2fac714d9f16e0fed1857a8cb2f6e2bf5bca2b60ffafe05e8b8494ddd9d9bde9

General

Target

2fac714d9f16e0fed1857a8cb2f6e2bf5bca2b60ffafe05e8b8494ddd9d9bde9
Size

52KB
MD5

0ac3790a2624b771c26fc8ceba772363
SHA1

293489ac92cdcd3d0455e4bb30897cd8ffb30ae8
SHA256

2fac714d9f16e0fed1857a8cb2f6e2bf5bca2b60ffafe05e8b8494ddd9d9bde9
SHA512

1cabf70376d44e4dc9dd28e063b45f30d201a3c053688f75df4bce27d3e0c184b4a9efccb1148fc8d521323d6998ea60d3091450156bae678f269b49227da611
SSDEEP

768:DKNIra7IFE4ECToRzxhD+pdwTkmmn2yjKFObSUt+BNi6R9G5XUgWuY:DsIra74EmoprDw6TkgTi6LsXUgWH

Score

N/A

Malware Config

Signatures

Files

2fac714d9f16e0fed1857a8cb2f6e2bf5bca2b60ffafe05e8b8494ddd9d9bde9
.dll windows x86

9a125d61b4394a212c3d57a8009814d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
ReadFile
GetTickCount
VirtualAlloc
GetFileSize
CreateFileA
Sleep
WriteFile
GetTempPathA
CreateThread
TerminateProcess
GetPrivateProfileStringA
GetModuleHandleA
GetCurrentProcessId
DeleteFileA
GetCommandLineA
GetProcAddress
ExitProcess
GetModuleFileNameA
CopyFileA
WaitForMultipleObjects
GetDriveTypeA
GetLogicalDriveStringsA
SetFilePointer
WritePrivateProfileStringA
GetCurrentThreadId
TerminateThread
LeaveCriticalSection
EnterCriticalSection
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetLastError
GetLastError
LoadLibraryA
GlobalFree
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalUnlock
GlobalSize
GetCurrentProcess
ResumeThread
SuspendThread
InterlockedIncrement
InitializeCriticalSection
IsBadReadPtr

user32

GetWindow
GetFocus
AttachThreadInput
ToAscii
GetKeyboardState
GetAsyncKeyState
GetWindowThreadProcessId
GetClassNameA
GetForegroundWindow

gdi32

CreateDCA

msvcrt

strstr
_strlwr
_strcmpi
rand
malloc
wcscmp
??2@YAPAXI@Z
wcslen
realloc
free
strrchr
??3@YAXPAX@Z
_except_handler3
strcat
memset
strlen
memcpy
sprintf
strchr
_ltoa
atol
strcpy

Exports

Exports

Fantasy

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a125d61b4394a212c3d57a8009814d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 3KB