3536a46522eb65bc3bffe7ade4210c39ccd279631944875a951009722098f767

Sharing

Copy URL Twitter E-mail

General

Target

3536a46522eb65bc3bffe7ade4210c39ccd279631944875a951009722098f767
Size

736KB
MD5

0a44fb4adedd0b09644724c87e23b3e8
SHA1

cf28984591554969879f9eada1269ef5fc00c901
SHA256

3536a46522eb65bc3bffe7ade4210c39ccd279631944875a951009722098f767
SHA512

c0b210934864550f50fecfd3068ad0bdf6f48cc2a32788e244779bcb364ebaba1261846ee935f6154ab246ecbd81615ab1530f2290625fdc668dc6810f7d29e4
SSDEEP

12288:IEy9B3fk5Uee2aCsPpQccLoSMroVyo1RzeY5w/0BzqKF5ghLs1xyib9tiRj2yLz:i9B3fk+oaCsPpQccLoSMM1heuDBzq05C

Score

N/A

Malware Config

Signatures

Files

3536a46522eb65bc3bffe7ade4210c39ccd279631944875a951009722098f767
.dll windows x86

f1fc47c651149dea60157676338010d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

memmove
strncmp
atol
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
??3@YAXPAX@Z
_purecall
rand
_getmbcp
_ftol
_stricmp
sprintf
strstr
isspace
_mbctype
_telli64
strrchr
_chsize
_fstat
_lseeki64
tolower
_errno
??2@YAPAXI@Z
strchr
sscanf
_putenv
_adjust_fdiv
realloc
malloc
_vsnprintf
free
islower
printf
strtod
strtok
strtol
strncpy
_initterm
_onexit
__dllonexit
atoi
isdigit
_strcmpi

ole32

RevokeDragDrop
RegisterDragDrop

kernel32

GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetVersionExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
OutputDebugStringA
Sleep
lstrlenA
SetErrorMode
GetSystemInfo
GetVersion
lstrcpyA
GetModuleFileNameA
GetCurrentThreadId
lstrcpynA
GetCurrentProcessId
GetTempPathA
GetTempFileNameA
CloseHandle
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
GetLastError
UnmapViewOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte

user32

RedrawWindow
ScreenToClient
InsertMenuItemA
GetCursorPos
TrackPopupMenu
ClientToScreen
SetWindowsHookExA
CallWindowProcA
GetClassNameA
GetDlgCtrlID
GetNextDlgTabItem
IsWindowVisible
IsChild
GetClassInfoA
CallNextHookEx
CharPrevA
EndDialog
UnhookWindowsHookEx
DrawTextExA
CharLowerA
GetForegroundWindow
SetMenu
SetForegroundWindow
SetActiveWindow
GetWindowThreadProcessId
AttachThreadInput
ValidateRect
PtInRect
GetDC
ReleaseDC
GetFocus
SetFocus
GetParent
MapWindowPoints
SetWindowPos
IsRectEmpty
EnableWindow
ShowWindow
SetWindowTextA
GetWindowLongA
GetSysColor
SetRect
IntersectRect
OffsetRect
IsWindow
FindWindowA
GetMenu
GetWindowPlacement
UpdateWindow
IsZoomed
IsIconic
ClipCursor
GetSystemMenu
RemoveMenu
EnableMenuItem
UnregisterClassA
DefWindowProcA
RegisterClassA
GetScrollInfo
SetScrollInfo
InvalidateRect
CreateMenu
DestroyMenu
GetSystemMetrics
FillRect
PostMessageA
CharNextA
SetCapture
ReleaseCapture
SetWindowRgn
GetWindow
GetKeyState
GetWindowRect
GetClientRect
SetWindowLongA
SendMessageA
SystemParametersInfoA
GetActiveWindow
CreatePopupMenu
GetWindowRgn

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

PatBlt
GetDIBits
SetBkMode
CreateFontIndirectA
GetRegionData
GetDCOrgEx
CreateCompatibleBitmap
CombineRgn
GetTextMetricsA
GetTextExtentPoint32A
SetTextColor
SetBkColor
CreateSolidBrush
DeleteObject
CreateDCA
CreateCompatibleDC
GetStockObject
SelectObject
GetTextFaceA
DeleteDC
GetClipBox
GetDeviceCaps
ExtCreateRegion
CreateRectRgn

comctl32

ord17

shell32

DragAcceptFiles

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 472KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1fc47c651149dea60157676338010d5

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

Exports

Exports

Sections

.text Size: 472KB - Virtual size: 468KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 72KB - Virtual size: 69KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 472KB - Virtual size: 468KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 72KB - Virtual size: 69KB

.rmnet
Size: 60KB - Virtual size: 60KB