fba82e62ed12c0fb611d21329eab150502ae266b0b881c9b2279be20a7e2feda

Sharing

Copy URL Twitter E-mail

General

Target

fba82e62ed12c0fb611d21329eab150502ae266b0b881c9b2279be20a7e2feda
Size

620KB
MD5

14b015d767299441e9f1ec410c6b4ff0
SHA1

e69bf39a209df3d6c7724e7039efebe2ad16d49d
SHA256

fba82e62ed12c0fb611d21329eab150502ae266b0b881c9b2279be20a7e2feda
SHA512

cf786d4f98e4dae4540f09bacce9c4a64870a359147355a4752d8f53326d251c82de157ef349d15ef7cad44d88deeb3948491bc9cff2e619827730d311341379
SSDEEP

12288:mthCD0pMXuMA5ThlLx5dTIpO6JXOjOYAV19ccnku:mn2A5NlLdTII/AVzNnk

Score

N/A

Malware Config

Signatures

Files

fba82e62ed12c0fb611d21329eab150502ae266b0b881c9b2279be20a7e2feda
.dll windows x86

76370ad1cfae8a913526434ec717cd8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleInformation

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpynA
InterlockedIncrement
GetCurrentProcess
GetModuleHandleA
GetTickCount
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess

user32

MessageBoxA
GetAsyncKeyState

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADU_Size_type_nosscl@01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcr80

_CIatan2
_CIcos
_CIfmod
_CIsin
_CIsqrt
memset
_purecall
vsprintf_s
_CxxThrowException
_CIasin
memmove_s
__CxxFrameHandler3
_strnicmp
sprintf
_CIexp
strrchr
strstr
_splitpath
??0exception@std@@QAE@XZ
sprintf_s
sscanf_s
atof
atoi
strncmp
tolower
ldiv
sscanf
vsprintf
srand
rand
_unlock
_encode_pointer
__dllonexit
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
free
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
exit
strncpy
_stricmp
_strlwr
??0exception@std@@QAE@ABV01@@Z
memcpy

Exports

Exports

CreateEntitySystem
CryModuleGetMemoryInfo

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

76370ad1cfae8a913526434ec717cd8f

Headers

File Characteristics

Imports

psapi

kernel32

user32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 440KB - Virtual size: 437KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 428B

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 60KB - Virtual size: 60KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 440KB - Virtual size: 437KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 428B

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 60KB - Virtual size: 60KB

.rmnet
Size: 60KB - Virtual size: 60KB