685975e76b4f50d370780cd85c4161086ed06559758afc786dbfc60ea46c10ed

Sharing

Copy URL Twitter E-mail

General

Target

685975e76b4f50d370780cd85c4161086ed06559758afc786dbfc60ea46c10ed
Size

228KB
MD5

a1833393fe4533f51a70e9407059c661
SHA1

772a9aa89644bdab7db06d752741c7bef21063dc
SHA256

685975e76b4f50d370780cd85c4161086ed06559758afc786dbfc60ea46c10ed
SHA512

8c76a0211caae862db86ad84f31f409b68ecca9a56b920c46338fa22f86782e9692a1fdae347661824eab9c7efc43362db235146fe3f61a0b3167c52e134cbdb
SSDEEP

6144:raZ66+CgLi3d6SkuyP2rR6D96JBI6WCKF9MYgqNjsUwq:+86pvkor496JS6eFCXqNjp7

Score

N/A

Malware Config

Signatures

Files

685975e76b4f50d370780cd85c4161086ed06559758afc786dbfc60ea46c10ed
.dll windows x86

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FreeEnvironmentStringsW
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetDateFormatA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPriorityClass
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalReAlloc
HeapAlloc
HeapCreate
InterlockedExchange
InterlockedIncrement
LCMapStringA
MulDiv
OpenProcess
SetFilePointer
TlsSetValue
VirtualFree
WideCharToMultiByte
lstrcmpiA
lstrcpynA

advapi32

AccessCheck
BackupEventLogW
BuildImpersonateTrusteeW
CopySid
CryptSignHashA
EqualPrefixSid
GetWindowsAccountDomainSid
LogonUserW
LsaClose
LsaQuerySecurityObject
LsaRemovePrivilegesFromAccount
RegQueryMultipleValuesA
RegSetKeySecurity
RegisterEventSourceA

user32

ScrollWindowEx
ReleaseDC
LoadStringA
IsZoomed
SetScrollInfo
LoadImageA
IsIconic
IsDlgButtonChecked
GetSubMenu
DrawIconEx
DialogBoxParamA
DestroyWindow
DeferWindowPos
CloseClipboard
SetWindowTextA
CheckRadioButton

ole32

CoRegisterMessageFilter
CoCreateInstance
IsEqualGUID

ddraw

GetDDSurfaceLocal
DirectDrawEnumerateW
DirectDrawEnumerateExW
DirectDrawEnumerateExA
DirectDrawEnumerateA
DirectDrawCreateClipper
DSoundHelp
DDInternalLock
GetSurfaceFromDC

Exports

Exports

GetThumbnailFromExifTiff

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ddraw

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 92KB - Virtual size: 160KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 92KB - Virtual size: 160KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB