152a16b4ccb848e96c1ca46cb204a95624238d86e14df0abc6b14233dccf332e

Sharing

Copy URL Twitter E-mail

General

Target

152a16b4ccb848e96c1ca46cb204a95624238d86e14df0abc6b14233dccf332e
Size

340KB
MD5

79fcaad094eb485bbb62c7cb56115fa0
SHA1

4adff5a598c1d1b7b688ca638ceff9b1a52826ca
SHA256

152a16b4ccb848e96c1ca46cb204a95624238d86e14df0abc6b14233dccf332e
SHA512

4543e41215f66e2f8d110bec0ea6ff6fcac85015cb2fe037330ccec7cf07ab5b66ec6a030c05c1d8d49104318ceb2b2721980f19a0fef8b768bbec3e826be152
SSDEEP

6144:y8A2H7a7+Ydg39oiNmhyqaaQujZMnd8ICgaajOfI0:y8/Hm7Ndg3qYmMWIa+Ofj

Score

N/A

Malware Config

Signatures

Files

152a16b4ccb848e96c1ca46cb204a95624238d86e14df0abc6b14233dccf332e
.dll windows x86

0bf47cdfc9586bb66f80e4d3527ecf9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ipssrun

ord206
ord108
ord39
ord61
ord90
ord208
ord124
ord162
ord47
ord48
ord73
ord332
ord50
ord51
ord28
ord52
ord82
ord54
ord122
ord43
ord279
ord60
ord182
ord214
ord88
ord38
ord30
ord125
ord71
ord228
ord367
ord166
ord375
ord227
ord178
ord167
ord179
ord35
ord143
ord58
ord25
ord141
ord351
ord352
ord42
ord175
ord37
ord34
ord212
ord29
ord32
ord102
ord174
ord103
ord398
ord85
ord121
ord225
ord33
ord213
ord136
ord215
ord27
ord183
ord26

gs

draw_rect
SetPenDashMode
pen_size
draw_oval
GsLockDctx
GsUnlockDctx
point_in_rect
set_rect
draw_caption_unicode
draw_poly
pen_color
pen_dash
move_to
line_to
clip_rect

kernel32

SetEndOfFile
ReadFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileW
FlushFileBuffers
SetStdHandle
InterlockedIncrement
InterlockedDecrement
SetFilePointer
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
CloseHandle
GetLastError
GetProcAddress
RtlUnwind
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetVersion
GetCommandLineA
HeapReAlloc
GetTimeZoneInformation
HeapAlloc
HeapFree
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
GetModuleFileNameW
GetModuleHandleW
GetSystemTime
GetLocalTime
lstrcpyW
WideCharToMultiByte

user32

DrawTextW
SetRect
ReleaseDC
GetDC
LoadStringW

gdi32

DeleteObject
SelectObject
CreateFontIndirectW
DPtoLP

comdlg32

GetOpenFileNameW

Exports

Exports

IPPIDeleteParts
IPPINewParts
IPPIOnCommand
IPPIOnEvent
IPPIOnRefresh

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bf47cdfc9586bb66f80e4d3527ecf9b

Headers

File Characteristics

Imports

ipssrun

gs

kernel32

user32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 20KB - Virtual size: 24KB

.reloc Size: 8KB - Virtual size: 5KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 20KB - Virtual size: 24KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 108KB - Virtual size: 108KB