2c1802f0a50429145dd01b566c3e0ffe

Sharing

Copy URL Twitter E-mail

General

Target

2c1802f0a50429145dd01b566c3e0ffe
Size

239KB
MD5

2c1802f0a50429145dd01b566c3e0ffe
SHA1

8d020d36c90877d8bb0baf1bbcdccaf11c518808
SHA256

39e6213d6893c202fb5b9ba6f9aa226259dba6dab12cef09a65124513d115920
SHA512

454c2764c7e924a8145fd4527ae241de81c3d9fd3614ca8684be2d5250f8cb0c95e96574d2bf2cc30d675eb1a39dc31dd801fea31ee604ad4b610e5a61c706ea
SSDEEP

3072:L6Gxm0uW7LiClTJsrOq6ipRAN4SUPS5Dbxmc78YPPRCWQtmuexlh2tqzj9/8EH8x:L6CtlVsv6i0SSUSf8PmoB1tqzZbM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c1802f0a50429145dd01b566c3e0ffe

Files

2c1802f0a50429145dd01b566c3e0ffe
.dll windows:4 windows x86 arch:x86

514cc7695c0da3c4fec8243db1ea2f33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
WaitForSingleObject
ResetEvent
DeviceIoControl
CreateEventA
CloseHandle
CreateFileA
GetVersionExA
lstrcpyA
GetDriveTypeA
GetLogicalDriveStringsA
lstrlenA
GlobalMemoryStatus
GetTickCount
Sleep
SetThreadPriority
GetProcAddress
LoadLibraryA
FreeLibrary
GetLastError
CreateThread
GlobalFree
GlobalAlloc
lstrcpynA
WideCharToMultiByte
GetPrivateProfileStringA
MultiByteToWideChar
GetPrivateProfileIntA
GetModuleFileNameA
WritePrivateProfileStringA
SetFilePointer
ReadFile
SetEndOfFile
WriteFile
lstrcmpiA
GetCurrentThreadId
GetLogicalDrives
SetErrorMode
LocalFree
DisableThreadLibraryCalls

user32

SendMessageA
SetTimer
KillTimer
EndDialog
DialogBoxParamA
CheckDlgButton
IsDlgButtonChecked
MessageBoxA
SetDlgItemTextA
ShowWindow
GetDlgItem
SendMessageTimeoutA
wsprintfA
PostMessageA
EnableWindow
GetDlgItemTextA
CharPrevA
CreateDialogParamA
SendDlgItemMessageA
IsWindow

shell32

ShellExecuteA

ole32

CoInitialize
OleRun
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

SysFreeString
GetErrorInfo
SysAllocStringLen

winmm

waveInPrepareHeader
waveInStop
waveInClose
waveInReset
mmioAscend
mmioRead
mmioClose
mmioDescend
waveInStart
waveInAddBuffer
mciSendCommandA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerSetControlDetails
mixerClose
waveInOpen
mmioOpenA

msvcrt

_CxxThrowException
_strdup
_adjust_fdiv
_initterm
_onexit
__dllonexit
toupper
calloc
malloc
free
_except_handler3
_ftol
strncpy
strstr
_purecall
_stricmp
isdigit
??1type_info@@UAE@XZ
strncat
atoi
_strlwr
??2@YAPAXI@Z
??3@YAXPAX@Z

Exports

Exports

winampGetExtendedFileInfo
winampGetExtendedRead_close
winampGetExtendedRead_getData
winampGetExtendedRead_lasterror
winampGetExtendedRead_open
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

514cc7695c0da3c4fec8243db1ea2f33

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 122KB

.rsrc Size: 175KB - Virtual size: 175KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 122KB

.rsrc
Size: 175KB - Virtual size: 175KB

.reloc
Size: 5KB - Virtual size: 4KB