Files

AMS_Win32_3.3.zip
.zip
Advanced Mario Sequencer/Advanced Mario Sequencer Libs/XML.dll
.dll windows x86

9aa63fce840c7fbe76e5b0bebf429181

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCurrentThread
ExitProcess
GlobalAlloc
GlobalFree
TlsAlloc
TlsFree
TlsGetValue
GetLastError
TlsSetValue
IsBadReadPtr
GetCurrentProcess
DuplicateHandle
GetStdHandle
InitializeCriticalSection
DeleteCriticalSection
GetCurrentDirectoryA
SetFilePointer
WriteFile
CloseHandle
ReadFile
CreateFileA
FindFirstFileA
FindClose
DeleteFileA
FindNextFileA
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetLocalTime
GetTimeZoneInformation

user32

MessageBoxA

Exports

Exports

REALPluginMain

Sections

.text
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Advanced Mario Sequencer/Advanced Mario Sequencer.exe
.exe windows x86

2d14680a096c5a9a7a7b735d9a3d5fe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

comctl32

ord17
ImageList_Create
ImageList_Destroy
InitCommonControlsEx
ImageList_Add

winmm

midiOutOpen
midiOutShortMsg
midiOutClose
mciSendStringA
mciSendStringW

iphlpapi

GetAdaptersInfo

kernel32

GetCurrentProcess
ExitProcess
OutputDebugStringA
GetUserDefaultLangID
CreateEventW
DeleteFiber
SwitchToFiber
CreateFiber
ConvertThreadToFiber
GetACP
IsValidCodePage
MulDiv
GetVersion
GetLogicalDrives
InterlockedIncrement
InterlockedDecrement
SetCommBreak
GetCommProperties
EscapeCommFunction
ClearCommBreak
SetCommState
SetCommTimeouts
CreateEventA
GetCommModemStatus
GetOverlappedResult
ClearCommError
ResetEvent
GetCommState
WaitForSingleObject
GetCommandLineA
SetEnvironmentVariableW
VirtualProtect
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
GetSystemDirectoryA
GetModuleHandleA
TlsGetValue
GetStartupInfoA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
GetFileType
SetStdHandle
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
RaiseException
GetStdHandle
HeapDestroy
HeapCreate
SetHandleCount
GetConsoleCP
GetConsoleMode
RtlUnwind
OutputDebugStringW
GetEnvironmentVariableW
GetCommandLineW
ExpandEnvironmentStringsW
WideCharToMultiByte
GetModuleFileNameA
LoadLibraryW
VirtualAlloc
_lopen
_llseek
_lread
_lclose
FindResourceA
LockResource
lstrcpyA
LoadResource
GetFileTime
CopyFileW
FindNextFileW
GetSystemDirectoryW
FindClose
SetFileAttributesW
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
SetFileTime
MoveFileW
CreateDirectoryW
DeleteFileW
GetCurrentThread
GetWindowsDirectoryW
GetLongPathNameW
GetFileAttributesW
GetLogicalDriveStringsW
FindFirstFileW
RemoveDirectoryW
SetCurrentDirectoryW
GetShortPathNameW
GetCurrentDirectoryW
GlobalSize
GlobalFree
GlobalAlloc
GlobalReAlloc
CreateFileA
GetCurrentProcessId
CompareFileTime
GetLocalTime
LocalFileTimeToFileTime
GetSystemTime
GetDateFormatA
FileTimeToLocalFileTime
GetTimeFormatA
SystemTimeToFileTime
GetTimeZoneInformation
TlsAlloc
FileTimeToSystemTime
CreateFileW
ReadFile
SetEndOfFile
SetFilePointer
GetFileSize
GetTempFileNameW
CloseHandle
GetLastError
WriteFile
GetTempPathW
FlushFileBuffers
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalUnlock
GlobalLock
LoadLibraryA
GetVersionExA
Sleep
GetProcAddress
GetLocaleInfoW
MultiByteToWideChar
GetUserDefaultLCID
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetLocaleInfoA
IsDBCSLeadByteEx
GetStringTypeExA
CompareStringW
CompareStringA
GetModuleHandleW
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
HeapAlloc

user32

PostMessageA
RegisterWindowMessageA
TrackMouseEvent
GetFocus
GetMenuState
TranslateMDISysAccel
EnumChildWindows
GetWindow
IsZoomed
GetTopWindow
BringWindowToTop
AdjustWindowRect
GetSystemMenu
GetClassInfoW
VkKeyScanA
GetMenuItemCount
DrawEdge
InsertMenuW
EnableMenuItem
DeleteMenu
DestroyMenu
GetWindowTextLengthW
RemovePropA
SetWindowTextW
GetMessagePos
GetKeyState
EnableWindow
GetSubMenu
GetMenuStringW
GetMenuItemInfoW
IsClipboardFormatAvailable
RegisterClipboardFormatA
OpenClipboard
wsprintfA
SetPropA
GetPropA
FrameRect
DragDetect
GetClassNameA
ValidateRect
InvalidateRgn
SetParent
CreateWindowExW
BeginPaint
EndPaint
UpdateWindow
ShowCursor
GetMonitorInfoA
EnumDisplayMonitors
SetTimer
KillTimer
RegisterClassA
WindowFromPoint
ReleaseCapture
GetMessageW
DispatchMessageW
RegisterClassW
PeekMessageW
MsgWaitForMultipleObjectsEx
SystemParametersInfoA
DrawIconEx
ShowWindow
GetActiveWindow
SetMenuItemInfoW
GetMenu
CreateWindowExA
ChildWindowFromPointEx
DestroyWindow
CreateIconIndirect
DefWindowProcA
RedrawWindow
GetSystemMetrics
LoadImageA
DestroyCursor
CreateCursor
GetWindowTextW
GetWindowTextLengthA
MessageBoxW
ScreenToClient
MoveWindow
MapVirtualKeyA
GetKeyNameTextW
GetClipboardData
EmptyClipboard
CreateIconFromResource
CreateIconFromResourceEx
SetClipboardData
LoadIconA
InvertRect
DrawIcon
GetSysColorBrush
DrawFocusRect
DrawTextW
GetIconInfo
LoadCursorFromFileW
DestroyIcon
SendMessageW
GetParent
SetWindowPos
FillRect
DispatchMessageA
IsWindowVisible
MessageBoxA
EnumWindows
PeekMessageA
TranslateMessage
SetForegroundWindow
ClientToScreen
GetClientRect
GetWindowRect
GetCursorPos
CreatePopupMenu
GetForegroundWindow
TrackPopupMenu
DefWindowProcW
GetWindowLongW
CreateMDIWindowW
IsIconic
SetScrollRange
GetScrollRange
SetScrollInfo
GetScrollPos
GetScrollInfo
SetScrollPos
SetWindowLongA
GetWindowLongA
SetCapture
GetMenuItemID
DefFrameProcW
ReleaseDC
SetWindowLongW
GetDC
DefMDIChildProcW
CallWindowProcW
SendMessageA
MessageBeep
GetDoubleClickTime
OffsetRect
SetRect
ScrollWindow
CloseClipboard
InvalidateRect
CheckMenuItem
DrawMenuBar
CopyRect
FindWindowW
CreateMenu
SetFocus
WindowFromDC
CharUpperBuffA
CharLowerBuffA
GetAsyncKeyState
LoadCursorA
SetMenu
GetMessageTime
SetCursor
GetSysColor
DrawFrameControl

gdi32

CreateDIBitmap
Polygon
SetTextAlign
SetBrushOrgEx
CreateMetaFileW
CloseMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
EnumFontsW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
GetClipRgn
GetPixel
Rectangle
SetTextColor
RoundRect
GetTextMetricsA
CreatePen
LineTo
SelectClipRgn
CreatePatternBrush
SetBkMode
GetStockObject
GetTextExtentPoint32W
CreateBitmap
CreateSolidBrush
GetFontLanguageInfo
Ellipse
MoveToEx
GetTextMetricsW
DeleteEnhMetaFile
GetObjectA
GetEnhMetaFileHeader
GetMetaFileA
GetEnhMetaFileW
EnumEnhMetaFile
CreateFontIndirectA
SetViewportOrgEx
SetBkColor
GetEnhMetaFileA
SetMapMode
CreateFontW
CreateBrushIndirect
StartDocA
SetAbortProc
EndDoc
CreateICA
SetViewportExtEx
StartPage
SetWindowExtEx
EndPage
CreateDIBSection
SelectPalette
DeleteObject
SelectObject
SetStretchBltMode
CreateCompatibleDC
DeleteDC
StretchBlt
CreateCompatibleBitmap
RealizePalette
BitBlt
GetDIBits
CreatePalette
GetSystemPaletteEntries
DeleteMetaFile
CreateDCA
StretchDIBits
SetDIBitsToDevice
SetPixelV
GetDeviceCaps
TranslateCharsetInfo

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorA
PrintDlgA
PageSetupDlgA

advapi32

DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
ImpersonateSelf
AccessCheck
OpenThreadToken
MapGenericMask
GetFileSecurityW
RevertToSelf
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

shell32

DragFinish
DragQueryFileW
Shell_NotifyIconW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHFileOperationW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteW
DragAcceptFiles

ole32

CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromString
CoTaskMemFree
CoGetClassObject
OleInitialize
OleUninitialize
CoTaskMemAlloc
RegisterDragDrop
RevokeDragDrop
DoDragDrop

oleaut32

OleCreatePictureIndirect
SysFreeString
SysAllocString
OleLoadPicturePath

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Advanced Mario Sequencer/MarioPaintOriginal.sf2
Advanced Mario Sequencer/fluidsynth.dll
.dll windows x86

6b9281a2eb5aa22e896ee179f7da0953

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1
ord2

winmm

midiInGetNumDevs
midiInOpen
midiInStart
midiInGetErrorTextA
midiInStop
midiInReset
midiInClose
midiInGetDevCapsA

kernel32

InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TerminateThread
WaitForSingleObject
ExitProcess
ExitThread
Sleep
SetThreadPriority
GetCurrentThread
CreateThread
ReleaseMutex
CreateMutexA
CloseHandle
GetTickCount
QueryPerformanceCounter
InterlockedExchange

user32

LoadCursorA
RegisterClassA
CreateWindowExA
DefWindowProcA

msvcr90

_read
_except_handler4_common
_onexit
_lock
free
fclose
strerror
_errno
fwrite
fopen
malloc
memset
_CIsin
_CIcos
atoi
atof
_snprintf
_open
strchr
_CIlog
_CIpow
fread
perror
fseek
printf
vprintf
feof
sprintf
ftell
rewind
_vsnprintf
strncmp
fprintf
__iob_func
memcpy
rand
fflush
_CIsqrt
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_write

Exports

Exports

delete_fluid_audio_driver
delete_fluid_cmd_handler
delete_fluid_event
delete_fluid_midi_driver
delete_fluid_midi_event
delete_fluid_midi_router
delete_fluid_player
delete_fluid_ramsample
delete_fluid_sequencer
delete_fluid_settings
delete_fluid_shell
delete_fluid_synth
fluid_cmd_handler_register
fluid_cmd_handler_unregister
fluid_command
fluid_default_log_function
fluid_event_all_notes_off
fluid_event_all_sounds_off
fluid_event_any_control_change
fluid_event_bank_select
fluid_event_chorus_send
fluid_event_control_change
fluid_event_get_bank
fluid_event_get_channel
fluid_event_get_control
fluid_event_get_data
fluid_event_get_dest
fluid_event_get_duration
fluid_event_get_key
fluid_event_get_pitch
fluid_event_get_program
fluid_event_get_sfont_id
fluid_event_get_source
fluid_event_get_type
fluid_event_get_value
fluid_event_get_velocity
fluid_event_modulation
fluid_event_note
fluid_event_noteoff
fluid_event_noteon
fluid_event_pan
fluid_event_pitch_bend
fluid_event_pitch_wheelsens
fluid_event_program_change
fluid_event_program_select
fluid_event_reverb_send
fluid_event_set_dest
fluid_event_set_source
fluid_event_sustain
fluid_event_timer
fluid_event_volume
fluid_gen_set_default_values
fluid_get_hinstance
fluid_get_stdin
fluid_get_stdout
fluid_get_sysconf
fluid_get_userconf
fluid_is_midifile
fluid_is_soundfont
fluid_log
fluid_midi_dump_postrouter
fluid_midi_dump_prerouter
fluid_midi_event_get_channel
fluid_midi_event_get_control
fluid_midi_event_get_key
fluid_midi_event_get_pitch
fluid_midi_event_get_program
fluid_midi_event_get_type
fluid_midi_event_get_value
fluid_midi_event_get_velocity
fluid_midi_event_set_channel
fluid_midi_event_set_control
fluid_midi_event_set_key
fluid_midi_event_set_pitch
fluid_midi_event_set_program
fluid_midi_event_set_type
fluid_midi_event_set_value
fluid_midi_event_set_velocity
fluid_midi_router_handle_midi_event
fluid_mod_delete
fluid_mod_get_amount
fluid_mod_get_dest
fluid_mod_get_flags1
fluid_mod_get_flags2
fluid_mod_get_source1
fluid_mod_get_source2
fluid_mod_new
fluid_mod_set_amount
fluid_mod_set_dest
fluid_mod_set_source1
fluid_mod_set_source2
fluid_mod_test_identity
fluid_player_add
fluid_player_join
fluid_player_play
fluid_player_set_bpm
fluid_player_set_loop
fluid_player_set_midi_tempo
fluid_player_stop
fluid_ramsfont_add_izone
fluid_ramsfont_create_sfont
fluid_ramsfont_izone_set_gen
fluid_ramsfont_izone_set_loop
fluid_ramsfont_remove_izone
fluid_ramsfont_set_name
fluid_sample_set_name
fluid_sample_set_sound_data
fluid_sequencer_client_is_dest
fluid_sequencer_count_clients
fluid_sequencer_get_client_id
fluid_sequencer_get_client_name
fluid_sequencer_get_tick
fluid_sequencer_get_time_scale
fluid_sequencer_register_client
fluid_sequencer_register_fluidsynth
fluid_sequencer_remove_events
fluid_sequencer_send_at
fluid_sequencer_send_now
fluid_sequencer_set_time_scale
fluid_sequencer_unregister_client
fluid_set_hinstance
fluid_set_log_function
fluid_settings_foreach
fluid_settings_foreach_option
fluid_settings_get_hints
fluid_settings_get_type
fluid_settings_getint
fluid_settings_getint_default
fluid_settings_getint_range
fluid_settings_getnum
fluid_settings_getnum_default
fluid_settings_getnum_range
fluid_settings_getstr
fluid_settings_getstr_default
fluid_settings_is_realtime
fluid_settings_setint
fluid_settings_setnum
fluid_settings_setstr
fluid_settings_str_equal
fluid_source
fluid_synth_add_sfloader
fluid_synth_add_sfont
fluid_synth_alloc_voice
fluid_synth_bank_select
fluid_synth_cc
fluid_synth_count_audio_channels
fluid_synth_count_audio_groups
fluid_synth_count_effects_channels
fluid_synth_count_midi_channels
fluid_synth_create_key_tuning
fluid_synth_create_octave_tuning
fluid_synth_error
fluid_synth_get_bank_offset
fluid_synth_get_cc
fluid_synth_get_channel_preset
fluid_synth_get_chorus_depth_ms
fluid_synth_get_chorus_level
fluid_synth_get_chorus_nr
fluid_synth_get_chorus_speed_Hz
fluid_synth_get_chorus_type
fluid_synth_get_cpu_load
fluid_synth_get_gain
fluid_synth_get_gen
fluid_synth_get_internal_bufsize
fluid_synth_get_pitch_bend
fluid_synth_get_pitch_wheel_sens
fluid_synth_get_polyphony
fluid_synth_get_program
fluid_synth_get_reverb_damp
fluid_synth_get_reverb_level
fluid_synth_get_reverb_roomsize
fluid_synth_get_reverb_width
fluid_synth_get_settings
fluid_synth_get_sfont
fluid_synth_get_sfont_by_id
fluid_synth_get_voicelist
fluid_synth_handle_midi_event
fluid_synth_noteoff
fluid_synth_noteon
fluid_synth_nwrite_float
fluid_synth_pitch_bend
fluid_synth_pitch_wheel_sens
fluid_synth_process
fluid_synth_program_change
fluid_synth_program_reset
fluid_synth_program_select
fluid_synth_remove_sfont
fluid_synth_reset_tuning
fluid_synth_select_tuning
fluid_synth_set_bank_offset
fluid_synth_set_chorus
fluid_synth_set_chorus_on
fluid_synth_set_gain
fluid_synth_set_gen
fluid_synth_set_interp_method
fluid_synth_set_midi_router
fluid_synth_set_polyphony
fluid_synth_set_reverb
fluid_synth_set_reverb_on
fluid_synth_sfcount
fluid_synth_sfload
fluid_synth_sfont_select
fluid_synth_sfreload
fluid_synth_sfunload
fluid_synth_start
fluid_synth_start_voice
fluid_synth_stop
fluid_synth_system_reset
fluid_synth_tune_notes
fluid_synth_tuning_dump
fluid_synth_tuning_iteration_next
fluid_synth_tuning_iteration_start
fluid_synth_write_float
fluid_synth_write_s16
fluid_usershell
fluid_version
fluid_version_str
fluid_voice_add_mod
fluid_voice_gen_get
fluid_voice_gen_incr
fluid_voice_gen_set
fluid_voice_get_id
fluid_voice_is_playing
fluid_voice_optimize_sample
fluid_voice_update_param
new_fluid_audio_driver
new_fluid_audio_driver2
new_fluid_cmd_handler
new_fluid_event
new_fluid_midi_driver
new_fluid_midi_event
new_fluid_midi_router
new_fluid_player
new_fluid_ramsample
new_fluid_sequencer
new_fluid_settings
new_fluid_shell
new_fluid_synth

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa63fce840c7fbe76e5b0bebf429181

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 498KB - Virtual size: 498KB

.rdata Size: 89KB - Virtual size: 89KB

.exc Size: 14KB - Virtual size: 14KB

.data Size: 73KB - Virtual size: 73KB

.idata Size: 1024B - Virtual size: 980B

.CRT Size: 512B - Virtual size: 12B

.bss Size: - Virtual size: 10KB

.edata Size: 512B - Virtual size: 73B

.reloc Size: 65KB - Virtual size: 65KB

2d14680a096c5a9a7a7b735d9a3d5fe9

Headers

File Characteristics

Imports

version

comctl32

winmm

iphlpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 224KB - Virtual size: 221KB

.data Size: 268KB - Virtual size: 412KB

.rsrc Size: 292KB - Virtual size: 290KB

6b9281a2eb5aa22e896ee179f7da0953

Headers

File Characteristics

Imports

dsound

winmm

kernel32

user32

msvcr90

Exports

Exports

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 2KB - Virtual size: 411KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 498KB - Virtual size: 498KB

.rdata
Size: 89KB - Virtual size: 89KB

.exc
Size: 14KB - Virtual size: 14KB

.data
Size: 73KB - Virtual size: 73KB

.idata
Size: 1024B - Virtual size: 980B

.CRT
Size: 512B - Virtual size: 12B

.bss
Size: - Virtual size: 10KB

.edata
Size: 512B - Virtual size: 73B

.reloc
Size: 65KB - Virtual size: 65KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 224KB - Virtual size: 221KB

.data
Size: 268KB - Virtual size: 412KB

.rsrc
Size: 292KB - Virtual size: 290KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 2KB - Virtual size: 411KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 6KB - Virtual size: 5KB