3bc6b2e849f61c52f74a7c597892906c820882fc1cc5e51ff912a1a282db3a30N

Sharing

Copy URL

Twitter E-mail

General

Target

3bc6b2e849f61c52f74a7c597892906c820882fc1cc5e51ff912a1a282db3a30N
Size

1.2MB
MD5

7b63b96026b70bdf79b4f094905d8a50
SHA1

cc637ea01e8c0232cd6a22ab7ca884936359a394
SHA256

3bc6b2e849f61c52f74a7c597892906c820882fc1cc5e51ff912a1a282db3a30
SHA512

85e4f07262a30d302de22e8ca8ad3e4eed9e060e5d9f9403522e0f7fef38769ca74dc38addf323c8a21a76e40a8d9c7d29a2d8f5419757f178c3a1a327c45dd2
SSDEEP

24576:94QSoaZeSaWi8yus7RMiP84Icjj9TRWT65DNy09x/b:+vhwF7RMu84V9TwT657Vb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3bc6b2e849f61c52f74a7c597892906c820882fc1cc5e51ff912a1a282db3a30N

Files

3bc6b2e849f61c52f74a7c597892906c820882fc1cc5e51ff912a1a282db3a30N
.exe windows:5 windows x86 arch:x86

c29d33211439c7e39cd87e1df13cfa54

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\git\freepiano2\vc\Release_Win32\freepiano.pdb

Imports

dsound

ord2
ord1

winmm

mmioCreateChunk
mmioClose
mmioAdvance
mmioAscend
mmioOpenW
mmioDescend
mmioWrite
midiOutShortMsg
midiOutGetDevCapsW
midiOutGetNumDevs
midiOutClose
mmioSeek
midiOutOpen
timeEndPeriod
timeBeginPeriod
timeGetTime
midiInStop
midiInClose
midiInGetDevCapsA
midiInStart
midiInOpen
midiInGetNumDevs
mmioGetInfo
mmioSetInfo

imm32

ImmAssociateContext

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
LoadLibraryExW
GetProcessHeap
ReadConsoleW
SetFilePointerEx
GetConsoleMode
QueryPerformanceCounter
GetConsoleCP
GetStringTypeW
HeapSize
GetModuleFileNameW
FindFirstFileA
FindClose
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
GetTickCount
MultiByteToWideChar
Sleep
CreateThread
CreateProcessW
WaitForSingleObject
ConnectNamedPipe
CreateNamedPipeW
WriteFile
DisconnectNamedPipe
FlushFileBuffers
GetLastError
CloseHandle
GetProcAddress
WideCharToMultiByte
FindResourceA
FreeResource
LoadResource
SizeofResource
LockResource
FindResourceExA
GetThreadLocale
SetThreadPriority
CreateEventA
FindFirstFileW
LoadLibraryA
FindNextFileW
GlobalLock
GlobalAlloc
GlobalUnlock
FreeLibrary
LoadLibraryW
GetVersionExA
HeapAlloc
HeapFree
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DecodePointer
EncodePointer
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
DeleteFileA
GetFileInformationByHandle
RemoveDirectoryA
CreateDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
GetFileAttributesExA
SetFilePointer
GetFileSize
CreateFileA
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
WaitForMultipleObjects
ResetEvent
SetEvent
GetCurrentProcessId
CreateFileW
CreateSemaphoreW
ReleaseSemaphore
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualQueryEx
InterlockedDecrement
InterlockedIncrement
RtlCaptureContext
RaiseException
RtlUnwind
GetStdHandle
GetFileType
WriteConsoleW
AreFileApisANSI
UnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
SetStdHandle
SetEndOfFile
HeapReAlloc
GetCommandLineW
ExitProcess
GetModuleHandleExW
IsProcessorFeaturePresent

user32

SetMenuInfo
GetMenuItemCount
RemoveMenu
GetMenuStringA
TrackPopupMenuEx
GetMenuItemID
EnumChildWindows
GetClassNameA
MoveWindow
IsWindowVisible
SetMenu
LockWindowUpdate
CreateMenu
SetClipboardData
OpenClipboard
EmptyClipboard
GetClipboardData
AdjustWindowRect
CloseClipboard
AppendMenuW
IsClipboardFormatAvailable
GetMenuInfo
DestroyMenu
SetCursor
SetWindowRgn
SetTimer
GetMessageW
RegisterClassExA
PostQuitMessage
IsZoomed
LoadIconA
TranslateMessage
SetRect
SetWindowLongA
GetWindowLongA
DefWindowProcA
SetLayeredWindowAttributes
DrawMenuBar
ClipCursor
CreateWindowExW
GetSystemMetrics
FindWindowA
LoadCursorA
GetDlgItemTextA
DispatchMessageW
DestroyWindow
DestroyAcceleratorTable
GetWindowRect
SetActiveWindow
TrackPopupMenu
SetForegroundWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
CreateAcceleratorTableA
TranslateAcceleratorA
SetWindowPos
CheckDlgButton
ShowWindow
CreatePopupMenu
IsDlgButtonChecked
CreateDialogParamW
GetActiveWindow
AppendMenuA
SystemParametersInfoA
SetWindowTextA
SetDlgItemTextA
DialogBoxParamW
GetDlgItem
EndDialog
PostMessageA
EnableWindow
GetCursorPos
ClientToScreen
ScreenToClient
SetCapture
GetClientRect
SendMessageA
GetCapture
RedrawWindow
ReleaseCapture
MessageBoxA
CharLowerBuffA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
CheckMenuItem

gdi32

CreateRectRgn
GetStockObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegCloseKey

shell32

DragAcceptFiles
ShellExecuteA
DragQueryFileA
SHGetFolderPathA
CommandLineToArgvW

ole32

CoInitialize
CoCreateInstance
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoUninitialize

shlwapi

PathFindFileNameA
PathRenameExtensionA
wvnsprintfW
PathFindExtensionA
wvnsprintfA
PathIsRelativeA
PathAppendW
PathAppendA
PathCombineW
PathCombineA
PathRemoveBackslashW
PathRemoveExtensionW
PathIsFileSpecW
PathFileExistsA
PathRemoveBackslashA
PathRemoveFileSpecA
PathRemoveFileSpecW
PathIsDirectoryA
PathIsRelativeW

wininet

InternetOpenA
InternetSetStatusCallback
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

d3d9

Direct3DCreate9

Sections

.text
Size: 686KB - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

E��uU
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c29d33211439c7e39cd87e1df13cfa54

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dsound

winmm

imm32

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

wininet

d3d9

Sections

.text Size: 686KB - Virtual size: 685KB

.rdata Size: 209KB - Virtual size: 209KB

.data Size: 17KB - Virtual size: 17.6MB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 101KB - Virtual size: 101KB

E��uU Size: 16KB - Virtual size: 20KB

.text
Size: 686KB - Virtual size: 685KB

.rdata
Size: 209KB - Virtual size: 209KB

.data
Size: 17KB - Virtual size: 17.6MB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 101KB - Virtual size: 101KB

E��uU
Size: 16KB - Virtual size: 20KB