20bd82aaedfb5cf7864444f7959bd3801ac819af9b39bab49cc085fa42c7c833

Sharing

Copy URL Twitter E-mail

General

Target

20bd82aaedfb5cf7864444f7959bd3801ac819af9b39bab49cc085fa42c7c833
Size

496KB
MD5

680a7edcec4591ad8fe46bf0d2c20ee6
SHA1

1bf3fa9e3f4e365de7d345a4e0a834b71d2a1636
SHA256

20bd82aaedfb5cf7864444f7959bd3801ac819af9b39bab49cc085fa42c7c833
SHA512

e58624c8896e28a80b2dcb46201149fa58afa93c3b1e6b867d726e79298dc3c8de37916c92bd88e1af4fc556994c45b95aa991a3973858e55818673af786ce9d
SSDEEP

12288:8E3rPMVLqffhzDHy4+ILMmn4Kiy8cO/4OhIJgoqxyx+slevGFi6SrbuDqL6xcGYu:8E3rPMV+fpfHjlUxgSv56SXwq+xWw

Score

N/A

Malware Config

Signatures

Files

20bd82aaedfb5cf7864444f7959bd3801ac819af9b39bab49cc085fa42c7c833
.dll windows x86

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

printf
_mbctype
_adjust_fdiv
_initterm
__dllonexit
_telli64
_lseeki64
_chsize
_fstat
_ftol
strtod
isdigit
_onexit
_errno
_vsnprintf
tolower
memmove
atof
atol
sscanf
_purecall
strtok
rand
fopen
fread
isspace
fclose
realloc
malloc
wcslen
abort
strchr
toupper
atoi
strtol
qsort
strncmp
strrchr
_stricmp
free
_strdup
strncpy
strstr
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
_putenv
_strnicmp
_itoa
_stat
_strcmpi
_strlwr
_strupr

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalUnlock
SetErrorMode
GetSystemInfo
GetVersionExA
GlobalAlloc
DisableThreadLibraryCalls
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTempPathA
InterlockedDecrement
InterlockedIncrement
GetLastError
FreeLibrary
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GlobalFree
MulDiv
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetVersion
CloseHandle
GetFileSize
CreateFileA

user32

GetMenu
GetWindowLongA
DrawTextA
GetIconInfo
FillRect
AdjustWindowRectEx
GetKeyState
GetWindowThreadProcessId
RedrawWindow
SetRect
CreateCursor
SystemParametersInfoA
GetSysColor
CharNextA
RegisterClassA
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetFocus
DestroyCursor
RegisterClassExA
GetWindowRect
GetUpdateRect
GetDC
ReleaseDC
BeginPaint
EndPaint
GetActiveWindow
SetCursor
InvalidateRect
GetDesktopWindow
GetMenuItemInfoA
GetClientRect
WindowFromPoint
PtInRect
IsChild
KillTimer
PostMessageA
IsWindow
DestroyWindow
CreateWindowExA
GetWindow
CallNextHookEx
GetCursorPos
SendMessageA
EndDeferWindowPos
WaitMessage
PostQuitMessage
SetFocus
ChildWindowFromPointEx
GetClassNameA
IsWindowEnabled
MapWindowPoints
GetTopWindow
GetMenuItemCount
SetActiveWindow
SetWindowPos
UnhookWindowsHookEx
UnregisterClassA
GetParent
SetCursorPos
GetSystemMetrics
ShowCursor
SetWindowsHookExA
SetWindowLongA
LoadIconA
LoadCursorA
SetCapture
ReleaseCapture
GetDlgItem
CallWindowProcA
DefWindowProcA
ScreenToClient
ClientToScreen
SetWindowRgn
SetTimer
EnumChildWindows

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA

gdi32

IntersectClipRect
SetTextColor
BitBlt
SetBkMode
SetBkColor
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateCompatibleDC
SetPixel
CreateSolidBrush
GetBitmapBits
GetObjectA
CreateDIBitmap
SetBitmapBits
PatBlt
CreateBitmap
CreateCompatibleBitmap
GetDIBits
CreateRectRgn
CombineRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetPixel
CreateFontIndirectA
DeleteDC

comctl32

ord17

shell32

DragQueryPoint
DragQueryFileA
ExtractIconExA
DragFinish

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB