741aa2f247a0ffb5861a0137875c1a83453b4f098449c95e67e5e63e36f91acd

Sharing

Copy URL Twitter E-mail

General

Target

741aa2f247a0ffb5861a0137875c1a83453b4f098449c95e67e5e63e36f91acd
Size

119KB
MD5

a2ad5eb5c296076e6438abd28c354310
SHA1

c1fe90e625152a14ca59a1452698a257112856ce
SHA256

741aa2f247a0ffb5861a0137875c1a83453b4f098449c95e67e5e63e36f91acd
SHA512

053d4f921a70ecf5aa2eedd978ac83968cc0b45f7467b1382a1f0c0b3c1547329e74b401c4f8c62bc01b7d2e6d73196e779f46b2527a1d80a829e16d29a859c9
SSDEEP

3072:LTeZ3fN5x1kb+KzRvBT/XfGPFuDa9Zgh9/AHN:3eBLx1kKKzR5T/XfG9u2ILa

Score

N/A

Malware Config

Signatures

Files

741aa2f247a0ffb5861a0137875c1a83453b4f098449c95e67e5e63e36f91acd
.dll windows x86

13f12f207a75fb5344e11b7563b3eb77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext

kernel32

UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
GetVersionExA
GetLocalTime
CopyFileA
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
ReadProcessMemory
VirtualQueryEx
GlobalFree
CreateFileMappingA
GlobalHandle
LoadLibraryA
CloseHandle
DeleteFileA
CreateFileA
GetFileSize
WriteFile
GetModuleFileNameA
CreateThread
GetModuleHandleA
GetTickCount
VirtualProtect
InterlockedExchange
Sleep
GetProcAddress
GetCurrentProcess
ReadFile
GlobalUnlock
GetTempPathA
GetCurrentProcessId

user32

GetDC
ReleaseDC
SetRect
SendMessageA
GetWindowThreadProcessId
PeekMessageA
DispatchMessageA
FindWindowExA
GetWindowTextA
GetWindowRect
GetForegroundWindow
TranslateMessage

gdi32

SelectObject
GetObjectA
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

ole32

CoCreateInstance

avifil32

AVIMakeCompressedStream
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamWrite
AVIFileInit
AVIStreamSetFormat
AVISaveOptionsFree
AVIFileCreateStreamA
AVIFileOpenA

msvfw32

ord2

winmm

waveInOpen
waveInAddBuffer
waveInClose
waveOutOpen
waveOutWrite
waveOutClose

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

strcat
vsprintf
_memicmp
strstr
strncpy
wcslen
_stricmp
wcscpy
atol
atoi
fwrite
fclose
fopen
strcmp
_stat
free
_ftol
_CIacos
memcmp
_strnicmp
_strlwr
_adjust_fdiv
malloc
_initterm
_onexit
printf
_CIpow
strncmp
memmove
memcpy
??2@YAPAXI@Z
__CxxFrameHandler
memset
sprintf
strlen
strrchr
strcpy
time
rename
rand
srand
_mkdir
_access
abs
strftime
localtime
__dllonexit

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13f12f207a75fb5344e11b7563b3eb77

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

ole32

avifil32

msvfw32

winmm

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 71KB - Virtual size: 71KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 41KB

.SHARDAT Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 71KB - Virtual size: 71KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 41KB

.SHARDAT
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 5KB