55c841992280ee753d9f876e26f6eba0606ae5a504e6e1dbc47539cfa382d983

Sharing

Copy URL Twitter E-mail

General

Target

55c841992280ee753d9f876e26f6eba0606ae5a504e6e1dbc47539cfa382d983
Size

496KB
MD5

63ae0e957205085a4a622c28170a854d
SHA1

53755d0442e2721dcd87e690747302a841e7b97a
SHA256

55c841992280ee753d9f876e26f6eba0606ae5a504e6e1dbc47539cfa382d983
SHA512

397d79cd951d5c9892d43f26a0049846492275ce567f63aa002841d6296c2dac275d74448f662f88e00c2f721529531dc0fdda3ff844151bb35ba79ce91c63e2
SSDEEP

12288:I4ouL2lTFux1y7rL9ixoMegfXoEdUtuPg9qLfiQooQjjfiCcB74SGg7h:I4ob776fYPtuPeqLiQoPjjfgB7Og

Score

N/A

Malware Config

Signatures

Files

55c841992280ee753d9f876e26f6eba0606ae5a504e6e1dbc47539cfa382d983
.dll windows x86

61b908cff586c95ec1b907e4234dcbef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

malloc
_ftol
sprintf
atof
_stricmp
_adjust_fdiv
_initterm
free
_onexit
rand
_purecall
??3@YAXPAX@Z
atol
__dllonexit
atoi
sscanf
_putenv
strstr
??2@YAPAXI@Z
strchr
memmove
tolower
realloc
_vsnprintf
_ismbcspace
strncmp
strtok
strtol
strncpy
isdigit
isspace
strtod
printf
strrchr
_mbctype
_getmbcp
islower
_strcmpi

kernel32

lstrcpyA
FreeLibrary
GlobalLock
GetLastError
LoadLibraryA
LocalFree
GlobalUnlock
GetProcAddress
MultiByteToWideChar
GetModuleFileNameA
lstrcmpiA
LocalAlloc
GetCurrentProcessId
GlobalDeleteAtom
GlobalAddAtomA
lstrcpynA
lstrlenA
WideCharToMultiByte
GetModuleHandleA
InterlockedIncrement
SetErrorMode
GetTickCount
CreateFileA
GetFileSize
CloseHandle
InterlockedDecrement
GetVersionExA

user32

UpdateWindow
GetSysColor
FillRect
DrawTextExA
DrawFocusRect
PtInRect
LoadBitmapA
GetClassNameA
GetParent
ShowWindow
SetWindowPos
UnpackDDElParam
SystemParametersInfoA
ClientToScreen
GetWindowRect
FindWindowExA
MessageBoxA
GetLastActivePopup
GetActiveWindow
GetSystemMetrics
IntersectRect
CharNextA
ReleaseDC
GetDC
InvalidateRect
RedrawWindow
SetRect
CharPrevA
ReleaseCapture
SetCapture
GetClientRect
GetWindowLongA
SetWindowLongA
SetWindowTextA
EnableWindow
IsRectEmpty
MapWindowPoints
ReuseDDElParam
PostMessageA
GetWindowThreadProcessId
SendMessageA
GetFocus
IsChild
SetFocus
DefWindowProcA
LoadIconA
RegisterClassA
OffsetRect

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

gdi32

CreateFontIndirectA
GetClipBox
GetDCOrgEx
GetStockObject
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
SetTextColor
SetBkMode
GetObjectA
DeleteDC
GetDeviceCaps
GetTextMetricsA
CreateDCA
DeleteObject
GetTextFaceA
SetBkColor
GetTextExtentPoint32A

comctl32

ord17
InitCommonControlsEx

shell32

ShellExecuteExA
SHGetDesktopFolder
SHGetMalloc

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61b908cff586c95ec1b907e4234dcbef

Headers

File Characteristics

Imports

pncrt

kernel32

user32

advapi32

gdi32

comctl32

shell32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 32KB - Virtual size: 31KB

.rmnet Size: 56KB - Virtual size: 56KB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 32KB - Virtual size: 31KB

.rmnet
Size: 56KB - Virtual size: 56KB