c4d4f12ef85d7e29ff78534c48766ae14e4b7b9ffa8ab77f830938089810f555

General

Target

c4d4f12ef85d7e29ff78534c48766ae14e4b7b9ffa8ab77f830938089810f555
Size

128KB
MD5

422516c2eaab30ce3e7b8d671c6577e8
SHA1

3f2004f6d07d41565477ee366fff4389851140c9
SHA256

c4d4f12ef85d7e29ff78534c48766ae14e4b7b9ffa8ab77f830938089810f555
SHA512

a8e3dd32638f6f55d7dc6bd7f2d123ef1b7ea288dd73f60add40814e013239ad7f4402481273e378860fad723d71fbf017822d2c47ec83951ac1a3c2cff146f0
SSDEEP

3072:p3qH3cRirMQQiv7xaSoBgKoKn56RKw2x:pdirMQ97xwBNQz2

Score

N/A

Malware Config

Signatures

Files

c4d4f12ef85d7e29ff78534c48766ae14e4b7b9ffa8ab77f830938089810f555
.dll windows x86

39ae19aad0809a8a14dd1cbbbbee0969

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowA
SendMessageA
GetDlgItem
wvsprintfA

kernel32

DeleteCriticalSection
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
RtlUnwind
SMapLS_IP_EBP_8
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
MapSL
ThunkConnect32
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
LeaveCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringW

Exports

Exports

MdmThk_FreeLibrary16
MdmThk_LoadDialogBoxResourceName16
MdmThk_LoadLibrary16
MdmThk_LoadString16
thk_ThunkData32

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39ae19aad0809a8a14dd1cbbbbee0969

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 4KB - Virtual size: 1KB