6c8badab278590c27ce17d9a1ea2767cc7d02082201305c56c31f68bfd2611ee

Sharing

Copy URL Twitter E-mail

General

Target

6c8badab278590c27ce17d9a1ea2767cc7d02082201305c56c31f68bfd2611ee
Size

576KB
MD5

7cabded70a6e8bcab8fb152c76d2ff80
SHA1

ed344c2164b52d9f7acdf88dafce0ba7a60e5824
SHA256

6c8badab278590c27ce17d9a1ea2767cc7d02082201305c56c31f68bfd2611ee
SHA512

b967f675b865e387bacc5cfed37b677b5f15d8350026c1f2298135cf73f87debd430de1edd5bd867033355f7d572db437611e339ed8c2a9f4152221b6f5279fe
SSDEEP

12288:ework0C5uoeBl4/f95qpsnGVMlrHlsdI/mXz30Fxl:urM5XN5qOXNFsdIqb0

Score

N/A

Malware Config

Signatures

Files

6c8badab278590c27ce17d9a1ea2767cc7d02082201305c56c31f68bfd2611ee
.dll windows x86

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

kernel32

GetLastError
GlobalAlloc
GetCurrentThreadId
DeleteCriticalSection
GetModuleFileNameA
Sleep
GlobalFree
WriteFile
GetDateFormatA
SetThreadPriority
TlsGetValue
GetStartupInfoA
LeaveCriticalSection
GetTempPathA
FreeLibrary
VirtualFree
GetProcAddress
TlsAlloc
VirtualAlloc
CreateFileA
SetLastError
GetTickCount
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
LoadLibraryA
InitializeCriticalSection
GlobalSize
EnterCriticalSection
GetCurrentThread

msvcrt

memset
atol
fread
memcpy
fopen
_ftol
free
sprintf
strncmp
fprintf
ftell
rand
ungetc
sscanf
realloc
_stricmp
bsearch
fflush
_CIpow
getenv
fgets
sqrt
calloc
floor
strcpy
qsort
_assert
printf
strtok
abort
memmove
strcmp
atof
memcmp
fclose
atoi
strstr
_iob
_filbuf
fseek
malloc
exit
fscanf
fwrite

gdi32

SelectObject
CreateSolidBrush
DeleteDC
CreateFontIndirectA
BitBlt
GetObjectType
DeleteObject
GetOutlineTextMetricsA
CreateCompatibleBitmap
DescribePixelFormat
CreateDIBSection
CreateCompatibleDC
GetGlyphOutlineA
GetRasterizerCaps
GetObjectA
SetDIBColorTable
GetPixelFormat
GetCurrentObject
GetPaletteEntries
GetDeviceCaps
ExtEscape

user32

GetDesktopWindow
UnhookWindowsHookEx
GetClientRect
GetWindowThreadProcessId
FillRect
GetParent
GetDC
wsprintfA
DestroyWindow
ClientToScreen
ReleaseDC
MessageBoxA
GetWindowRect
WindowFromDC

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

FromString
IsTrue
set_sBIT
write_init_3

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e47c3f43c45e91c7a58159ccb69f7c21

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 204KB - Virtual size: 202KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 204KB - Virtual size: 202KB

.reloc
Size: 8KB - Virtual size: 6KB