3d0a3135839fc9598f18e80d21b288d1a1434c4722093db0673d1e92a8f47378

Sharing

Copy URL Twitter E-mail

General

Target

3d0a3135839fc9598f18e80d21b288d1a1434c4722093db0673d1e92a8f47378
Size

276KB
MD5

2ef057493e7dbf6d845c5f1a79cd2fcf
SHA1

6ef48be6a1c9d542bbed4be5a05ee5430d0617cf
SHA256

3d0a3135839fc9598f18e80d21b288d1a1434c4722093db0673d1e92a8f47378
SHA512

eb4f80595e73c8ea034d8f3a7a596cb23d4ea5b30b3f9386192c3fe9e4a03bb18f5b65e83bc562df2901db0b3395c32be10238e9742ba15acc4976840ae4fd57
SSDEEP

6144:DwXRwWNKEtITCop/h16hSkPUXyBzI5T//XFztFBSeeQURun+Z:DwXRvEK8IUkcme/1tFSAn+

Score

N/A

Malware Config

Signatures

Files

3d0a3135839fc9598f18e80d21b288d1a1434c4722093db0673d1e92a8f47378
.dll windows x86

ec5470e4107afd657c28c607862a4ee8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
SHAddToRecentDocs
SHBindToParent
SHFreeNameMappings
SHGetSpecialFolderLocation
SHInvokePrinterCommandA
SHLoadNonloadedIconOverlayIdentifiers
DuplicateIcon

user32

SetCapture
SetActiveWindow
SendMessageA
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RedrawWindow
PtInRect
MessageBoxA
MapDialogRect
LockSetForegroundWindow
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
InflateRect
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
GetParent
SetCaretBlinkTime
GetGUIThreadInfo
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetCursorPos
GetClientRect
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EnumDesktopWindows
EndPaint
EndDialog
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
DdeAddData
CreateWindowExA
CreateAcceleratorTableA
CheckRadioButton
CharNextA
BeginPaint
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
wsprintfA
GetMenuItemID

ddraw

GetSurfaceFromDC
DirectDrawCreateClipper
DDGetAttachedSurfaceLcl
DDInternalUnlock

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

kernel32

LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
GlobalUnlock
GlobalHandle
GetVersionExA
GetTickCount
GetThreadLocale
LocalFlags
GetProcessPriorityBoost
GetProcAddress
GetModuleHandleA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
LockResource
QueryPerformanceCounter
RaiseException
ResumeThread
SetLastError
SizeofResource
VirtualAlloc
VirtualProtect
WideCharToMultiByte
WinExec
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
GetSystemTimeAsFileTime

Exports

Exports

ConvertMeshSubsetToStrips
CreateFontIndirectA
SaveSurfaceToFileInMemory
StartCompressBuffer
VecSaveMemory

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec5470e4107afd657c28c607862a4ee8

Headers

File Characteristics

Imports

shell32

user32

ddraw

advapi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 138KB - Virtual size: 137KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 138KB - Virtual size: 137KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 3KB - Virtual size: 3KB