ed469ef92ec5217d4cff19aee1e1103e0b8cebbb5eecc49c6452a1c4480ee0af

Sharing

Copy URL Twitter E-mail

General

Target

ed469ef92ec5217d4cff19aee1e1103e0b8cebbb5eecc49c6452a1c4480ee0af
Size

184KB
MD5

68f996584c457a529f8b14e8e6cd6fba
SHA1

4d7f13aa894302b217326eb4ec228bdb8cf276d0
SHA256

ed469ef92ec5217d4cff19aee1e1103e0b8cebbb5eecc49c6452a1c4480ee0af
SHA512

181338f86ae60508f729d5017864a19ee8f135848f5ba17c3fa641fece8a0741803a9fc1f0cd0612d310b50ca282770f2414967ebfee7573ba0c3ae4e1c50716
SSDEEP

3072:HM0dc47xHnniM1HuIHQqsiZoWwtoymOxjD5BctEWGD68ETpQqPS+829wjfSWfUO/:HMonniM1daiH5ymXE5DjG4+19wxDqnqh

Score

N/A

Malware Config

Signatures

Files

ed469ef92ec5217d4cff19aee1e1103e0b8cebbb5eecc49c6452a1c4480ee0af
.dll windows x86

a20f1dc22c348c1ba40308770b22491b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wow32

WOWGetVDMPointer

objctdll

?SetMouseMove@EventThread@@IAEHVCPoint@@KPAUEVENT_HEADER@@PAUHWND__@@@Z
?DoClickType@EventThread@@IAEHPAUHWND__@@PAUCLICK_STRUCT@@@Z
?GetString@EventThread@@IAE?AVCString@@H@Z
?Log@EventThread@@IAAXPBDZZ
?GetHwndFromNumber@EventThread@@IAEPAUHWND__@@HHK@Z
??0EventThread@@QAE@XZ
??1EventThread@@UAE@XZ
?ItIsMyPlaybackEvent@EventThread@@MAEHJ@Z
?Run@EventThread@@MAEHXZ
?DoReadyForAbort@EventThread@@MAEXXZ
?ExitInstance@EventThread@@UAEHXZ
?HandleMessage@EventThread@@UAEHAAUtagMSG@@@Z
?InitInstance@EventThread@@UAEHXZ
??1CEventsPlugSingleThreadClass@@UAE@XZ
??0CEventsPlugSingleThreadClass@@QAE@HPAVEventThread@@@Z
?MoveScrollBar@EventThread@@IAEHPAUHWND__@@VCPoint@@H@Z
?CalcHitPos@EventThread@@IAEHPAUPOSITION_STRUCT@@VCRect@@AAVCPoint@@@Z
?DoDefaultAllowOperationForRect@EventThread@@IAEHPAXPAUEXTRAINFO_BASE@@VCRect@@HH@Z
?CalcPlaybackHwnd@EventThread@@IAEHPAUEVENT_HEADER@@HH@Z
?GetInt@EventThread@@IAEHH@Z

plugdll

FillErrorDescription
?UnPlug@PlugClass@@UAEXXZ
?Plug@PlugClass@@UAEHVCString@@0PAUHINSTANCE__@@H@Z

sharedat

?GetSharedData@InfoFromControlClass@@QAEHPAX@Z
??1InfoFromControlClass@@QAE@XZ
??0InfoFromControlClass@@QAE@XZ
?SendMessageToControl@InfoFromControlClass@@QAEJPAUHWND__@@IIJ@Z

mfc40

ord819
ord731
ord706
ord483
ord679
ord450
ord760
ord486
ord3492
ord729
ord481
ord5440
ord5192

msvcrt40

__CxxFrameHandler
strrchr
_mbsicmp
__dllonexit
_onexit
free
_stricmp
_initterm
malloc
_adjust_fdiv
strstr

kernel32

GetVersion
GlobalAlloc
GlobalFree
DisableThreadLibraryCalls
Sleep
GetModuleFileNameA
CreateProcessA

user32

CopyRect
GetClientRect
GetClassNameA
EqualRect
SetRect
ClientToScreen
SendMessageA
FindWindowA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 171KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a20f1dc22c348c1ba40308770b22491b

Headers

File Characteristics

Imports

wow32

objctdll

plugdll

sharedat

mfc40

msvcrt40

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 560B

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 820B

.reloc Size: 1024B - Virtual size: 712B

.text Size: 171KB - Virtual size: 172KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 560B

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 820B

.reloc
Size: 1024B - Virtual size: 712B

.text
Size: 171KB - Virtual size: 172KB