a33787dd626c2b971717f2dab1a03e33f07258a9a170ec376ad58dca640eba8a

Sharing

Copy URL Twitter E-mail

General

Target

a33787dd626c2b971717f2dab1a03e33f07258a9a170ec376ad58dca640eba8a
Size

97KB
MD5

0a992b9a86db72b4c53c4d2b7bb9cf54
SHA1

391d7d9922ae8da413d1896bc1428491cd3ddbbd
SHA256

a33787dd626c2b971717f2dab1a03e33f07258a9a170ec376ad58dca640eba8a
SHA512

64c071dba58e7f309f0810011e7c287efc0c1b1d56edf0a2f55a3971397790bb7abde6f10755fc57d6203e4829a71403eef87aa3300beff25e51c4ade1cea9a9
SSDEEP

3072:XOK7cGojGLxLfWd8anr2cAjwtknAVrL+:XOK7LOOxLfWd8OqTwj1a

Score

N/A

Malware Config

Signatures

Files

a33787dd626c2b971717f2dab1a03e33f07258a9a170ec376ad58dca640eba8a
.dll windows x86

9f59427f83066a955084947051337997

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
DisableThreadLibraryCalls
Sleep
FlushInstructionCache
GetCurrentProcess
CloseHandle
DecodePointer
EncodePointer
InterlockedCompareExchange
TerminateProcess
SetLastError
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
InterlockedExchange
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

SetRect
ScreenToClient
GetForegroundWindow
GetCursorPos
mouse_event
GetAsyncKeyState
CreateWindowExA

shell32

ShellExecuteA

msvcp100

?_Id_cnt@id@locale@std@@0HA
?id@?$codecvt@DDH@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Xout_of_range@std@@YAXPBD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1_Lockit@std@@QAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Xlength_error@std@@YAXPBD@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

msvcr100

_CxxThrowException
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memmove
fgetc
fputc
ungetc
_lock_file
__CxxFrameHandler3
fflush
setvbuf
memcpy_s
fwrite
fgetpos
_fseeki64
fsetpos
fclose
_CIcos
_CIsin
malloc
sprintf
_beginthreadex
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??0bad_cast@std@@QAE@PBD@Z
memset
memcpy
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_unlock_file

d3d9

Direct3DCreate9

d3dx9_41

D3DXCreateLine
D3DXCreateFontA
D3DXMatrixTranspose

winmm

sndPlaySoundA

Sections

.text
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT
Size: - Virtual size: 431B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ddraw0
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ddraw1
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f59427f83066a955084947051337997

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

msvcp100

msvcr100

d3d9

d3dx9_41

winmm

Sections

.text Size: - Virtual size: 19KB

_TEXT Size: - Virtual size: 431B

.rdata Size: - Virtual size: 24KB

.data Size: - Virtual size: 10KB

.ddraw0 Size: - Virtual size: 10KB

.ddraw1 Size: 95KB - Virtual size: 94KB

.reloc Size: 512B - Virtual size: 124B

.rsrc Size: 512B - Virtual size: 434B

.text
Size: - Virtual size: 19KB

_TEXT
Size: - Virtual size: 431B

.rdata
Size: - Virtual size: 24KB

.data
Size: - Virtual size: 10KB

.ddraw0
Size: - Virtual size: 10KB

.ddraw1
Size: 95KB - Virtual size: 94KB

.reloc
Size: 512B - Virtual size: 124B

.rsrc
Size: 512B - Virtual size: 434B