e6fb84f1c4574d7b8ab35b2a1f5bd7280fcf48bf7096ef077ad343e744f74a67

Sharing

Copy URL

Twitter E-mail

General

Target

e6fb84f1c4574d7b8ab35b2a1f5bd7280fcf48bf7096ef077ad343e744f74a67
Size

236KB
MD5

4ab02f7d6eec63157eeb0ee44d935180
SHA1

47cd6e5087a166905f918fe43bdd53874d2fa88d
SHA256

e6fb84f1c4574d7b8ab35b2a1f5bd7280fcf48bf7096ef077ad343e744f74a67
SHA512

e0f04872eb2eeccd3acb21eaae177750c48cee7ff2fa19077f0f2686d1c40e726f3e6f4573ffade09b45d4baefbc608fccb2c80efb193992c88552d196965ea7
SSDEEP

6144:9doJQ7WwLM5XcASUpzi1b2UTzwamZsTLFHoGu:9doSYcmBmb9zwaDTxHO

Score

N/A

Malware Config

Signatures

Files

e6fb84f1c4574d7b8ab35b2a1f5bd7280fcf48bf7096ef077ad343e744f74a67
.dll windows x86

b50e848bac6c1903d868b13f57519c0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3573
ord1641
ord2860
ord2086
ord1200
ord1795
ord4396
ord5290
ord567
ord4275
ord800
ord3874
ord540
ord535
ord3571
ord613
ord640
ord2452
ord5785
ord1640
ord323
ord289
ord6215
ord5981
ord801
ord5861
ord6143
ord541
ord4224
ord3499
ord355
ord2818
ord317
ord860
ord4202
ord858
ord5710
ord1622
ord2721
ord924
ord926
ord6883
ord941
ord6781
ord939
ord2614
ord2065
ord6648
ord922
ord5683
ord2763
ord6663
ord4278
ord2764
ord603
ord6404
ord273
ord353
ord5461
ord3169
ord503
ord1816
ord324
ord1727
ord5875
ord4083
ord4476
ord4710
ord1802
ord2411
ord2023
ord4218
ord3619
ord4398
ord3402
ord3582
ord616
ord2859
ord283
ord6242
ord4284
ord4123
ord2450
ord1829
ord656
ord2575
ord1929
ord795
ord1949
ord818
ord2634
ord6605
ord1270
ord1232
ord2571
ord6128
ord3752
ord755
ord2971
ord470
ord1937
ord804
ord4267
ord2119
ord2862
ord2754
ord4406
ord2566
ord3693
ord6172
ord5789
ord5787
ord4133
ord4297
ord5788
ord3742
ord2152
ord6197
ord6379
ord5794
ord472
ord1792
ord2753
ord2567
ord3706
ord5873
ord1927
ord3610
ord2089
ord6453
ord2864
ord3089
ord5280
ord3873
ord6199
ord3092
ord6880
ord4299
ord2379
ord537
ord5065
ord3749
ord6376
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord2642
ord2302
ord609
ord2414
ord641
ord3626
ord3663
ord825
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord2578
ord5261
ord4376
ord5265
ord4424
ord2055
ord1776
ord6055
ord1182
ord823
ord342
ord1253
ord4234
ord1168

msvcrt

__CxxFrameHandler
sprintf
strrchr
atol
atoi
_snprintf
strstr
strtol
fclose
fprintf
_CxxThrowException
_itoa
_stricmp
_ltoa
fopen
_mbscmp
strchr
floor
_ftol
atof
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
strncpy

kernel32

LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GetProcessHeap
GetTickCount
Sleep
GetCurrentDirectoryA
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
HeapFree
HeapReAlloc
HeapCreate
HeapAlloc
HeapDestroy
GlobalFree
GlobalAlloc
GetModuleHandleW
LocalFree
LocalUnlock
LocalLock
LocalAlloc
MoveFileExA
CloseHandle
GetFileSize
CreateFileA
GetSystemDirectoryA
GetSystemInfo
EnterCriticalSection

user32

SetCursor
InvalidateRect
DrawFrameControl
DrawTextA
GetFocus
GetWindowRect
IsWindow
SendMessageA
LoadBitmapA
MessageBoxA
WindowFromPoint
ScreenToClient
PtInRect
GetDoubleClickTime
GetSysColor
KillTimer
IsWindowVisible
CopyRect
GetClassInfoA
DefWindowProcA
GetCursorPos
FillRect
DrawFocusRect
GetWindowLongA
GetDC
ReleaseDC
IsRectEmpty
ClientToScreen
GetSystemMetrics
GetWindow
SetTimer
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
GetCapture
ReleaseCapture
SetCapture
GetClientRect
LoadCursorA
GetKeyState
EnableWindow
GetParent
wsprintfA

gdi32

CreateSolidBrush
GetTextExtentPoint32A
GetBkColor
BitBlt
CreateFontA
CreatePen
CreateCompatibleBitmap
GetTextMetricsA
SetPixel
GetPixel
PaintRgn
CreateRectRgn
DeleteObject
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
SetTextColor
PatBlt
CreateFontIndirectA
GetObjectA

comctl32

ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathRemoveFileSpecA

Exports

Exports

DoDataTransfer
SADoDataTransfer

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b50e848bac6c1903d868b13f57519c0b

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

comctl32

shlwapi

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 36KB

.reloc Size: 20KB - Virtual size: 18KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 36KB

.reloc
Size: 20KB - Virtual size: 18KB

.rmnet
Size: 60KB - Virtual size: 60KB