749c103915f9787b4d21f4c612dc6b89cf5d2f6392e58d3c484daa865f7e788b

General

Target

749c103915f9787b4d21f4c612dc6b89cf5d2f6392e58d3c484daa865f7e788b
Size

384KB
MD5

6643866915b13917bbfb980a22e451e7
SHA1

a715da532f5321a9734b9d908d43634d845f25e6
SHA256

749c103915f9787b4d21f4c612dc6b89cf5d2f6392e58d3c484daa865f7e788b
SHA512

f489195033d0d1bce5947d19e59816c12bda1f080b4565e4505645fcd079d5489420e20307c6d41cc973d240641346fb1fb08b7a9c804a8b7a26c71bf63b1408
SSDEEP

6144:uOWZVJQlsi7iG0cJhjIVX6hKldWcTaieelkE0ljEzFFkh/kUAir:dWZVJwsi7iGVJ6oKldWc/kDlYzPE+

Score

N/A

Malware Config

Signatures

Files

749c103915f9787b4d21f4c612dc6b89cf5d2f6392e58d3c484daa865f7e788b
.dll windows x86

c651e94c09f8d6af5e2bcdcd30db4715

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileIntA
CreateEventA
WaitForMultipleObjects
QueryPerformanceFrequency
QueryPerformanceCounter
ResetEvent
CreateThread
SetEvent

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

msvcrt

_adjust_fdiv
_initterm
__CxxFrameHandler
_beginthreadex
free
malloc
_purecall
_ftol
log10
fprintf
_iob
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
rand
printf
time
srand

Exports

Exports

?GetGUID@@YGJPAE@Z
RV40toYUV420CustomMessage
RV40toYUV420Free
RV40toYUV420HiveMessage
RV40toYUV420Init
RV40toYUV420Transform

Sections

.text
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c651e94c09f8d6af5e2bcdcd30db4715

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 248KB - Virtual size: 245KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 145KB

.data1 Size: 112KB - Virtual size: 110KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 248KB - Virtual size: 245KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 145KB

.data1
Size: 112KB - Virtual size: 110KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB