ee3c05b57702a42703f047760d8233095c09ea2c44c3a5614cf69c9d8b4917c6

General

Target

ee3c05b57702a42703f047760d8233095c09ea2c44c3a5614cf69c9d8b4917c6
Size

26KB
MD5

6e23a806e7575f912bc8617d665ad097
SHA1

e1b6f5d1dad132036195b9651ca13d996df25db1
SHA256

ee3c05b57702a42703f047760d8233095c09ea2c44c3a5614cf69c9d8b4917c6
SHA512

5f7600b542cd83dcf1a5dc083a5709d3399f0eb84397d8ec8217541cebfae32ee5c95be1d2f58e7850ae4b9de285584b82cea6ffd7a4efb0444f7fc652f51286
SSDEEP

384:7qC+EmsHwR6t8XFvqvFO9qUHdKqsJ1A4UsOdlIM4zWbqirOXA6:7jmBU81vqvGqU0l3A4SkM4Kd6

Score

N/A

Malware Config

Signatures

Files

ee3c05b57702a42703f047760d8233095c09ea2c44c3a5614cf69c9d8b4917c6
.dll windows x86

e76c29822c20c7e680b680526ce36634

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadProcessMemory
LoadLibraryA
ReadFile
GetFileSize
CreateFileA
GetTempPathA
SetThreadPriority
VirtualProtect
GetFileAttributesW
GetProcessHeap
HeapAlloc
OutputDebugStringA
GetModuleHandleA
CreateThread
CloseHandle
GetCurrentProcessId
CreateMutexA
GetLastError
WaitForSingleObject
TerminateThread
GetCurrentProcess
MultiByteToWideChar
TerminateProcess
WideCharToMultiByte
GetPrivateProfileStringA
GetProcAddress
Sleep
GetModuleFileNameA

msvcrt

_strlwr
_strdup
wcslen
wcsncat
wcscpy
wcsstr
malloc
exit
memcpy
isspace
isalnum
_vsnprintf
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
strstr
strlen
mbstowcs
wcscmp
_except_handler3
sprintf
strncpy
wcsncpy
strrchr
strcat
strcpy
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
memset
free

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdiplusStartup
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize

gdi32

DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateDCA
DeleteObject

ws2_32

closesocket
WSAGetLastError

user32

wsprintfW
GetWindow
GetClassNameW
GetForegroundWindow
wsprintfA

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e76c29822c20c7e680b680526ce36634

Headers

File Characteristics

Imports

kernel32

msvcrt

gdiplus

gdi32

ws2_32

user32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB