9b0856fd5d455947011fe33027cc1a35b5c215a45ac2c128ed04de77ce3dedf8

Sharing

Copy URL

Twitter E-mail

General

Target

9b0856fd5d455947011fe33027cc1a35b5c215a45ac2c128ed04de77ce3dedf8
Size

194KB
MD5

002d053b5f2c779056803825691bd13a
SHA1

b981656bfc4637a8b3249b20293c85ff1ca11603
SHA256

9b0856fd5d455947011fe33027cc1a35b5c215a45ac2c128ed04de77ce3dedf8
SHA512

2124bea4875c0a6e4981402d829e2cb071aca6ab5051260594c916dfcaf315cd50efb9938012f0109d1ce91b2a420fe768fc26e286db58559e9916fcb8e81666
SSDEEP

3072:B/ruoZtbRPuLNMXgSrayXVE9y4qQDHg2EPkoTrEsjHZvQ3hl43vpMvSGWqB2nUY:JZHuhDylEtDAvPJTrF5vQ37IMS

Score

N/A

Malware Config

Signatures

Files

9b0856fd5d455947011fe33027cc1a35b5c215a45ac2c128ed04de77ce3dedf8
.dll windows x86

f47fc45fca385139c6a3a4d840834f73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundW
timeGetTime

ole32

CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx
CoUninitialize
CoTaskMemAlloc

msimg32

GradientFill
AlphaBlend

user32

IsDialogMessageW
CreateDialogParamW
DispatchMessageW
TranslateMessage
PeekMessageW
ShowWindow

shell32

DragFinish
DragAcceptFiles
DragQueryFileW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
CreateBitmap
CreatePen
DeleteObject
CreateRectRgn

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

kernel32

EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
MultiByteToWideChar
LCMapStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
HeapSize
DecodePointer
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
HeapAlloc
HeapReAlloc
HeapFree
GetTickCount
CreateIoCompletionPort
CloseHandle
GetLastError
GetQueuedCompletionStatus
InterlockedIncrement
lstrlenA
IsBadStringPtrA
IsBadReadPtr
GetProcessHeap
IsBadCodePtr
GetModuleHandleA
VirtualQuery
GetSystemInfo
HeapDestroy
HeapCreate
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection

Exports

Exports

Main

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f47fc45fca385139c6a3a4d840834f73

Headers

DLL Characteristics

File Characteristics

Imports

winmm

ole32

msimg32

user32

shell32

gdi32

winspool.drv

kernel32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 142KB - Virtual size: 141KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 142KB - Virtual size: 141KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB