c476ffd01070cd2e436034f2f9688ce87ef41c2c04712654976113962100755a

Sharing

Copy URL Twitter E-mail

General

Target

c476ffd01070cd2e436034f2f9688ce87ef41c2c04712654976113962100755a
Size

152KB
MD5

41e0f1a30d5d096dde64ebe2b18e7e40
SHA1

6cd85c6b53b8aa9728bf365e8df62816a3dc3a1b
SHA256

c476ffd01070cd2e436034f2f9688ce87ef41c2c04712654976113962100755a
SHA512

1ac176eb1d0163c15b9a4b5745bc0ec4593c78c05224c975007d442f0b61d111197655873f6f37fa845394339909baeb00237882eead01caf93a44201e9a6c87
SSDEEP

3072:QmdvR9HaqJ1UKnOLZ6w5bN7rVNmK8cmC1SFRAoGUamZO287W:bvDHaqJC6w5bR6cX1CRBGUamcc

Score

N/A

Malware Config

Signatures

Files

c476ffd01070cd2e436034f2f9688ce87ef41c2c04712654976113962100755a
.dll windows x86

3f0020d2da237d4045f9b098cfb9cfad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
InitializeCriticalSection
Sleep
CreateThread
ResetEvent
WaitForSingleObject
SetEvent
MulDiv
GetDiskFreeSpaceA
FreeLibrary
GetProcAddress
LoadLibraryA
GetFullPathNameA
GetPrivateProfileStructA
WritePrivateProfileStructA
WritePrivateProfileStringA
EnterCriticalSection
GetACP
GetPrivateProfileIntA
GetPrivateProfileStringA
MultiByteToWideChar
CloseHandle
DeleteCriticalSection
lstrcpyA
lstrcatA
GetCurrentProcessId
lstrlenA
lstrcpynA
lstrcmpiA
WideCharToMultiByte
LeaveCriticalSection

user32

wvsprintfA
DestroyWindow
GetParent
SetWindowTextA
EnableWindow
GetSystemMetrics
GetWindowLongA
SetWindowLongA
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetDlgCtrlID
GetDlgItem
SetDlgItemTextA
SetDlgItemInt
ShowWindow
GetWindowRect
ScreenToClient
LoadStringA
EndDialog
SetFocus
UpdateWindow
DialogBoxParamA
wsprintfA
SetForegroundWindow
InvalidateRect
SendDlgItemMessageA
SendMessageA
PeekMessageA
IsWindow
GetClientRect
MoveWindow
MessageBoxA
SetTimer
KillTimer
PostMessageA
CreateDialogParamA
GetWindowTextA

gdi32

GetStockObject

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize
CreateItemMoniker
GetRunningObjectTable

oleaut32

SysFreeString
OleCreatePropertyFrame
VariantInit
VariantClear

quartz

AMGetErrorTextA

msvcrt

_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_itoa
atoi
_splitpath
_makepath
atol
malloc
_adjust_fdiv
strncat
sprintf
_ftol
__CxxFrameHandler
??2@YAPAXI@Z
strstr
strncpy
??3@YAXPAX@Z

winmm

timeGetTime

dswrc

_GetRCInstanceHandle@0

adscirrususb2rc

GetPlugInRCInstanceHandle

u32comm

u32MoveWindow
u32GetAppDataFolder

Exports

Exports

gfnReadRemoteData
uvcCaptureProc

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f0020d2da237d4045f9b098cfb9cfad

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

quartz

msvcrt

winmm

dswrc

adscirrususb2rc

u32comm

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 6KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 6KB

.rmnet
Size: 60KB - Virtual size: 60KB