bcf8f7c8839ca5e4800a3a1c8a7e2a74a08ff0cc53255e1f10a540f7faf26b47

Sharing

Copy URL Twitter E-mail

General

Target

bcf8f7c8839ca5e4800a3a1c8a7e2a74a08ff0cc53255e1f10a540f7faf26b47
Size

99KB
MD5

302024e4ba15aa6d07e823f59d523899
SHA1

a70225f9b94c5eaab37e83fd7c574ad675886794
SHA256

bcf8f7c8839ca5e4800a3a1c8a7e2a74a08ff0cc53255e1f10a540f7faf26b47
SHA512

188d25b194cf6808b307dfd3e5f0eb2e5ac520a29bf6d3add791478e1aa6cf0f1f4f5da80d50a3a0c383396c2861cc6d15c491a800f6e4c4f6ad471055f06690
SSDEEP

1536:yZqg8GCmkMHEWTDjK5OA0yq6YdLeVIl2JNuaryMPCqv1rbnJ8x3r9dk3Elr:4qTGkMH32OA9sMJMrM6wbnJnEJ

Score

N/A

Malware Config

Signatures

Files

bcf8f7c8839ca5e4800a3a1c8a7e2a74a08ff0cc53255e1f10a540f7faf26b47
.dll windows x86

46c1a03edc990bec48dc092d5be98de2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_putwch
wcscpy
wcscspn
_wcsrev
_wcslwr
_wcserror
wcscat
_wcsicmp
wcschr
strcpy
memcpy

kernel32

UnlockFile
LockFile
GetProcessHeap
HeapDestroy
GetFileAttributesA
LocalReAlloc
GetLastError
LockFileEx
SetFileAttributesA
LockResource
LocalSize
CloseHandle
EnumResourceLanguagesW
LocalFree
SuspendThread
ResumeThread
LocalAlloc
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
CompareFileTime
WaitForSingleObject
GetCommandLineA
SizeofResource
GetCurrentProcess
GetModuleHandleW
MulDiv
GetProcAddress
VirtualProtectEx
GetModuleHandleA
GetFileTime
GetSystemTime
FindResourceA
SystemTimeToFileTime

user32

GetWindowTextW
OffsetRect
TranslateMessage
BeginPaint
SetParent
IsWindowEnabled
GetParent
DrawTextW
SetWindowRgn
EndPaint
IsCharAlphaNumericA
SetClipboardViewer
CloseWindow
GetClipboardViewer
CreateWindowExA
MessageBoxA
GetDC
DestroyWindow
PeekMessageA
GetWindowRgn
DispatchMessageA
SwitchToThisWindow
ValidateRgn
CallWindowProcA
SetWindowTextW
SetMessageQueue
GetMessageTime
GetMessagePos
MoveWindow
GetWindowLongA
GetClassWord
TranslateAcceleratorA

gdi32

GetDCPenColor
DPtoLP
GetCharWidthA
SetDCPenColor
Chord
GetPixel
RestoreDC
UnrealizeObject
DeleteObject
CreateCompatibleDC
GetMetaRgn
SetTextAlign
GetObjectA
GetTextMetricsW

advapi32

ReadEventLogW
ReportEventA
GetOldestEventLogRecord
DeregisterEventSource
GetKernelObjectSecurity
OpenBackupEventLogW
OpenEventLogW
OpenEncryptedFileRawW
ReadEncryptedFileRaw
OpenThreadToken

Exports

Exports

_Get_HWND@4
_Get_WindowHWND@4
_Ret_WindowHWND@12
_Set_WindowHWND@4
_Update_HWND@16

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GLOBAL
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STATIC
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CONST
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46c1a03edc990bec48dc092d5be98de2

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

GLOBAL Size: 512B - Virtual size: 184B

STATIC Size: 512B - Virtual size: 40B

IMPORTS Size: 3KB - Virtual size: 3KB

CONST Size: 1024B - Virtual size: 940B

.rsrc Size: 81KB - Virtual size: 80KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 11KB - Virtual size: 10KB

GLOBAL
Size: 512B - Virtual size: 184B

STATIC
Size: 512B - Virtual size: 40B

IMPORTS
Size: 3KB - Virtual size: 3KB

CONST
Size: 1024B - Virtual size: 940B

.rsrc
Size: 81KB - Virtual size: 80KB

.reloc
Size: 1024B - Virtual size: 844B