5600033d753b47c27d5951f3a07d217e31baca466cbd00d018f856c8ad46e0ab

Sharing

Copy URL Twitter E-mail

General

Target

5600033d753b47c27d5951f3a07d217e31baca466cbd00d018f856c8ad46e0ab
Size

352KB
MD5

9198e0e78da7c06b9c64fb941965241a
SHA1

3a56923c46629d3e8ac8ac651f477179fa029916
SHA256

5600033d753b47c27d5951f3a07d217e31baca466cbd00d018f856c8ad46e0ab
SHA512

52ee5fc6790bda3914cec64cff3708b1f868207a3dc71507f3ff87514d5a89cad4755238b3920fe10f12ca56d7268db4dd23cba167531e3b5d45b3002fc4c761
SSDEEP

6144:N8DlsUiH+fjoRJwnIqO2Dwx7zmEK0lnOy+yEvT4FLQ19Fm/vKC9qNfKk:+ZRsonIR2sIEKKndgDk3KCcw

Score

N/A

Malware Config

Signatures

Files

5600033d753b47c27d5951f3a07d217e31baca466cbd00d018f856c8ad46e0ab
.exe windows x86

8436002aa6c156e2145d19375db4e249

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42u

ord2971
ord3076
ord2980
ord3257
ord2854
ord4459
ord3254
ord3142
ord6238
ord823
ord4270
ord765
ord567
ord3693
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord3131
ord2977
ord5273
ord2116
ord2438
ord6051
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4401
ord1768
ord4073
ord825

msvcrt

??1type_info@@UAE@XZ
wcslen
__CxxFrameHandler
_ftol
?terminate@@YAXXZ
_except_handler3

dinput

DirectInputCreateW

user32

DestroyIcon
ChildWindowFromPoint
IsWindowVisible
GetMessageTime
GetCursorPos
CreateWindowExW
RegisterDeviceNotificationW
IsWindow
ScreenToClient
LoadImageW
MapWindowPoints
InvalidateRect
SetRect
GetSysColor
EnableWindow
RedrawWindow
GetWindowRect
GetSystemMetrics
MessageBoxW
WinHelpW
UnregisterClassW
DestroyWindow
SendMessageW
GetWindowDC
SetTimer
GetClientRect
LoadStringW
wsprintfW
GetParent
PostMessageW
GetDC
ReleaseDC
UnregisterDeviceNotification
KillTimer
SendDlgItemMessageW
SetWindowPos
GetDlgItem
SetWindowLongW
RegisterClassExW
DefWindowProcW
BeginPaint
GetWindowLongW
DrawIconEx
GetWindowTextW
DrawTextW
EndPaint
GetDlgCtrlID

gdi32

CreatePolygonRgn
DeleteDC
BitBlt
DPtoLP
SetMapMode
GetMapMode
SelectObject
CreateCompatibleDC
GetRgnBox
GetStockObject
SetBkColor
Ellipse
SetDCPenColor
SetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
LineTo
MoveToEx
CreatePenIndirect
GetDeviceCaps
CreateFontW
CreateSolidBrush
ExtTextOutW
DeleteObject
SetBkMode
PaintRgn
SetTextColor

kernel32

InitializeCriticalSection
LocalFree
GetLastError
MulDiv
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedDecrement
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
IsBadWritePtr
IsBadReadPtr
EnterCriticalSection
Sleep
lstrlenW

advapi32

RegQueryValueExW
RegCloseKey

shlwapi

StrCpyNW
StrDupW
StrNCatW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 2KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ik
Size: 2KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ocode
Size: 2KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kpack0
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gddg8
Size: 2KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iaoq
Size: 2KB - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oxcodex
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0x0x1
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0x0x
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8436002aa6c156e2145d19375db4e249

Headers

DLL Characteristics

File Characteristics

Imports

mfc42u

msvcrt

dinput

user32

gdi32

kernel32

advapi32

shlwapi

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 1KB

.tls Size: 2KB - Virtual size: 13B

.ndata Size: 2KB - Virtual size: 364B

.ik Size: 2KB - Virtual size: 48B

.ocode Size: 2KB - Virtual size: 132B

.kpack0 Size: 146KB - Virtual size: 145KB

.gddg8 Size: 2KB - Virtual size: 156B

.iaoq Size: 2KB - Virtual size: 260B

.oxcodex Size: 2KB - Virtual size: 2KB

.0x0x1 Size: 2KB - Virtual size: 512B

.0x0x Size: 148KB - Virtual size: 147KB

.CRT Size: 2KB - Virtual size: 12B

.rsrc Size: 18KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 276KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 1KB

.tls
Size: 2KB - Virtual size: 13B

.ndata
Size: 2KB - Virtual size: 364B

.ik
Size: 2KB - Virtual size: 48B

.ocode
Size: 2KB - Virtual size: 132B

.kpack0
Size: 146KB - Virtual size: 145KB

.gddg8
Size: 2KB - Virtual size: 156B

.iaoq
Size: 2KB - Virtual size: 260B

.oxcodex
Size: 2KB - Virtual size: 2KB

.0x0x1
Size: 2KB - Virtual size: 512B

.0x0x
Size: 148KB - Virtual size: 147KB

.CRT
Size: 2KB - Virtual size: 12B

.rsrc
Size: 18KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 276KB