7c6ce82f7c4e2b0776f403555ef2b2fee477a1dd0c912e4bcf5b17c8ca810e12

Sharing

Copy URL Twitter E-mail

General

Target

7c6ce82f7c4e2b0776f403555ef2b2fee477a1dd0c912e4bcf5b17c8ca810e12
Size

470KB
MD5

68a8be616e89ff647c7af7f49b374248
SHA1

3bd01b67da1202284acc02ffe6fff9d608b4dac8
SHA256

7c6ce82f7c4e2b0776f403555ef2b2fee477a1dd0c912e4bcf5b17c8ca810e12
SHA512

d2a18da0f0ed022b701ca315293d8d5893d92bce5206730d1e2cb8f2f33f39ea17f18c924c754ce503712ee699eebc38e716e04d28f2568c05cecedafc3e4cfc
SSDEEP

12288:I643+0kZfDnHQRocf01wc1i4EgucFVVsULgjaENgjOj:x0k1nHQRbfXcZEqgUEjHsq

Score

N/A

Malware Config

Signatures

Files

7c6ce82f7c4e2b0776f403555ef2b2fee477a1dd0c912e4bcf5b17c8ca810e12
.dll windows x86

6adcf883f23479e100562eda71ddaa2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

dinput

DirectInputCreateA

gdi32

CreateFontIndirectA
DeleteDC
DeleteEnhMetaFile
DeleteObject
ExtTextOutA
ExtTextOutW
GetFontLanguageInfo
GetGlyphOutlineA
GetMetaRgn
CreateDIBSection
GetTextMetricsA
GetTextMetricsW
PolyDraw
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextAlign
GetObjectA
CreateCompatibleDC
CloseFigure

msvcrt

tolower
qsort
memmove
memcpy
malloc
iswspace
iswprint
iswalpha
free
floor
bsearch
_vsnprintf
_unlock
_stricmp
_j0
_ismbbpunct
_initterm
_atoi64
_amsg_exit
__dllonexit
_Strftime
_CxxThrowException
_CIsqrt
_CIsin
_CIatan
_CIasin
_CIacos

advapi32

RegQueryValueExA
RegCloseKey
CreateProcessWithLogonW
RemoveTraceCallback

kernel32

WaitForSingleObject
WideCharToMultiByte
UnhandledExceptionFilter
TryEnterCriticalSection
TerminateProcess
SizeofResource
SetThreadContext
RtlUnwind
ReleaseMutex
ReadFile
QueryPerformanceCounter
Process32Next
OutputDebugStringA
OpenThread
MultiByteToWideChar
MapUserPhysicalPagesScatter
LockResource
LocalAlloc
LoadResource
LoadLibraryA
LeaveCriticalSection
IsValidLanguageGroup
IsProcessorFeaturePresent
IsBadHugeWritePtr
InterlockedIncrement
WriteTapemark
VirtualAlloc
_llseek
WaitForMultipleObjects
CloseHandle
CreateFileA
CreateMutexA
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
GetACP
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFullPathNameW
GetLastError
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcessAffinityMask
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadPriorityBoost
GetTickCount
GetVersion
InterlockedCompareExchange
InterlockedExchange

Exports

Exports

FromMemory
Int_FromSize_t
StreamWriter
info_init_3

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6adcf883f23479e100562eda71ddaa2f

Headers

File Characteristics

Imports

ole32

dinput

gdi32

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 278KB - Virtual size: 277KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 278KB - Virtual size: 277KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 4KB - Virtual size: 3KB