c0b9ce2518684af0c28ea52b7720fd11e9c20817687f0efd353ff4205a79e8e0

Sharing

Copy URL Twitter E-mail

General

Target

c0b9ce2518684af0c28ea52b7720fd11e9c20817687f0efd353ff4205a79e8e0
Size

496KB
MD5

5c3df7a5d0c44836f77ab398b31d77a2
SHA1

4ea0d1bc1d2094c14fdb575883b7ad487e8ae848
SHA256

c0b9ce2518684af0c28ea52b7720fd11e9c20817687f0efd353ff4205a79e8e0
SHA512

310156b275cf2e2799526c4b6318dddec31a677762c148cf9467fbc2adb25ecf7cd38ca2d7be761b6c2a1cf3c57b9eb5c000fc2b38538e4b5ce0339625515aaf
SSDEEP

12288:8E3rPMVLqffhzDHy4+ILMmn4Kiy8cO/4OhIJgoqxyx+slevGFi6SrbuDqL6xcGYf:8E3rPMV+fpfHjlUxgSv56SXwq+xWe8

Score

N/A

Malware Config

Signatures

Files

c0b9ce2518684af0c28ea52b7720fd11e9c20817687f0efd353ff4205a79e8e0
.dll windows x86

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

printf
_mbctype
_adjust_fdiv
_initterm
__dllonexit
_telli64
_lseeki64
_chsize
_fstat
_ftol
strtod
isdigit
_onexit
_errno
_vsnprintf
tolower
memmove
atof
atol
sscanf
_purecall
strtok
rand
fopen
fread
isspace
fclose
realloc
malloc
wcslen
abort
strchr
toupper
atoi
strtol
qsort
strncmp
strrchr
_stricmp
free
_strdup
strncpy
strstr
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
_putenv
_strnicmp
_itoa
_stat
_strcmpi
_strlwr
_strupr

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalUnlock
SetErrorMode
GetSystemInfo
GetVersionExA
GlobalAlloc
DisableThreadLibraryCalls
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTempPathA
InterlockedDecrement
InterlockedIncrement
GetLastError
FreeLibrary
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GlobalFree
MulDiv
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetVersion
CloseHandle
GetFileSize
CreateFileA

user32

GetMenu
GetWindowLongA
DrawTextA
GetIconInfo
FillRect
AdjustWindowRectEx
GetKeyState
GetWindowThreadProcessId
RedrawWindow
SetRect
CreateCursor
SystemParametersInfoA
GetSysColor
CharNextA
RegisterClassA
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetFocus
DestroyCursor
RegisterClassExA
GetWindowRect
GetUpdateRect
GetDC
ReleaseDC
BeginPaint
EndPaint
GetActiveWindow
SetCursor
InvalidateRect
GetDesktopWindow
GetMenuItemInfoA
GetClientRect
WindowFromPoint
PtInRect
IsChild
KillTimer
PostMessageA
IsWindow
DestroyWindow
CreateWindowExA
GetWindow
CallNextHookEx
GetCursorPos
SendMessageA
EndDeferWindowPos
WaitMessage
PostQuitMessage
SetFocus
ChildWindowFromPointEx
GetClassNameA
IsWindowEnabled
MapWindowPoints
GetTopWindow
GetMenuItemCount
SetActiveWindow
SetWindowPos
UnhookWindowsHookEx
UnregisterClassA
GetParent
SetCursorPos
GetSystemMetrics
ShowCursor
SetWindowsHookExA
SetWindowLongA
LoadIconA
LoadCursorA
SetCapture
ReleaseCapture
GetDlgItem
CallWindowProcA
DefWindowProcA
ScreenToClient
ClientToScreen
SetWindowRgn
SetTimer
EnumChildWindows

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA

gdi32

IntersectClipRect
SetTextColor
BitBlt
SetBkMode
SetBkColor
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateCompatibleDC
SetPixel
CreateSolidBrush
GetBitmapBits
GetObjectA
CreateDIBitmap
SetBitmapBits
PatBlt
CreateBitmap
CreateCompatibleBitmap
GetDIBits
CreateRectRgn
CombineRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetPixel
CreateFontIndirectA
DeleteDC

comctl32

ord17

shell32

DragQueryPoint
DragQueryFileA
ExtractIconExA
DragFinish

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 24KB - Virtual size: 20KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 24KB - Virtual size: 20KB

.rmnet
Size: 60KB - Virtual size: 60KB