1dee29d2cc3e99181e71ac9dcf7eca86

Sharing

Copy URL

Twitter E-mail

General

Target

1dee29d2cc3e99181e71ac9dcf7eca86
Size

696KB
MD5

1dee29d2cc3e99181e71ac9dcf7eca86
SHA1

83bc9737192f7d4ca737439448d7ffb4d3f192bd
SHA256

f058a8196e068c1ee1f4ed9c09d78c32525305f2c58ac578e53d7bafde163d15
SHA512

c65a273aae35018288a46ad9dd9e6eb6cde9d6f986677ac2493812b7a79ab360825a08de3d21eed781fe3d02a0f1dd36ec8cb35e40ebf88745b4e81c87d4a857
SSDEEP

12288:/a5+g+HpNLEcs558ny2AnZuH+203b35Eu71tJigLjdBM55dHhAKxFXrEzlykZ2L6:C1obE/aUkk39DigLLM55dBA6Fw9ZGRSz

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d3d8thk.dll
unpack001/keygen.exe
unpack001/mciwave.dll
unpack001/pidgen.dll

Files

1dee29d2cc3e99181e71ac9dcf7eca86
.rar
Image/MediaFixer.jpg
.jpg
More/Audio.htm
.html
More/AviFixer_MoreData.ini
More/Business.htm
.html
More/Desktop.htm
.html
More/Excellence.htm
.html
More/Game.htm
.html
More/Internet.htm
.html
More/MediaFixer_MoreData.ini
More/Multimedia.htm
.html
More/NewLive.htm
.html
More/Utilities.htm
.html
More/WebDeveloper.htm
.html
More/allfixer.htm
.html
More/avifixer.htm
More/css/mail.css
More/images/01.gif
.gif
More/images/02.gif
.gif
More/images/03.gif
.gif
More/images/04.gif
.gif
More/images/05.gif
.gif
More/images/06.gif
.gif
More/images/07.gif
.gif
More/images/08.gif
.gif
More/images/09.gif
.gif
More/images/10.gif
.gif
More/images/213.gif
.gif
More/images/Newlive.gif
.gif
More/images/avifixer.jpg
.jpg
More/images/bg.gif
.gif
More/images/dot.gif
.gif
More/images/excellencesoft.gif
.gif
More/images/realconvert.gif
More/images/smallfixerbox.jpg
.jpg
More/images/style1.css
.html
More/images/supman.gif
.gif
More/more.htm
.html
More/support.htm
.html .js polyglot
Skins/Longhorn.sui
Skins/MP10.sui
Skins/MSN.sui
Skins/MacOS.sui
Skins/OneOrange.sui
Skins/OrangeGlass.sui
Skins/RealOne.sui
Skins/SportsOrange.sui
Skins/XPBlue.sui
Skins/XPOrange.sui
SystemIco/0.ico
SystemIco/1.ico
SystemIco/10.ico
SystemIco/11.ico
SystemIco/12.ico
SystemIco/13.ico
SystemIco/14.ico
SystemIco/15.ico
SystemIco/16.ico
SystemIco/17.ico
SystemIco/18.ico
SystemIco/19.ico
SystemIco/2.ico
SystemIco/20.ico
SystemIco/21.ico
SystemIco/22.ico
SystemIco/23.ico
SystemIco/24.ico
SystemIco/25.ico
SystemIco/26.ico
SystemIco/27.ico
SystemIco/28.ico
SystemIco/29.ico
SystemIco/3.ico
SystemIco/30.ico
SystemIco/31.ico
SystemIco/32.ico
SystemIco/33.ico
SystemIco/34.ico
SystemIco/35.ico
SystemIco/4.ico
SystemIco/5.ico
SystemIco/6.ico
SystemIco/7.ico
SystemIco/8.ico
SystemIco/9.ico
d3d8thk.dll
.dll windows:5 windows x86 arch:x86

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

DdEntry1
DdEntry2
DdEntry3
DdEntry5
DdEntry4
DdEntry7
DdEntry8
DdEntry9
DdEntry10
DdEntry11
DdEntry13
DdEntry12
DdEntry14
DdEntry17
DdEntry15
DdEntry18
DdEntry16
DdEntry50
DdEntry19
DdEntry20
DdEntry21
DdEntry24
DdEntry22
DdEntry23
DdEntry25
DdEntry26
DdEntry27
DdEntry28
DdEntry29
DdEntry30
DdEntry31
DdEntry6
DdEntry32
DdEntry33
DdEntry34
DdEntry35
DdEntry37
DdEntry36
DdEntry38
DdEntry39
DdEntry40
DdEntry41
DdEntry42
DdEntry43
DdEntry44
DdEntry45
DdEntry46
DdEntry47
DdEntry48
DdEntry49
DdEntry51
DdEntry52
DdEntry53
DdEntry54
DdEntry55
DdEntry56

msvcrt

_adjust_fdiv
malloc
_initterm
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

OsThunkD3dContextCreate
OsThunkD3dContextDestroy
OsThunkD3dContextDestroyAll
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdAddAttachedSurface
OsThunkDdAlphaBlt
OsThunkDdAttachSurface
OsThunkDdBeginMoCompFrame
OsThunkDdBlt
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdColorControl
OsThunkDdCreateD3DBuffer
OsThunkDdCreateDirectDrawObject
OsThunkDdCreateMoComp
OsThunkDdCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkDdCreateSurfaceObject
OsThunkDdDeleteDirectDrawObject
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroyD3DBuffer
OsThunkDdDestroyMoComp
OsThunkDdDestroySurface
OsThunkDdEndMoCompFrame
OsThunkDdFlip
OsThunkDdFlipToGDISurface
OsThunkDdGetAvailDriverMemory
OsThunkDdGetBltStatus
OsThunkDdGetDC
OsThunkDdGetDriverInfo
OsThunkDdGetDriverState
OsThunkDdGetDxHandle
OsThunkDdGetFlipStatus
OsThunkDdGetInternalMoCompInfo
OsThunkDdGetMoCompBuffInfo
OsThunkDdGetMoCompFormats
OsThunkDdGetMoCompGuids
OsThunkDdGetScanLine
OsThunkDdLock
OsThunkDdLockD3D
OsThunkDdQueryDirectDrawObject
OsThunkDdQueryMoCompStatus
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdRenderMoComp
OsThunkDdResetVisrgn
OsThunkDdSetColorKey
OsThunkDdSetExclusiveMode
OsThunkDdSetGammaRamp
OsThunkDdSetOverlayPosition
OsThunkDdUnattachSurface
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdUpdateOverlay
OsThunkDdWaitForVerticalBlank

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mciwave.dll
.dll windows:5 windows x86 arch:x86

379d3a6ca76b9e605e48d5eb0d75a943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

wcsncpy

user32

PostThreadMessageW
GetMessageW
DispatchMessageW
DialogBoxParamW
GetDlgItemInt
SetScrollPos
SetDlgItemInt
EndDialog
GetDlgItem
SetScrollRange
LoadStringW
WinHelpW
wsprintfW
GetDesktopWindow

kernel32

GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteProfileStringW
GetPrivateProfileStringW
GetProfileStringW
SetFilePointer
ReadFile
WriteFile
GlobalFree
GlobalAlloc
lstrcpyW
GlobalUnlock
GlobalHandle
DeleteFileW
CloseHandle
GlobalLock
Sleep
lstrlenW
GlobalReAlloc
MulDiv
LocalFree
LocalAlloc
CreateFileW
GetTempFileNameW
GetTempPathW
lstrcmpW
DisableThreadLibraryCalls

winmm

DefDriverProc
mmioClose
mmioAscend
mmioWrite
mmioCreateChunk
mmioOpenW
mmioDescend
mmioRenameW
mmioRead
mmioSeek
waveInAddBuffer
waveInStart
waveInGetDevCapsW
waveInGetID
waveOutGetDevCapsW
waveOutGetID
waveOutPause
waveOutWrite
waveInReset
waveOutReset
mciGetCreatorTask
waveInClose
waveOutClose
waveInOpen
waveOutOpen
mciDriverNotify
waveOutGetPosition
waveInPrepareHeader
waveOutPrepareHeader
waveInUnprepareHeader
waveOutUnprepareHeader
mciDriverYield
waveOutRestart
waveInStop
mmGetCurrentTask
mciSetDriverData
mmTaskCreate
mciGetDriverData
mciLoadCommandResource
waveInGetNumDevs
waveOutGetNumDevs
mciFreeCommandResource

Exports

Exports

DriverProc

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 782B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pidgen.dll
.dll windows:4 windows x86 arch:x86

cef8c2dc6e50519e4deb8c5c6f44bed9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalMemoryStatus
CloseHandle
DeviceIoControl
GetVolumeInformationA
CreateFileA
lstrcmpA
QueryDosDeviceA
lstrcpyA
SystemTimeToFileTime
GetProcessHeap
lstrlenA
HeapAlloc
LockResource
LoadResource
FindResourceA
SizeofResource
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
HeapFree
GetLocalTime
GetTickCount
FreeResource

user32

CharNextA
wsprintfA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

PIDGenA
PIDGenSimpA
PIDGenSimpW
PIDGenW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca9067d44c94cd8b6f01ab628299122b

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: - Virtual size: 20B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 216B

Headers

File Characteristics

Sections

Size: - Virtual size: 244KB

Size: 71KB - Virtual size: 72KB

379d3a6ca76b9e605e48d5eb0d75a943

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

user32

kernel32

winmm

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 136B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 782B

cef8c2dc6e50519e4deb8c5c6f44bed9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 436B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 292B

.text
Size: 4KB - Virtual size: 4KB

.data
Size: - Virtual size: 20B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 216B

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 136B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 782B

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 436B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 292B