a73c833cc28002cd6700d556a438e4257ffbec82150b10e2edea326324204ee4N

Sharing

Copy URL Twitter E-mail

General

Target

a73c833cc28002cd6700d556a438e4257ffbec82150b10e2edea326324204ee4N
Size

252KB
MD5

1b18a10f2faa752eaac66e7a9bd2e220
SHA1

708111f62899a557f8bcc1116533346c2c9f07f6
SHA256

a73c833cc28002cd6700d556a438e4257ffbec82150b10e2edea326324204ee4
SHA512

7e3fa54ce13e1909366234aa55ad8a3dd668ec80f603062c34bd3edbd86b419df9de023d628cbb5832befcd8e268f16439b57367a238f9b35465f310e3d95bfe
SSDEEP

6144:uMExbVbkq1OTDYxEDNO/gfCCJ6Dr/2/rB5T2RyjaheM9Op+dVvtZTNVh9c:uMExNkq4TDYxgGgfCCUv/oLT28uheh+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a73c833cc28002cd6700d556a438e4257ffbec82150b10e2edea326324204ee4N

Files

a73c833cc28002cd6700d556a438e4257ffbec82150b10e2edea326324204ee4N
.dll windows:4 windows x86 arch:x86

b9db5ad7f768ebdff18b97334615e98d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeKillEvent

comctl32

ImageList_Create
ord17
ImageList_Add

shlwapi

PathIsURLW
PathFileExistsW
PathCombineW

kernel32

FreeLibrary
GetProcAddress
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
lstrcpynW
InitializeCriticalSection
DeleteCriticalSection
MulDiv
lstrlenW
lstrlenA
SetEvent
GetVersion
TlsAlloc
GetModuleHandleW
GetCurrentThread
SleepEx
QueueUserAPC
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
GetDateFormatW
GetTimeFormatW
CreateThread
CreateEventW
TlsGetValue
TlsSetValue
CloseHandle
GetShortPathNameW
lstrcmpW
GetLastError
DeleteFileW
LocalFree
LocalAlloc
FindClose
CreateDirectoryW
FindFirstFileW
SetErrorMode
FileTimeToSystemTime
ReadFile
CreateFileW
Sleep
WriteFile
GetCurrentThreadId
GetLocaleInfoA
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
SetFilePointer
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
VirtualQuery
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
GetTimeZoneInformation
LoadLibraryA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
GetModuleHandleA
TlsFree
SetLastError
GetVersionExA
GetCommandLineA
GetModuleFileNameA
HeapReAlloc
HeapAlloc
CompareStringA
CompareStringW
ResumeThread
SetEnvironmentVariableA
HeapFree
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
SetEndOfFile
SetStdHandle
FlushFileBuffers

user32

CharNextW
GetFocus
SetForegroundWindow
SetCursor
CallWindowProcW
GetCursorPos
ShowWindow
GetClientRect
CopyRect
SetWindowLongW
SendDlgItemMessageW
GetWindowLongW
GetCapture
ReleaseCapture
CharPrevW
SetCapture
SetTimer
DestroyMenu
ClientToScreen
GetWindowRect
ScreenToClient
GetSubMenu
EnableMenuItem
TranslateMessage
MsgWaitForMultipleObjectsEx
PostQuitMessage
EnableWindow
CheckRadioButton
EndDialog
MessageBoxW
PeekMessageW
DispatchMessageW
SetWindowTextW
IsDlgButtonChecked
GetDlgItem
SetDlgItemTextW
CheckDlgButton
LoadImageW
PostMessageW
LoadCursorW
InvalidateRect
SendMessageW
GetAsyncKeyState
IsWindow

gdi32

DeleteObject
GetObjectW
GetStockObject

shell32

SHBrowseForFolderW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoCreateInstance
OleInitialize
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

oleaut32

SysAllocString
VariantInit
SafeArrayDestroy
SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VariantClear

Exports

Exports

winampGetMediaLibraryPlugin

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9db5ad7f768ebdff18b97334615e98d

Headers

File Characteristics

Imports

winmm

comctl32

shlwapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 11KB - Virtual size: 11KB