e484c860a7635f1c7a9bdc02ce423fb309d2e9bba5754d77340376f4011b5a7c

Sharing

Copy URL

Twitter E-mail

General

Target

e484c860a7635f1c7a9bdc02ce423fb309d2e9bba5754d77340376f4011b5a7c
Size

164KB
MD5

42becf7d7b757755358aa451a058bd58
SHA1

7f8fa6a27cdee18379d290221c404439551cf217
SHA256

e484c860a7635f1c7a9bdc02ce423fb309d2e9bba5754d77340376f4011b5a7c
SHA512

82327435c0ed45315e38d286ebdbd4c7db61ee9f34725804a742a1bb3a024eb9778c2e71d143c93d54e402970ef1d6c49f816f28c20ab57d53ee7928bba0b3e3
SSDEEP

3072:lNFcz3gEOMyuyoeDFpKoIwr4KhQg7i4XhTDMh:rK8EdJ9eDKoIyag7NXFDW

Score

N/A

Malware Config

Signatures

Files

e484c860a7635f1c7a9bdc02ce423fb309d2e9bba5754d77340376f4011b5a7c
.dll windows x86

21c97bec5fb4e5701ac80939a33e52fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
RaiseException
SetLastError
GetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
InterlockedExchange
CompareStringA
FreeLibrary
GetLocalTime
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
InterlockedIncrement
InterlockedDecrement

user32

SetRect
DestroyWindow
IsWindow
KillTimer
SetTimer
MoveWindow
GetWindowPlacement
IsIconic
GetWindowRect
IntersectRect
GetActiveWindow
IsRectEmpty
OffsetRect

ole32

CoInitialize
CoUninitialize

actioncommondll

?SetWindowCorner@@YAXPAUHWND__@@QAY0BAE@GHK@Z
?OpenImgToGetInfo@@YAPAVMagPicture@PubImage@@PBGK@Z
?IsFileFxist@CPathEx@@SAHPBG@Z
?GetOpenSaveFileName@@YAHPAUHWND__@@HPAGKKPBG22_KPAUPICC_IO_OUTOPTION@@PBX@Z
?OpenImgFile@@YAPAVMagPicture@PubImage@@PBGHP6GIPAX@Z1H@Z
??0CExifPropertyReader@@QAE@XZ
?ImportExifInfoEx@CExifPropertyReader@@QAEHPAU_EXIF_INFORMATION_EX@@@Z
?GetPropNameByID@CExifPropertyReader@@QAEPBGJ@Z
?GetPropValueByID@CExifPropertyReader@@QAEPBGJ@Z
??1CExifPropertyReader@@QAE@XZ
?GetImageExifEx@@YAHPBGPAU_EXIF_INFORMATION_EX@@@Z
?IsHebraic@@YAHXZ
?SetWindowStyleForHebraic@@YAXPAUHWND__@@@Z
?GetUIFileMagPath@CPathEx@@SAPBGPBGPAGPAUHINSTANCE__@@@Z
?GetUIFile@CPathEx@@SAXPBGPAGPAUHINSTANCE__@@@Z
?CreateLayoutByName@@YAPAVMagAUI@PubMagic@@PBG@Z
?GetModulePath@CPathEx@@SAPBGPAUHINSTANCE__@@PAG@Z
?IsWindowVersionHigherThan98@@YAHXZ

msvcp60

?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

msvcrt

_adjust_fdiv
__CxxFrameHandler
??2@YAPAXI@Z
_wsplitpath
_purecall
wcscpy
wcslen
wcscat
wcscmp
swprintf
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
iswctype
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_ftol
free
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
malloc

magpcmac

Mag0FSRCreateWithPath
Mag0FSRRelease
MagPathRemoveFileSpec
MagPathAddSlash
MagPathAppend
MagPathFindExtension
MagGetProcAddress
MagFreeLibrary
MagLoadLibrary
MagCopyFile
MagFindFirstFile
MagFindClose
MagPathFileExists
MagEnterCriticalSection
MagLeaveCriticalSection
MagDeleteCriticalSection
MagInitCriticalSection

magappframework

?ClearCallBacks@CMagCallbackMap@@IAEXXZ
?UnionMessageValue@CMagWindMessageMap@@MAEII@Z
?ProcessMessage@CMagDialog@@UAEJIIJAAH@Z
?AddCallBack@CMagCallbackMap@@IAEXPADJP6AJPAVMagElement@PubMagic@@QBX2@Z@Z
??1CMagCallbackMap@@UAE@XZ
??0CMagCallbackMap@@QAE@XZ
?RegisterCallBacks@CMagCallbackMap@@MAEXXZ
?OnOK@CMagDialog@@MAEXXZ
?EndDialog@CMagDialog@@UAEXH@Z
?DoModal@CMagDialog@@UAEHXZ
??1CMagDialog@@UAE@XZ
?MagCreateLayoutW@@YAPAVMagPanel@PubMagic@@PBG@Z
?GetCatalog@CMagWindow@@QAEPAVMagPanel@PubMagic@@XZ
?GetWindow@CMagWindow@@QAEPAUHWND__@@XZ
?GetMagWindowStyle@CMagWindow@@QAEKXZ
?SetMagWindowStyle@CMagWindow@@QAEXK@Z
?SetMinSize@CMagWindow@@QAEXUtagSIZE@@@Z
?RepositionWindow@CMagWindow@@QAEXW4MagWindowRepositionKind@@@Z
?IsZoomed@CMagWindow@@QAEHXZ
??0CMagDialog@@QAE@XZ
?RegisterCallBacks@CMagDialog@@MAEXXZ
?Create@CMagWindow@@UAEHPBDPAUtagRECT@@PAUHWND__@@@Z
?Create@CMagWindow@@UAEHPBGPAUtagRECT@@PAUHWND__@@@Z
?SetDefaultCallBackName@CMagDialog@@UAEXPADW4MagDefaultCallBackKind@@@Z
?PreCreateWind@CMagModalWnd@@MAEXAAUtagCREATESTRUCTW@@@Z
?PreCreate@CMagWindow@@MAEHXZ
?DidCreate@CMagDialog@@MAEXXZ
?AskForClose@CMagWindow@@MAEHXZ
?WillClose@CMagModalWnd@@MAEXXZ
?DidClose@CMagDialog@@MAEXXZ
?QuitAppAfterDestroyed@CMagWindow@@MAEHXZ
?PreRegisterMagWndClass@CMagWindow@@MAEXAAUtagWNDCLASSEXW@@@Z
?OnCancel@CMagDialog@@MAEXXZ

shlwapi

PathAddBackslashW

winmm

mciSendCommandA

magcore

Mag0CopyObject
Mag0LoadModuleDllW
Mag0FreeModuleDll
Mag0Retain
Mag0CreateObj
Mag0Release
Mag0RetainCount
Mag0Inter

Exports

Exports

MyDllCanUnloadNow
MyDllGetClassObject

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c97bec5fb4e5701ac80939a33e52fe

Headers

File Characteristics

Imports

kernel32

user32

ole32

actioncommondll

msvcp60

msvcrt

magpcmac

magappframework

shlwapi

winmm

magcore

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 12KB - Virtual size: 10KB