a74b28c47afaa5e86090c542cb82db286f2ed7fb16eb00a81a861c61ad12addb

Sharing

Copy URL Twitter E-mail

General

Target

a74b28c47afaa5e86090c542cb82db286f2ed7fb16eb00a81a861c61ad12addb
Size

420KB
MD5

6d7ac539c1133c1057b2f44f13dc9fb9
SHA1

25b47a2191d523a481900f8787aeaa794b24cb52
SHA256

a74b28c47afaa5e86090c542cb82db286f2ed7fb16eb00a81a861c61ad12addb
SHA512

3d01c83f61ba979b42c08873960804af1d16c58f1f27d4331931f10f18ae388e3ab8510b7ae6a5829ba82bdab7cf2258b87ed013c10e0ed655e3f6c301b91a19
SSDEEP

12288:JUc4pBIQ4J9Mp2Vr07xUQPS0BvHZuFv/yYo/LaS:7aS5xfmwFv/y1WS

Score

N/A

Malware Config

Signatures

Files

a74b28c47afaa5e86090c542cb82db286f2ed7fb16eb00a81a861c61ad12addb
.dll windows x86

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegQueryValueExA
RemoveTraceCallback
RegCloseKey

gdi32

CloseFigure
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
DeleteDC
DeleteObject
ExtTextOutA
ExtTextOutW
GetFontLanguageInfo
GetGlyphOutlineA
GetObjectA
GetTextMetricsA
GetTextMetricsW
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextAlign

msvcrt

_isnan
_CIacos
tolower
qsort
memcpy
malloc
iswspace
iswpunct
iswprint
iswalpha
free
floor
_vsnprintf
_unlock
_stricmp
_j0
memmove
_initterm
_finite
_controlfp
_atoi64
_amsg_exit
__p__winver
__dllonexit
_XcptFilter
_Strftime
_CxxThrowException
_CIsqrt
_CIsin
_CIcos
_CIatan
_CIasin

ole32

CreateStreamOnHGlobal

kernel32

WriteTapemark
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualAlloc
UnhandledExceptionFilter
TryEnterCriticalSection
TerminateProcess
SizeofResource
SetThreadContext
RtlUnwind
ReleaseMutex
ReadFile
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessAffinityMask
GetModuleHandleA
GetModuleFileNameA
GetMailslotInfo
GetLastError
GetFullPathNameW
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FreeLibrary
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

Exports

Exports

ChangeSeparator
GetBBMainHwnd
OptimizeFaces
PreprocessShaderFromFileW
RecvPacket
VecSaveFile

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c4ec7d012fbd116f20a3c667868bea3

Headers

File Characteristics

Imports

advapi32

gdi32

msvcrt

ole32

kernel32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 215KB - Virtual size: 215KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 65KB - Virtual size: 64KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 215KB - Virtual size: 215KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 65KB - Virtual size: 64KB

.reloc
Size: 3KB - Virtual size: 2KB