1a8f452475f58038770535fdb4f2e74088aa68609aa8d5391be55e846ba601d5

Sharing

Copy URL

Twitter E-mail

General

Target

1a8f452475f58038770535fdb4f2e74088aa68609aa8d5391be55e846ba601d5
Size

111KB
MD5

2279e8051b80d09f0e83a55dc40db7f0
SHA1

ac37220535394b65987be70dc6e21bd376b00a98
SHA256

1a8f452475f58038770535fdb4f2e74088aa68609aa8d5391be55e846ba601d5
SHA512

d86da0fd1a5ed22d11fbb1021cfb3aa5a4d5239a780362cccee5e5af3b393783821c0b25609f1b3d679ac9458e5dc387d4da929fbab454dcdb546d6a4cd1a381
SSDEEP

1536:dhcJi/TXiNFS9PBiebUrVvgvJIBs+WvHUTLfQsp9P5ju7/a9Z9mJ1:HLiNFGTbUBvgRIOvH+LTPFuDa9Z61

Score

N/A

Malware Config

Signatures

Files

1a8f452475f58038770535fdb4f2e74088aa68609aa8d5391be55e846ba601d5
.dll windows x86

86d260b6bce821530f4b1572ea271af8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext

kernel32

UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
GetVersionExA
GetLocalTime
CopyFileA
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
ReadProcessMemory
VirtualQueryEx
GlobalFree
CreateFileMappingA
GlobalHandle
LoadLibraryA
CloseHandle
DeleteFileA
CreateFileA
GetFileSize
WriteFile
GetModuleFileNameA
CreateThread
GetModuleHandleA
GetTickCount
VirtualProtect
InterlockedExchange
Sleep
GetProcAddress
GetCurrentProcess
ReadFile
GlobalUnlock
GetTempPathA
GetCurrentProcessId

user32

GetDC
ReleaseDC
SetRect
SendMessageA
GetWindowThreadProcessId
PeekMessageA
DispatchMessageA
FindWindowExA
GetWindowTextA
GetWindowRect
GetForegroundWindow
TranslateMessage

gdi32

SelectObject
GetObjectA
BitBlt
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance

avifil32

AVIMakeCompressedStream
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamWrite
AVIFileInit
AVIStreamSetFormat
AVISaveOptionsFree
AVIFileCreateStreamA
AVIFileOpenA

msvfw32

ord2

winmm

waveInOpen
waveInAddBuffer
waveInClose
waveOutOpen
waveOutWrite
waveOutClose

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

vsprintf
strstr
_memicmp
strncpy
wcslen
_stricmp
strcat
atol
atoi
fwrite
fclose
fopen
wcscpy
_stat
free
_ftol
_CIacos
strcmp
_strnicmp
_strlwr
_adjust_fdiv
malloc
_initterm
_onexit
printf
_CIpow
strncmp
memmove
memcpy
??2@YAPAXI@Z
time
__CxxFrameHandler
memset
sprintf
strlen
strrchr
strcpy
rename
rand
srand
_mkdir
_access
abs
strftime
localtime
memcmp
__dllonexit

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86d260b6bce821530f4b1572ea271af8

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

advapi32

ole32

avifil32

msvfw32

winmm

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 41KB

.SHARDAT Size: 4KB - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 41KB

.SHARDAT
Size: 4KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 5KB