c176d20c0819f2a7ccca0e49d5d7eb16f4ac13bf2afc55a095239c37a53c4025

Sharing

Copy URL Twitter E-mail

General

Target

c176d20c0819f2a7ccca0e49d5d7eb16f4ac13bf2afc55a095239c37a53c4025
Size

140KB
MD5

6463c22580333e6383875f93fb4dee12
SHA1

0be9e4d8a53af9286574317498b334a1319af078
SHA256

c176d20c0819f2a7ccca0e49d5d7eb16f4ac13bf2afc55a095239c37a53c4025
SHA512

c8b38af0c5be09dd6278c21226a190fc156adffdcb9ed5022bb8d890e03e9b688a7dc650deabf808f95b8ac2cf2fd4461ca079e7bb66ceada0dbe7960b1a09b0
SSDEEP

1536:lUTgYTd7WKBVo5fkZa1NftI0oeGNUGOWse28b9vCb+eUiEYcGP:E3x7Wko5fIUXTGbee28Baoi3H

Score

N/A

Malware Config

Signatures

Files

c176d20c0819f2a7ccca0e49d5d7eb16f4ac13bf2afc55a095239c37a53c4025
.dll windows x86

8aae7bf2a63ed10c0c4ec0a145dda36e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fileio32

OpenFile32
flopen
flread
flclose
CloseFile32
WriteFile32

pwutil32

ord212

ddio1

myParmFileOpen
myDDReadNamedStruct

cvtutils

PW3DDirFileSave
ddLoadStr
PW3DDirShutDown
DDWriteString
LoadStr
DisplayStatusMsg
GetDidPtr
ErrorMsg
PW3DDirFileOpen
PW3DDReadNamedStruct
DDInsertRecord
GetDid
Getddefault
PW3DDAddNamedStruct
NewEntry
SearchForNewMatchingNamedTable
DDReadString
DDUpdateString

mfc42

ord4698
ord4079
ord5300
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord5302
ord2725
ord4622
ord4424
ord3738
ord561
ord825
ord4274
ord800
ord941
ord939
ord858
ord5572
ord2915
ord540
ord3953
ord940
ord2614
ord860
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord3079
ord4080
ord5307
ord5289
ord815
ord1116
ord1176
ord1575
ord1243
ord1168
ord1570
ord1253
ord1197
ord6467
ord1578
ord1255
ord826
ord269
ord600
ord342
ord1182
ord1577

msvcrt

_splitpath
__CxxFrameHandler
??1type_info@@UAE@XZ
_EH_prolog
strpbrk
memset
strncpy
strrchr
strchr
_onexit
??2@YAPAXI@Z
__dllonexit
malloc
free
_initterm
_adjust_fdiv

kernel32

LocalAlloc
lstrcmpA
lstrcatA
lstrcpyA
GlobalFree
GlobalUnlock
_lclose
GlobalLock
GlobalAlloc
_lread
OpenFile
GetPrivateProfileStringA
lstrcpynA
LocalFree
lstrlenA
lstrcmpiA

user32

wsprintfA
GetFocus
MessageBoxA
CharLowerA

Exports

Exports

Convert

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8aae7bf2a63ed10c0c4ec0a145dda36e

Headers

File Characteristics

Imports

fileio32

pwutil32

ddio1

cvtutils

mfc42

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 1KB

.text Size: 100KB - Virtual size: 100KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 100KB - Virtual size: 100KB