4310e33d1d30eaf72cd87165cd1e6203b9e157ef6ebde44695cec3932e216353

Sharing

Copy URL Twitter E-mail

General

Target

4310e33d1d30eaf72cd87165cd1e6203b9e157ef6ebde44695cec3932e216353
Size

49KB
MD5

5d20c2448007b3254f3a1413c20e253a
SHA1

4485d7c83f7bf6503197d812c18e4d26643dfb2b
SHA256

4310e33d1d30eaf72cd87165cd1e6203b9e157ef6ebde44695cec3932e216353
SHA512

22e19bb0f1f4c23411c30c7a51b6be4a144f47e0cee1d37635bbbe9cd1bce4090d678772f6130dc10bf114dafb90ab8ef59ba6578b9822fbbd8c4ee59da77a5d
SSDEEP

1536:+RU9hUxxZaAGJLtpUQcoQ8EP4goQ8WQIMMYIDIxC29yR9AuJITWnRvV6x+E4:+RUjCAAGJLtpUQcoQ8EP4goQ8WQIMMYm

Score

N/A

Malware Config

Signatures

Files

4310e33d1d30eaf72cd87165cd1e6203b9e157ef6ebde44695cec3932e216353
.exe windows x86

d3e3a78ab3e6a63ded920c1b7bd76bc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

AcquireDDThreadLock
ReleaseDDThreadLock
D3DParseUnknownCommand
CompleteCreateSysmemSurface
DDInternalLock
DDInternalUnlock

dhcpcsvc

McastApiStartup

kernel32

IsBadCodePtr
GetTickCount
GetVersionExA
GetModuleHandleA
LocalAlloc
FreeLibrary
GetSystemTimeAsFileTime
VirtualFree
GetModuleFileNameA
GetCurrentProcess
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
LocalReAlloc
GetSystemInfo
VirtualAlloc
IsBadReadPtr
GetCurrentThreadId
TerminateProcess
LocalFree
GetCurrentProcessId
DisableThreadLibraryCalls

advapi32

RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey
RegQueryValueExA

msvcrt

sprintf
_onexit
_except_handler3
_purecall
fopen
exp
_CIexp
ftell
fclose
_CxxThrowException
fseek
__dllonexit
_adjust_fdiv
_CIpow
free
fflush
malloc
_CIsqrt
_initterm
__CxxFrameHandler
fwrite

ws2_32

WSAGetLastError

ntdll

NtCreateKey

user32

IsRectEmpty
IntersectRect

Sections

.textbss
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3e3a78ab3e6a63ded920c1b7bd76bc3

Headers

DLL Characteristics

File Characteristics

Imports

ddraw

dhcpcsvc

kernel32

advapi32

msvcrt

ws2_32

ntdll

user32

Sections

.textbss Size: - Virtual size: 208KB

.text Size: 512B - Virtual size: 436B

.idata Size: 47KB - Virtual size: 46KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 468B

.textbss
Size: - Virtual size: 208KB

.text
Size: 512B - Virtual size: 436B

.idata
Size: 47KB - Virtual size: 46KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 468B