1649551c41d9efb54ae39a7b028da8f543882a4de6b96d8db38c9b4abe7b42e1

Sharing

Copy URL Twitter E-mail

General

Target

1649551c41d9efb54ae39a7b028da8f543882a4de6b96d8db38c9b4abe7b42e1
Size

352KB
MD5

a01e86869698e6cf63c6e819adc91e34
SHA1

8af63bf4109d90e3546b8bed77641385fada62e9
SHA256

1649551c41d9efb54ae39a7b028da8f543882a4de6b96d8db38c9b4abe7b42e1
SHA512

f6d6320be7fc19924d2385b5ea36d9bb60e22727e499c333554817782c9c1999747dc84a1ebf5d8c4c8865f95992f9b4fec88bef6556f1ae7c8e4572d3f5100a
SSDEEP

6144:BdbMiBeEdQWWZtm0HxmF85HQHaj0yMNf+Zwrqx005dsUO:BRMisEdQWWLnxj5FQ5Nmaex005iUO

Score

N/A

Malware Config

Signatures

Files

1649551c41d9efb54ae39a7b028da8f543882a4de6b96d8db38c9b4abe7b42e1
.dll windows x86

528d7c2a9591d8de5ea8138ee6f17de7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoInitialize
CoCreateInstance

user32

TranslateMessage
PostQuitMessage
RegisterWindowMessageA
RegisterClassExA
GetClassInfoExA
CreateWindowExA
DefWindowProcA
DestroyWindow
UnregisterClassA
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
GetMessageA
PostMessageA
PostThreadMessageA
CharLowerA
CharNextA
GetSystemMetrics

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr71

sscanf
_mbctype
realloc
_stricmp
fscanf
memset
memcpy
rand
srand
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
strchr
atoi
_fsopen
fread
strrchr
strncpy
strstr
fclose
fwrite
fopen
_splitpath
__CxxFrameHandler
memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
malloc
free
??3@YAXPAX@Z
_purecall
??_V@YAXPAX@Z
printf
sprintf
_except_handler3
_strnicmp
_stat
_putenv

oleaut32

GetErrorInfo
SysFreeString
SysAllocString

kernel32

LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetErrorMode
GetTickCount
DeleteFileA
GetLastError
QueryPerformanceFrequency
CreateThread
WaitForMultipleObjects
GetExitCodeThread
WaitForSingleObject
TerminateThread
InterlockedDecrement
InterlockedIncrement
CreateEventA
ResetEvent
SetEvent
CloseHandle
InterlockedExchange
Sleep
GetCurrentThreadId
LoadLibraryA
FreeLibrary
GetProcAddress
GetModuleFileNameA

Exports

Exports

CanUnload2
RMACreateInstance
SetDLLAccessPath

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

528d7c2a9591d8de5ea8138ee6f17de7

Headers

File Characteristics

Imports

ole32

user32

advapi32

msvcp71

msvcr71

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.text Size: 172KB - Virtual size: 172KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 172KB