d9c1acea337997ebd566604983a32ef1b5782a9374c033f7b6a9b45e252852a6

Sharing

Copy URL Twitter E-mail

General

Target

d9c1acea337997ebd566604983a32ef1b5782a9374c033f7b6a9b45e252852a6
Size

305KB
MD5

0da350703b8ff7698f2246c8acb11b90
SHA1

6234d12f7c24f09a5f5e7fe0726ffe61e288c6d7
SHA256

d9c1acea337997ebd566604983a32ef1b5782a9374c033f7b6a9b45e252852a6
SHA512

577982fdcf23ff8a0580e2d194237e5161133758fdb982a9c3cf804a670b4e4b7a59b422f35cce2490602a04ad1b55dfcde50ff82cb10691472f7cafbd5091a4
SSDEEP

6144:nIEvBWjiPCZehWNlHPgM+4He9LWxUsVZxamllOAhIsr:nIaWMM+LLWSSx9Zasr

Score

N/A

Malware Config

Signatures

Files

d9c1acea337997ebd566604983a32ef1b5782a9374c033f7b6a9b45e252852a6
.dll windows x86

41fc7eb46f7ac4807d991e6825a31332

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
??1type_info@@UAE@XZ
_lfind
iswspace
_fcvt
_wtoi
strncpy
strcpy
atof
_splitpath
_wsplitpath
memcmp
_itow
vswprintf
bsearch
abs
realloc
towupper
_wmakepath
memmove
wcsstr
swprintf
memcpy
free
malloc
strchr
_vsnprintf
_vsnwprintf
wcsrchr
wcsncpy
wcscat
strcat
wcscpy
strlen
_beginthreadex
wcslen
_wcsnicmp
memset
wcscmp
_wcsicmp
wcschr
qsort
__CxxFrameHandler
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException

kernel32

RaiseException
InterlockedExchange
CloseHandle
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
MapViewOfFile
OpenFileMappingW
UnmapViewOfFile
GetDriveTypeW
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
DeleteFileW
CreateFileW
SetLastError
SetErrorMode
GetModuleHandleW
SetEndOfFile
FlushFileBuffers
UnlockFileEx
UnlockFile
LockFileEx
LockFile
SetFilePointer
ReadFile
WriteFile
GetVolumeInformationW
GetLogicalDriveStringsW
GetFileInformationByHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchangeAdd
WideCharToMultiByte
LocalFree
FormatMessageW
GetProcAddress
GetLastError
SetEvent
GetCurrentProcessId
GetCurrentThreadId
CreateEventW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
MultiByteToWideChar
GetTickCount
LocalAlloc

Exports

Exports

?MouseHook@@YGJHIJ@Z
CommandeComposante
Execution
InfoComposante
bInitWLCalcFromVM
bInitWLConvFromVM
pQueryProxy

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41fc7eb46f7ac4807d991e6825a31332

Headers

File Characteristics

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 14KB - Virtual size: 13KB

.text Size: 166KB - Virtual size: 168KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 166KB - Virtual size: 168KB