07c644627b878c0e31546be70cee54407f157fae57f1d6af1be4265b5acb3bff

Sharing

Copy URL Twitter E-mail

General

Target

07c644627b878c0e31546be70cee54407f157fae57f1d6af1be4265b5acb3bff
Size

51KB
MD5

dc57cea7db5420527eb850ffd8a163af
SHA1

e0dd0dbf14611767bf0c9ed8f2f81dff1ab3d176
SHA256

07c644627b878c0e31546be70cee54407f157fae57f1d6af1be4265b5acb3bff
SHA512

ccce0cc6ab366dd8cd594aa3f7be8ab897a931bdb69d9fb7c2b20f8af3204bc8a4ba692853c921d0d8a409fdeb8b7f55231ff6080ee1bb754dfa34de5135c26d
SSDEEP

768:J5uWDoujJJ1sxuGLMwCYzDn/PLvOtCMsdG0gzdfu+CWz/:Jwujr1ihCYzD/PLvOtP0gzdfu+CWj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c644627b878c0e31546be70cee54407f157fae57f1d6af1be4265b5acb3bff

Files

07c644627b878c0e31546be70cee54407f157fae57f1d6af1be4265b5acb3bff
.dll windows:5 windows x86 arch:x86

f110529104b03c67cc859e906c2f3829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
sprintf_s
_i64toa_s
_snprintf
log
sqrt
log10
fabs
pow
memcmp
??3@YAXPAX@Z
calloc
??2@YAPAXI@Z
_vsnprintf
realloc
memset
memcpy
free
malloc
strlen
_crt_debugger_hook
__CxxFrameHandler3

shlwapi

PathFindFileNameA

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
lstrcatA
GlobalUnlock
GlobalLock
GlobalAlloc
DisableThreadLibraryCalls
GetModuleFileNameA
GetModuleHandleA
GetVersion
IsDebuggerPresent
SetThreadPriority
CreateThread
CreateEventA
FreeLibrary
GetProcAddress
LoadLibraryA
WaitForSingleObject
Sleep
GetTickCount
SetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
lstrlenA
lstrcpynA
CloseHandle
MulDiv
GetPrivateProfileIntA
WritePrivateProfileStringA
WritePrivateProfileStructA
GetPrivateProfileStructA
lstrcpyA

user32

MessageBoxIndirectW
wsprintfW
SendMessageA
CharPrevA
CharNextA
MessageBoxA
CheckDlgButton
SetDlgItemInt
DefWindowProcA
KillTimer
SetTimer
GetClassInfoA
RegisterClassA
CreateWindowExA
IsWindow
DestroyWindow
SendDlgItemMessageA
SetDlgItemTextA
EnableWindow
GetDlgItem
GetClientRect
MapWindowPoints
PtInRect
GetWindowLongW
SetWindowLongW
ShowWindow
GetDlgItemTextA
GetWindowLongA
GetDlgItemInt
SetWindowLongA
InvalidateRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetWindowTextA
SetWindowPos
SetFocus
EndDialog
PostMessageA
RegisterWindowMessageW
wsprintfA

Exports

Exports

winampGetOutModule

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f110529104b03c67cc859e906c2f3829

Headers

File Characteristics

Imports

msvcr90

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 3KB - Virtual size: 3KB