3785145a3c628a36b8c44f1fe9615b07ae94c2e4b50a35128770bbc7d97929d4

Sharing

Copy URL

Twitter E-mail

General

Target

3785145a3c628a36b8c44f1fe9615b07ae94c2e4b50a35128770bbc7d97929d4
Size

373KB
MD5

e15f12b9f21da0e7f9e985cbeead6d46
SHA1

3106461a518ad16736c4c8f3c8db83c41cfa6f2d
SHA256

3785145a3c628a36b8c44f1fe9615b07ae94c2e4b50a35128770bbc7d97929d4
SHA512

2fabe3a5e69f1a5bd03c8ba3aa400ac2b5199e7382447d29ea2cbb1cd06f62db0eaebb9db38b923989287418bf67ff699f083e662c4d253824794bcefc4a54e5
SSDEEP

6144:rBr+MxKVENsNM+kssGhKNS4/E0QZgoQ92uHfBQN+9+Tqgzda:rBr9NsNMFGhKFKZ1QU6S7TNpa

Score

N/A

Malware Config

Signatures

Files

3785145a3c628a36b8c44f1fe9615b07ae94c2e4b50a35128770bbc7d97929d4
.dll windows x86

7614cd90667ca207daa2cced681ab99a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wctomb
wcsstr
wcsrchr
wcsncpy
wcsncmp
wcschr
tolower
time
swprintf
strtoul
strstr
strrchr
strncmp
strchr
sprintf
realloc
rand
printf
memset
memcpy
mbtowc
malloc
localeconv
isxdigit
iswprint
iswctype
isupper
isspace
isleadbyte
isdigit
isalpha
gmtime
free
fprintf
fopen
ferror
fclose
clock
calloc
atoi
_wcsicmp
_unlock
_strtime
_strrev
_strnicmp
_strlwr
_stricmp
_snprintf
_read
_purecall
_lseeki64
_lsearch
_lock
_itoa
_ismbblead
_isatty
_iob
_initterm
_fileno
__badioinfo
__dllonexit
__mb_cur_max
__pioinfo
_errno
_atoi64
_amsg_exit
_XcptFilter

dbghelp

SymInitialize
SymGetTypeInfo
SymFunctionTableAccess
SymFindFileInPath
SymEnumerateSymbolsW64
SymEnumSymbols
SymCleanup
ImageRvaToVa
FindExecutableImageEx

user32

DispatchMessageA
EnumChildWindows
GetWindowThreadProcessId
GetClassNameA
wsprintfW
TranslateMessage
SetWindowTextA
PeekMessageA
EnumWindows

kernel32

CreateFileMappingA
CreateFileA
CompareFileTime
HeapFree
lstrlenA
lstrcmpA
WriteFile
WideCharToMultiByte
WaitForMultipleObjectsEx
VirtualQuery
VirtualFreeEx
VirtualAllocEx
VirtualAlloc
UnregisterWaitEx
UnmapViewOfFile
TerminateProcess
SystemTimeToFileTime
SetNamedPipeHandleState
SetFilePointer
SetFileApisToANSI
SearchPathA
RtlUnwind
ReadFile
QueryPerformanceCounter
OutputDebugStringA
MultiByteToWideChar
MapViewOfFile
LockResource
LockFileEx
LocalFree
LoadResource
LoadLibraryA
IsBadStringPtrA
InterlockedExchange
InterlockedCompareExchange
CreateTapePartition
HeapAlloc
GetVersionExW
GetVersionExA
GetVersion
GetTickCount
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetPriorityClass
GetModuleHandleA
GetLocalTime
GetLastError
GetFileSize
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
GetCPInfo
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindClose
ExitProcess
CloseHandle

ole32

CoInitialize
CoCreateInstance
CoUninitialize

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

CreateMesh
GetDefaultServer
GetNextColumnName
LoadVolumeFromMemory
QuaternionBaryCentric
SHScale

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7614cd90667ca207daa2cced681ab99a

Headers

File Characteristics

Imports

msvcrt

dbghelp

user32

kernel32

ole32

advapi32

version

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 175KB - Virtual size: 175KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 175KB - Virtual size: 175KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 3KB - Virtual size: 3KB