f99d89f164033320de2ef8c20546115818cc1b4848bd699256626926d8e732f0

Sharing

Copy URL Twitter E-mail

General

Target

f99d89f164033320de2ef8c20546115818cc1b4848bd699256626926d8e732f0
Size

445KB
MD5

0de4fbb517edfca1e0a91c3f4d8c5919
SHA1

330535b08ca7655d66ff3bb28ec8d93b3c06922a
SHA256

f99d89f164033320de2ef8c20546115818cc1b4848bd699256626926d8e732f0
SHA512

01e07f54c33cd810bb4c8e2a188539c16feac3ede4ce8d3eaa6b99b25053cf5e7ce84927fef3a09d730266ae1e3732446c40ec3886d4a9b42d9ea4a0f410d77f
SSDEEP

12288:DyokFzRkYVhvdQxQ4OxXMd1Hdca+/356t:9it3tdFcjHdo356

Score

N/A

Malware Config

Signatures

Files

f99d89f164033320de2ef8c20546115818cc1b4848bd699256626926d8e732f0
.dll windows x86

b7e66457b3115b9c637439ac2a6d9b2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterDeviceNotification
DefWindowProcA
DestroyWindow
DispatchMessageA
FindWindowA
GetMessageA
IsWindow
PostQuitMessage
RegisterClassA
RegisterDeviceNotificationA
UpdateWindow
CreateWindowExA
TranslateMessage
SendMessageA

advapi32

RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegQueryValueExA

msvcrt

_chmod
_fdopen
_fstat
_getcwd
_stat
_strdup
_umask
_unlink
sprintf

kernel32

HeapAlloc
HeapCreate
WideCharToMultiByte
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
HeapDestroy
HeapFree
HeapReAlloc
WriteFile
GetLastError
Sleep
SetHandleCount
RtlUnwind
ReleaseMutex
ProcessIdToSessionId
MultiByteToWideChar
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
CloseHandle
CreateFileA
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetFileType
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetTickCount
GetVersion
InitializeCriticalSection

gdi32

GetStockObject

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

Exports

Exports

Concat
GetMagicNumber
InPlaceFloorDivide
NormalizeException
ParseFileFlagsEx
_InterruptOccurred
set_add_alpha
write_init_2

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7e66457b3115b9c637439ac2a6d9b2b

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

kernel32

gdi32

setupapi

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 213KB - Virtual size: 213KB

.data Size: 108KB - Virtual size: 108KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 213KB - Virtual size: 213KB

.data
Size: 108KB - Virtual size: 108KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB